From ddbd9eefedca6e897f71479c308428358f52d24e Mon Sep 17 00:00:00 2001 From: matheus Date: Tue, 30 Apr 2024 08:54:17 -0300 Subject: [PATCH] Replace `isTeam` with new flags (#39794) * Add new flags to modules * Add deprecated comments to isTeam * Make support flag an enum * Add a TODO instead of deprecating flag right away Co-authored-by: Alan Parra * Add gogoproto.jsontag to new fields * remove meaning from enum zero value * Reuse proto.SupportType instead of suping * Replace isTeam for new flags in web app * Update proto file: rename enum 0 value to unspecified;fix json tag casing * Reuse proto file instead of aliasing it * undo removing method by accident * Add MobileDeviceManagement field to web config struct * Improve comments * Fix tests * Simplify lockedFeatures object * Include JoinActiveSessions in the web config object * Remove more instances of isTeam * Apply suggestions from code review - improve comments Co-authored-by: Michelle Bergquist <11967646+michellescripts@users.noreply.github.com> * Use consistent comments to remove isTeam * Update godocs comments * Revert removign `isTeam` from stories it still should * Fix godoc typo Co-authored-by: Michelle Bergquist <11967646+michellescripts@users.noreply.github.com> --------- Co-authored-by: Alan Parra Co-authored-by: Michelle Bergquist <11967646+michellescripts@users.noreply.github.com> --- api/client/webclient/webconfig.go | 23 +++++++++++++- lib/httplib/httpheaders.go | 2 +- lib/httplib/httplib_test.go | 8 ++--- .../externalauditstorage/configurator.go | 2 +- .../externalauditstorage/configurator_test.go | 20 ++++++------- lib/modules/modules.go | 2 +- lib/service/service_test.go | 3 +- lib/web/apiserver.go | 16 +++++++++- lib/web/apiserver_test.go | 22 +++++++++----- .../Integrations/Enroll/IntegrationTiles.tsx | 6 ++-- .../teleport/src/Sessions/useSessions.ts | 3 +- web/packages/teleport/src/Support/Support.tsx | 2 +- .../ButtonLockedFeature.test.tsx | 30 ------------------- .../ExternalAuditStorageCta.test.tsx | 2 +- .../ExternalAuditStorageCta.tsx | 2 +- web/packages/teleport/src/config.ts | 17 +++++++++-- .../teleport/src/services/sales/index.ts | 1 + web/packages/teleport/src/teleportContext.tsx | 13 +++----- web/packages/teleport/src/types.ts | 3 -- 19 files changed, 99 insertions(+), 78 deletions(-) diff --git a/api/client/webclient/webconfig.go b/api/client/webclient/webconfig.go index e86afb6383082..694f126954808 100644 --- a/api/client/webclient/webconfig.go +++ b/api/client/webclient/webconfig.go @@ -77,7 +77,8 @@ type WebConfig struct { HideInaccessibleFeatures bool `json:"hideInaccessibleFeatures"` // CustomTheme is a string that represents the name of the custom theme that the WebUI should use. CustomTheme string `json:"customTheme"` - // IsTeam is true if [Features.ProductType] = Team + // Deprecated: IsTeam is true if [Features.ProductType] = Team + // Prefer checking the cluster features over this flag, as this will be removed. IsTeam bool `json:"isTeam"` // IsIGSEnabled is true if [Features.IdentityGovernance] = true IsIGSEnabled bool `json:"isIgsEnabled"` @@ -85,6 +86,26 @@ type WebConfig struct { // Typically used with feature teasers if feature is not enabled for the // product type eg: Team product contains teasers to upgrade to Enterprise. FeatureLimits FeatureLimits `json:"featureLimits"` + // Questionnaire indicates whether cluster users should get an onboarding questionnaire + Questionnaire bool `json:"questionnaire"` + // IsStripeManaged indicates if the cluster billing & lifecycle is managed via Stripe + IsStripeManaged bool `json:"isStripeManaged"` + // ExternalAuditStorage indicates whether the EAS feature is enabled in the cluster. + ExternalAuditStorage bool `json:"externalAuditStorage"` + // PremiumSupport indicates whether the customer has premium