[SM-896] restricting access to disabled orgs (#3287)

* restricting access to disabled orgs * Unit Test Updates * Update test/Api.IntegrationTest/SecretsManager/Controllers/AccessPoliciesControllerTests.cs Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com> * Covering all test cases * making organization enabled NOT default --------- Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
2025-07-04 01:22:50 -05:00 · 2023-10-16 10:29:02 -04:00
parent 4ff41e9604
commit b772784af3
10 changed files with 417 additions and 264 deletions
--- a/src/Identity/IdentityServer/ClientStore.cs
+++ b/src/Identity/IdentityServer/ClientStore.cs
@ -100,7 +100,7 @@ public class ClientStore : IClientStore
        {
            case ServiceAccountApiKeyDetails key:
                var org = await _organizationRepository.GetByIdAsync(key.ServiceAccountOrganizationId);
-                if (!org.UseSecretsManager)
+                if (!org.UseSecretsManager || !org.Enabled)
                {
                    return null;
                }