[AC-1638] Disallow Secrets Manager for MSP-managed organizations (#3297)

* Block MSPs from creating orgs with SM * Block MSPs from adding SM to a managed org * Prevent manually adding SM to an MSP-managed org * Revert "Prevent manually adding SM to an MSP-managed org" This change is no longer required This reverts commit 51b086243b. * Block provider from adding org with SM * Update error message when adding existing org with SM to provider * Update check to match client * Revert "Update check to match client" This reverts commit f195c1c1f6.
2025-07-01 08:02:49 -05:00 · 2023-10-13 00:56:50 +10:00
parent 79648b311e
commit 53f5eee215
6 changed files with 82 additions and 3 deletions
--- a/src/Core/Services/Implementations/OrganizationService.cs
+++ b/src/Core/Services/Implementations/OrganizationService.cs
@ -410,6 +410,11 @@ public class OrganizationService : IOrganizationService
        var secretsManagerPlan = StaticStore.SecretManagerPlans.FirstOrDefault(p => p.Type == signup.Plan);
        if (signup.UseSecretsManager)
        {
+            if (provider)
+            {
+                throw new BadRequestException(
+                    "Organizations with a Managed Service Provider do not support Secrets Manager.");
+            }
            ValidateSecretsManagerPlan(secretsManagerPlan, signup);
        }