support + PremiumSupport bool `json:"premiumSupport"` + // JoinActiveSessions indicates whether joining active sessions via web UI is enabled + JoinActiveSessions bool `json:"joinActiveSessions"` + // AccessRequests indicates whether access requests are enabled + AccessRequests bool `json:"accessRequests"` + // TrustedDevices indicates whether trusted devices page is enabled + TrustedDevices bool `json:"trustedDevices"` + // OIDC indicates whether the OIDC integration flow is enabled + OIDC bool `json:"oidc"` + // SAML indicates whether the SAML integration flow is enabled + SAML bool `json:"saml"` + // MobileDeviceManagement indicates whether adding Jamf plugin is enabled + MobileDeviceManagement bool `json:"mobileDeviceManagement"` } // featureLimits define limits for features. diff --git a/lib/httplib/httpheaders.go b/lib/httplib/httpheaders.go index 401922e35fff3..1fae246120433 100644 --- a/lib/httplib/httpheaders.go +++ b/lib/httplib/httpheaders.go @@ -201,7 +201,7 @@ var indexCSPStringCache *cspCache = newCSPCache() func getIndexContentSecurityPolicyString(cfg proto.Features, urlPath string) string { // Check for result with this cfg and urlPath in cache - withStripe := cfg.GetProductType() == proto.ProductType_PRODUCT_TYPE_TEAM + withStripe := cfg.GetIsStripeManaged() key := fmt.Sprintf("%v-%v", withStripe, urlPath) if cspString, ok := indexCSPStringCache.get(key); ok { return cspString diff --git a/lib/httplib/httplib_test.go b/lib/httplib/httplib_test.go index 8a4e39a2e50ba..7511fd652cd55 100644 --- a/lib/httplib/httplib_test.go +++ b/lib/httplib/httplib_test.go @@ -295,8 +295,8 @@ func TestSetIndexContentSecurityPolicy(t *testing.T) { }, }, { - name: "for cloud based usage, Team product (with stripe, no wasm)", - features: proto.Features{Cloud: true, IsUsageBased: true, ProductType: proto.ProductType_PRODUCT_TYPE_TEAM}, + name: "for cloud based usage, Stripe managed product (with stripe, no wasm)", + features: proto.Features{Cloud: true, IsUsageBased: true, IsStripeManaged: true}, urlPath: "/web/index.js", expectedCspVals: map[string]string{ "default-src": "'self'", @@ -346,8 +346,8 @@ func TestSetIndexContentSecurityPolicy(t *testing.T) { }, }, { - name: "for cloud based usage & desktop session, Team product (with stripe, with wasm)", - features: proto.Features{Cloud: true, IsUsageBased: true, ProductType: proto.ProductType_PRODUCT_TYPE_TEAM}, + name: "for cloud based usage & desktop session, Stripe managed product (with stripe, with wasm)", + features: proto.Features{Cloud: true, IsUsageBased: true, IsStripeManaged: true}, urlPath: "/web/cluster/:clusterId/desktops/:desktopName/:username", expectedCspVals: map[string]string{ "default-src": "'self'", diff --git a/lib/integrations/externalauditstorage/configurator.go b/lib/integrations/externalauditstorage/configurator.go index c109f76d4cc27..15b388a8659c4 100644 --- a/lib/integrations/externalauditstorage/configurator.go +++ b/lib/integrations/externalauditstorage/configurator.go @@ -182,7 +182,7 @@ func NewDraftConfigurator(ctx context.Context, ecaSvc ExternalAuditStorageGetter func newConfigurator(ctx context.Context, spec *externalauditstorage.ExternalAuditStorageSpec, integrationSvc services.IntegrationsGetter, alertService ClusterAlertService, optFns ...func(*Options)) (*Configurator, error) { // ExternalAuditStorage is only available in Cloud Enterprise - if !modules.GetModules().Features().Cloud || modules.GetModules().Features().IsTeam() { + if !modules.GetModules().Features().Cloud || !modules.GetModules().Features().ExternalAuditStorage { return &Configurator{isUsed: false}, nil } diff --git a/lib/integrations/externalauditstorage/configurator_test.go b/lib/integrations/externalauditstorage/configurator_test.go index 9c306d1a0c3d8..a99cba45e67ea 100644 --- a/lib/integrations/externalauditstorage/configurator_test.go +++ b/lib/integrations/externalauditstorage/configurator_test.go @@ -102,8 +102,8 @@ func TestConfiguratorIsUsed(t *testing.T) { name: "cloud enterprise without config", modules: &modules.TestModules{ TestFeatures: modules.Features{ - Cloud: true, - IsUsageBasedBilling: false, + Cloud: true, + ExternalAuditStorage: true, }, }, wantIsUsed: false, @@ -112,8 +112,8 @@ func TestConfiguratorIsUsed(t *testing.T) { name: "cloud enterprise with only draft", modules: &modules.TestModules{ TestFeatures: modules.Features{ - Cloud: true, - IsUsageBasedBilling: false, + Cloud: true, + ExternalAuditStorage: true, }, }, // Just create draft, External Audit Storage should be disabled, it's @@ -129,8 +129,8 @@ func TestConfiguratorIsUsed(t *testing.T) { name: "cloud enterprise with cluster config", modules: &modules.TestModules{ TestFeatures: modules.Features{ - Cloud: true, - IsUsageBasedBilling: false, + Cloud: true, + ExternalAuditStorage: true, }, }, // Create draft and promote it to cluster. @@ -178,8 +178,8 @@ func TestCredentialsCache(t *testing.T) { modules.SetTestModules(t, &modules.TestModules{ TestFeatures: modules.Features{ - Cloud: true, - IsUsageBasedBilling: false, + Cloud: true, + ExternalAuditStorage: true, }, }) @@ -316,8 +316,8 @@ func TestDraftConfigurator(t *testing.T) { modules.SetTestModules(t, &modules.TestModules{ TestFeatures: modules.Features{ - Cloud: true, - IsUsageBasedBilling: false, + Cloud: true, + ExternalAuditStorage: true, }, }) diff --git a/lib/modules/modules.go b/lib/modules/modules.go index d2d7fd3438893..e599a907fc46a 100644 --- a/lib/modules/modules.go +++ b/lib/modules/modules.go @@ -243,7 +243,7 @@ func (f Features) IGSEnabled() bool { return f.IdentityGovernanceSecurity } -// TODO(mcbattirola): Deprecate IsTeam once it's unused. +// TODO(mcbattirola): remove isTeam when it is no longer used func (f Features) IsTeam() bool { return f.ProductType == ProductTypeTeam } diff --git a/lib/service/service_test.go b/lib/service/service_test.go index bc07c3f6e5a01..6a29d0fee53b7 100644 --- a/lib/service/service_test.go +++ b/lib/service/service_test.go @@ -474,7 +474,8 @@ func TestAthenaAuditLogSetup(t *testing.T) { ctx := context.Background() modules.SetTestModules(t, &modules.TestModules{ TestFeatures: modules.Features{ - Cloud: true, + Cloud: true, + ExternalAuditStorage: true, }, }) diff --git a/lib/web/apiserver.go b/lib/web/apiserver.go index 4a89cd3953585..e6d5af425f146 100644 --- a/lib/web/apiserver.go +++ b/lib/web/apiserver.go @@ -1667,6 +1667,9 @@ func (h *Handler) getWebConfig(w http.ResponseWriter, r *http.Request, p httprou h.log.WithError(err).Error("Cannot read target version") } + // TODO(mcbattirola): remove isTeam when it is no longer used + isTeam := clusterFeatures.GetProductType() == proto.ProductType_PRODUCT_TYPE_TEAM + webCfg := webclient.WebConfig{ Auth: authSettings, CanJoinSessions: canJoinSessions, @@ -1681,13 +1684,24 @@ func (h *Handler) getWebConfig(w http.ResponseWriter, r *http.Request, p httprou AssistEnabled: assistEnabled, HideInaccessibleFeatures: clusterFeatures.GetFeatureHiding(), CustomTheme: clusterFeatures.GetCustomTheme(), - IsTeam: clusterFeatures.GetProductType() == proto.ProductType_PRODUCT_TYPE_TEAM, IsIGSEnabled: clusterFeatures.GetIdentityGovernance(), FeatureLimits: webclient.FeatureLimits{ AccessListCreateLimit: int(clusterFeatures.GetAccessList().GetCreateLimit()), AccessMonitoringMaxReportRangeLimit: int(clusterFeatures.GetAccessMonitoring().GetMaxReportRangeLimit()), AccessRequestMonthlyRequestLimit: int(clusterFeatures.GetAccessRequests().GetMonthlyRequestLimit()), }, + Questionnaire: clusterFeatures.GetQuestionnaire(), + IsStripeManaged: clusterFeatures.GetIsStripeManaged(), + ExternalAuditStorage: clusterFeatures.GetExternalAuditStorage(), + PremiumSupport: