From e293ffd0ebb3e319942a200804ef95e7c106a9be Mon Sep 17 00:00:00 2001
From: Simon Larsen <simonlarsen@oneuptime.com>
Date: Mon, 4 Aug 2025 14:58:25 +0100
Subject: [PATCH] feat: Remove isEnabled column from ProjectSCIM and update
 related services and migrations

---
 Common/Models/DatabaseModels/ProjectSCIM.ts   | 31 -------------------
 .../1754315774827-MigrationName.ts            | 14 +++++++++
 .../Postgres/SchemaMigrations/Index.ts        |  4 ++-
 Common/Server/Middleware/SCIMAuthorization.ts |  1 -
 Common/Server/Services/ProjectSCIMService.ts  |  4 +--
 5 files changed, 19 insertions(+), 35 deletions(-)
 create mode 100644 Common/Server/Infrastructure/Postgres/SchemaMigrations/1754315774827-MigrationName.ts

diff --git a/Common/Models/DatabaseModels/ProjectSCIM.ts b/Common/Models/DatabaseModels/ProjectSCIM.ts
index 0753d9c268..c333514a16 100644
--- a/Common/Models/DatabaseModels/ProjectSCIM.ts
+++ b/Common/Models/DatabaseModels/ProjectSCIM.ts
@@ -334,37 +334,6 @@ export default class ProjectSCIM extends BaseModel {
   })
   public autoDeprovisionUsers?: boolean = undefined;
 
-  @ColumnAccessControl({
-    create: [
-      Permission.ProjectOwner,
-      Permission.ProjectAdmin,
-      Permission.CreateProjectSSO,
-    ],
-    read: [
-      Permission.ProjectOwner,
-      Permission.ProjectAdmin,
-      Permission.ProjectMember,
-      Permission.ReadProjectSSO,
-    ],
-    update: [
-      Permission.ProjectOwner,
-      Permission.ProjectAdmin,
-      Permission.EditProjectSSO,
-    ],
-  })
-  @TableColumn({
-    isDefaultValueColumn: true,
-    type: TableColumnType.Boolean,
-    title: "Enabled",
-    description: "Is this SCIM configuration enabled?",
-    defaultValue: false,
-  })
-  @Column({
-    type: ColumnType.Boolean,
-    default: false,
-  })
-  public isEnabled?: boolean = undefined;
-
   @ColumnAccessControl({
     create: [],
     read: [
diff --git a/Common/Server/Infrastructure/Postgres/SchemaMigrations/1754315774827-MigrationName.ts b/Common/Server/Infrastructure/Postgres/SchemaMigrations/1754315774827-MigrationName.ts
new file mode 100644
index 0000000000..117b7ea27d
--- /dev/null
+++ b/Common/Server/Infrastructure/Postgres/SchemaMigrations/1754315774827-MigrationName.ts
@@ -0,0 +1,14 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class MigrationName1754315774827 implements MigrationInterface {
+    name = 'MigrationName1754315774827'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "ProjectSCIM" DROP COLUMN "isEnabled"`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "ProjectSCIM" ADD "isEnabled" boolean NOT NULL DEFAULT false`);
+    }
+
+}
diff --git a/Common/Server/Infrastructure/Postgres/SchemaMigrations/Index.ts b/Common/Server/Infrastructure/Postgres/SchemaMigrations/Index.ts
index 3d42e35c85..8dcfe1c92b 100644
--- a/Common/Server/Infrastructure/Postgres/SchemaMigrations/Index.ts
+++ b/Common/Server/Infrastructure/Postgres/SchemaMigrations/Index.ts
@@ -147,6 +147,7 @@ import { MigrationName1753377161288 } from "./1753377161288-MigrationName";
 import { AddPerformanceIndexes1753378524062 } from "./1753378524062-AddPerformanceIndexes";
 import { MigrationName1753383711511 } from "./1753383711511-MigrationName";
 import { MigrationName1754304193228 } from "./1754304193228-MigrationName";
+import { MigrationName1754315774827 } from "./1754315774827-MigrationName";
 
 export default [
   InitialMigration,
@@ -297,5 +298,6 @@ export default [
   MigrationName1753377161288,
   AddPerformanceIndexes1753378524062,
   MigrationName1753383711511,
-  MigrationName1754304193228
+  MigrationName1754304193228,
+  MigrationName1754315774827
 ];
diff --git a/Common/Server/Middleware/SCIMAuthorization.ts b/Common/Server/Middleware/SCIMAuthorization.ts
index 8a6ca41c4f..586b7df041 100644
--- a/Common/Server/Middleware/SCIMAuthorization.ts
+++ b/Common/Server/Middleware/SCIMAuthorization.ts
@@ -54,7 +54,6 @@ export default class SCIMMiddleware {
         query: {
           _id: new ObjectID(projectScimId),
           bearerToken: bearerToken,
-          isEnabled: true,
         },
         select: {
           _id: true,
diff --git a/Common/Server/Services/ProjectSCIMService.ts b/Common/Server/Services/ProjectSCIMService.ts
index e8e2b79f48..351b954f7d 100644
--- a/Common/Server/Services/ProjectSCIMService.ts
+++ b/Common/Server/Services/ProjectSCIMService.ts
@@ -2,7 +2,7 @@ import CreateBy from "../Types/Database/CreateBy";
 import { OnCreate } from "../Types/Database/Hooks";
 import DatabaseService from "./DatabaseService";
 import Model from "../../Models/DatabaseModels/ProjectSCIM";
-import Text from "../../Types/Text";
+import ObjectID from "../../Types/ObjectID";
 
 export class Service extends DatabaseService<Model> {
   public constructor() {
@@ -14,7 +14,7 @@ export class Service extends DatabaseService<Model> {
   ): Promise<OnCreate<Model>> {
     if (!createBy.data.bearerToken) {
       // Generate a secure bearer token if not provided
-      createBy.data.bearerToken = "scim_" + Text.generateRandomText(32);
+      createBy.data.bearerToken = ObjectID.generate().toString();
     }
 
     return {