clusterFeatures.GetSupportType() == proto.SupportType_SUPPORT_TYPE_PREMIUM, + AccessRequests: clusterFeatures.GetAccessRequests().MonthlyRequestLimit > 0, + TrustedDevices: clusterFeatures.GetDeviceTrust().GetEnabled(), + OIDC: clusterFeatures.GetOIDC(), + SAML: clusterFeatures.GetSAML(), + MobileDeviceManagement: clusterFeatures.GetMobileDeviceManagement(), + JoinActiveSessions: clusterFeatures.GetJoinActiveSessions(), + // TODO(mcbattirola): remove isTeam when it is no longer used + IsTeam: isTeam, } resource, err := h.cfg.ProxyClient.GetClusterName() diff --git a/lib/web/apiserver_test.go b/lib/web/apiserver_test.go index 51b5665c53557..db8e80712206e 100644 --- a/lib/web/apiserver_test.go +++ b/lib/web/apiserver_test.go @@ -4497,11 +4497,12 @@ func TestGetWebConfig(t *testing.T) { PrivateKeyPolicy: keys.PrivateKeyPolicyNone, MOTD: MOTD, }, - CanJoinSessions: true, - ProxyClusterName: env.server.ClusterName(), - IsCloud: false, - AssistEnabled: false, - AutomaticUpgrades: false, + CanJoinSessions: true, + ProxyClusterName: env.server.ClusterName(), + IsCloud: false, + AssistEnabled: false, + AutomaticUpgrades: false, + JoinActiveSessions: true, } // Make a request. @@ -4551,6 +4552,7 @@ func TestGetWebConfig(t *testing.T) { expectedCfg.AutomaticUpgrades = true expectedCfg.AutomaticUpgradesTargetVersion = "v" + teleport.Version expectedCfg.AssistEnabled = false + expectedCfg.JoinActiveSessions = false // request and verify enabled features are enabled. re, err = clt.Get(ctx, endpoint, nil) @@ -4603,6 +4605,9 @@ func TestGetWebConfig_IGSFeatureLimits(t *testing.T) { AccessMonitoring: modules.AccessMonitoringFeature{ MaxReportRangeLimit: 10, }, + IsUsageBasedBilling: true, + IsStripeManaged: true, + Questionnaire: true, }, }) @@ -4619,8 +4624,11 @@ func TestGetWebConfig_IGSFeatureLimits(t *testing.T) { AccessListCreateLimit: 5, AccessMonitoringMaxReportRangeLimit: 10, }, - IsTeam: true, - IsIGSEnabled: true, + IsTeam: true, + IsIGSEnabled: true, + IsStripeManaged: true, + Questionnaire: true, + IsUsageBasedBilling: true, } // Make a request. diff --git a/web/packages/teleport/src/Integrations/Enroll/IntegrationTiles.tsx b/web/packages/teleport/src/Integrations/Enroll/IntegrationTiles.tsx index 5a6bfafda904c..1cb76ff971749 100644 --- a/web/packages/teleport/src/Integrations/Enroll/IntegrationTiles.tsx +++ b/web/packages/teleport/src/Integrations/Enroll/IntegrationTiles.tsx @@ -39,7 +39,7 @@ export function IntegrationTiles({ hasIntegrationAccess?: boolean; hasExternalAuditStorage?: boolean; }) { - const isCloudEnterprise = cfg.isCloud && !cfg.isTeam; + const externalAuditStorageEnabled = cfg.externalAuditStorage; const isOnpremEnterprise = cfg.isEnterprise && !cfg.isCloud; return ( @@ -76,7 +76,7 @@ export function IntegrationTiles({ {!isOnpremEnterprise && ( AWS External Audit Storage {renderExternalAuditStorageBadge( hasExternalAuditStorage, - isCloudEnterprise + externalAuditStorageEnabled )} )} diff --git a/web/packages/teleport/src/Sessions/useSessions.ts b/web/packages/teleport/src/Sessions/useSessions.ts index 3b8e1d3d095d7..e3cb8e148fa27 100644 --- a/web/packages/teleport/src/Sessions/useSessions.ts +++ b/web/packages/teleport/src/Sessions/useSessions.ts @@ -24,6 +24,7 @@ import { context, trace } from '@opentelemetry/api'; import { Session } from 'teleport/services/session'; import Ctx from 'teleport/teleportContext'; +import cfg from 'teleport/config'; const tracer = trace.getTracer('userSessions'); @@ -57,6 +58,6 @@ export default function useSessions(ctx: Ctx, clusterId: string) { sessions, // moderated is available with any enterprise editions showModeratedSessionsCTA: !ctx.isEnterprise, - showActiveSessionsCTA: ctx.lockedFeatures.activeSessions, + showActiveSessionsCTA: !cfg.joinActiveSessions, }; } diff --git a/web/packages/teleport/src/Support/Support.tsx b/web/packages/teleport/src/Support/Support.tsx index 885cf6db0cd1c..fe40920857a96 100644 --- a/web/packages/teleport/src/Support/Support.tsx +++ b/web/packages/teleport/src/Support/Support.tsx @@ -34,7 +34,7 @@ export function SupportContainer({ children }: { children?: React.ReactNode }) { const cluster = ctx.storeUser.state.cluster; // showCTA returns the premium support value for enterprise customers and true for OSS users - const showCTA = cfg.isEnterprise ? ctx.lockedFeatures.premiumSupport : true; + const showCTA = cfg.isEnterprise ? !cfg.premiumSupport : true; return ( { afterEach(() => { jest.resetAllMocks(); - cfg.isTeam = defaultIsTeamFlag; cfg.isEnterprise = defaultIsEnterpriseFlag; }); @@ -59,35 +57,8 @@ describe('buttonLockedFeature', () => { expect(screen.queryByTestId('locked-icon')).not.toBeInTheDocument(); }); - test('it has upgrade-team href for Team Plan', () => { - const version = ctx.storeUser.state.cluster.authVersion; - cfg.isTeam = true; - cfg.isEnterprise = true; - - renderWithContext( - text - ); - expect(screen.getByText('text').closest('a')).toHaveAttribute( - 'href', - `https://goteleport.com/r/upgrade-team?e_${version}&utm_campaign=CTA_UNSPECIFIED` - ); - - renderWithContext( - - othertext - - ); - expect(screen.getByText('othertext').closest('a')).toHaveAttribute( - 'href', - `https://goteleport.com/r/upgrade-team?e_${version}&utm_campaign=${ - CtaEvent[CtaEvent.CTA_ACCESS_REQUESTS] - }` - ); - }); - test('it has upgrade-community href for community edition', () => { const version = ctx.storeUser.state.cluster.authVersion; - cfg.isTeam = false; cfg.isEnterprise = false; renderWithContext( text, @@ -118,7 +89,6 @@ describe('buttonLockedFeature', () => { test('it has upgrade-igs href for Enterprise + IGS Plan', () => { const version = ctx.storeUser.state.cluster.authVersion; - cfg.isTeam = false; cfg.isEnterprise = true; renderWithContext( diff --git a/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.test.tsx b/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.test.tsx index 0f568da2ecdd5..2fbe0a0be1703 100644 --- a/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.test.tsx +++ b/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.test.tsx @@ -51,7 +51,7 @@ describe('externalAuditStorageCta', () => { }); cfg.isCloud = isCloud; - ctx.lockedFeatures.externalCloudAudit = lockedFeature; + cfg.externalAuditStorage = lockedFeature; jest .spyOn(storageService, 'getExternalAuditStorageCtaDisabled') diff --git a/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.tsx b/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.tsx index a44e1b48cd815..d5ce99e151135 100644 --- a/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.tsx +++ b/web/packages/teleport/src/components/ExternalAuditStorageCta/ExternalAuditStorageCta.tsx @@ -40,7 +40,7 @@ import { ButtonLockedFeature } from '../ButtonLockedFeature'; export const ExternalAuditStorageCta = () => { const [showCta, setShowCta] = useState(false); const ctx = useTeleport(); - const featureEnabled = !ctx.lockedFeatures.externalCloudAudit; + const featureEnabled = !cfg.externalAuditStorage; const userHasAccess = ctx.getFeatureFlags().enrollIntegrationsOrPlugins; useEffect(() => { diff --git a/web/packages/teleport/src/config.ts b/web/packages/teleport/src/config.ts index 7a64fb11fdd3e..60dae7397259d 100644 --- a/web/packages/teleport/src/config.ts +++ b/web/packages/teleport/src/config.ts @@ -49,16 +49,29 @@ const cfg = { // IsUsageBasedBilling determines if the user subscription is usage-based (pay-as-you-go). // Historically, this flag used to refer to "Cloud Team" product, // but with the new EUB (Enterprise Usage Based) product, it can mean either EUB or Team. - // Use the `isTeam` config flag to determine if product used is Team. - // EUB can be determined from a combination of existing config flags eg: `isCloud && !isTeam`. + // Prefer using feature flags to determine if something should be enabled or not. + // If you have no other options, use the `isStripeManaged` config flag to determine if product used is Team. + // EUB can be determined from a combination of existing config flags eg: `isUsageBasedBilling && !isStripeManaged`. isUsageBasedBilling: false, hideInaccessibleFeatures: false, customTheme: '', /** * isTeam is true if [Features.ProductType] == Team * @deprecated use other flags do determine cluster features istead of relying on isTeam + * TODO(mcbattirola): remove isTeam when it is no longer used */ isTeam: false, + isStripeManaged: false, + hasQuestionnaire: false, + externalAuditStorage: false, + premiumSupport: false, + accessRequests: false, + trustedDevices: false, + oidc: false, + saml: false, + joinActiveSessions: false, + mobileDeviceManagement: false, + // isIgsEnabled refers to Identity Governance & Security product. // It refers to a group of features: access request, device trust, // access list, and access monitoring. diff --git a/web/packages/teleport/src/services/sales/index.ts b/web/packages/teleport/src/services/sales/index.ts index 42709b19a01a4..8cb3ba32a8f64 100644 --- a/web/packages/teleport/src/services/sales/index.ts +++ b/web/packages/teleport/src/services/sales/index.ts @@ -44,6 +44,7 @@ export function getSalesURL( ) { let url = UPGRADE_COMMUNITY_URL; if (isEnterprise) { + // TODO(mcbattirola): remove isTeam when it is no longer used url = cfg.isTeam ? UPGRADE_TEAM_URL : UPGRADE_IGS_URL; } const params = getParams(version, isEnterprise, event); diff --git a/web/packages/teleport/src/teleportContext.tsx b/web/packages/teleport/src/teleportContext.tsx index b42a54576d78a..400f84ace6bc9 100644 --- a/web/packages/teleport/src/teleportContext.tsx +++ b/web/packages/teleport/src/teleportContext.tsx @@ -72,20 +72,15 @@ class TeleportContext implements types.Context { // lockedFeatures are the features disabled in the user's cluster. // Mainly used to hide features and/or show CTAs when the user cluster doesn't support it. - // TODO(mcbattirola): use cluster features instead of only using `isTeam` - // to determine which feature is locked lockedFeatures: types.LockedFeatures = { - authConnectors: cfg.isTeam, - activeSessions: cfg.isTeam, - premiumSupport: cfg.isTeam, - externalCloudAudit: cfg.isTeam, + authConnectors: !(cfg.oidc && cfg.saml), // Below should be locked for the following cases: - // 1) is team + // 1) feature disabled in the cluster features // 2) is not a legacy and igs is not enabled. legacies should have unlimited access. accessRequests: - cfg.isTeam || (!cfg.isLegacyEnterprise() && !cfg.isIgsEnabled), + !cfg.accessRequests || (!cfg.isLegacyEnterprise() && !cfg.isIgsEnabled), trustedDevices: - cfg.isTeam || (!cfg.isLegacyEnterprise() && !cfg.isIgsEnabled), + !cfg.trustedDevices || (!cfg.isLegacyEnterprise() && !cfg.isIgsEnabled), }; // hasExternalAuditStorage indicates if an account has set up external audit storage. It is used to show or hide the External Audit Storage CTAs. diff --git a/web/packages/teleport/src/types.ts b/web/packages/teleport/src/types.ts index 0c501a44cbfad..40a6419d57e9c 100644 --- a/web/packages/teleport/src/types.ts +++ b/web/packages/teleport/src/types.ts @@ -195,11 +195,8 @@ export interface FeatureFlags { // LockedFeatures are used for determining which features are disabled in the user's cluster. export type LockedFeatures = { authConnectors: boolean; - activeSessions: boolean; accessRequests: boolean; - premiumSupport: boolean; trustedDevices: boolean; - externalCloudAudit: boolean; }; // RecommendFeature is used for recommending features if its usage status is zero.