From 8ac7d1b0869419f5ed5c13548919b66de9b77a61 Mon Sep 17 00:00:00 2001 From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Fri, 22 May 2026 21:17:07 +0000 Subject: [PATCH] fix: hide default templates for BYOC teams (clusterID != nil) When a team has a clusterID defined (BYOC customer), the /templates/defaults endpoint now returns an empty list instead of showing E2B public templates that aren't available in their cluster. Changes: - Add team auth to /templates/defaults endpoint in OpenAPI spec - Check team.ClusterID in handler; return empty when non-nil - Regenerate api.gen.go Co-Authored-By: ben@e2b.dev --- .../dashboard-api/internal/api/api.gen.go | 114 +++++++++--------- .../internal/handlers/templates_defaults.go | 10 ++ spec/openapi-dashboard.yml | 2 + 3 files changed, 71 insertions(+), 55 deletions(-) diff --git a/packages/dashboard-api/internal/api/api.gen.go b/packages/dashboard-api/internal/api/api.gen.go index 94b4a35bcb..01bbd3e5a2 100644 --- a/packages/dashboard-api/internal/api/api.gen.go +++ b/packages/dashboard-api/internal/api/api.gen.go @@ -935,8 +935,12 @@ func (siw *ServerInterfaceWrapper) GetTemplatesDefaults(c *gin.Context) { c.Set(string(Supabase1TokenAuthScopes), []string{}) + c.Set(string(Supabase2TeamAuthScopes), []string{}) + c.Set(string(AuthProviderBearerAuthScopes), []string{}) + c.Set(string(AuthProviderTeamAuthScopes), []string{}) + for _, middleware := range siw.HandlerMiddlewares { middleware(c) if c.IsAborted() { @@ -998,61 +1002,61 @@ func RegisterHandlersWithOptions(router gin.IRouter, si ServerInterface, options // const string: with thousands of chunks the chained `+` fold is several // times slower for the Go compiler than parsing a slice literal. var swaggerSpec = []string{ - "7Fzpb9y6Ef9XCLVAv8heH0nR+pvXTl6MJq1hJw8FDMPhSrO7fJFIPZJyss/d/73gKWlFHesL9kM+JZZ4", - "zPGb0cxwuHdRwvKCUaBSREd3UYE5zkEC13/NSpKlNyRV/09BJJwUkjAaHUVnKVBJ5gQ4YnMkl4D02N0o", - "joh6X2C5jOKI4hyio2qdOOLwe0k4pNGR5CXEkUiWkGO1wZzxHMvoKCpLPVKuCjVXSE7oIlqvY7/MDeM3", - "EvIiwxLapP1H/wdnaE4yCRzNVoY2RDzNMXLTGw8Zr57jjGDh2fm9BL5q89MgpM5LN+2iTfAJy3O8I0DJ", - "XkKKMiKkkqqh+uxUIMnQAiQSEstSgEBzxhVp8KPIWArR0RxnAvpJFb2yJxJyMUIJcZTjH2dm8P7enn+P", - "Ocdq05KS30uwA9Qm6zgScpWpMWrpyEvC8bKtOLwMJEOEJlmZwlhR+C2DnP+Vwzw6iv4yqQxiYoaJyVRt", - "famnKw4aTHdxKG6SkgvGAwzq54iDLDmFVAFUGVDB4ZawUhiGOYiCUQGIUPQ14aBEcYPl/5w+vyKjqi6I", - "2s1HgFLcZCQnsk3nJ/yD5GWOaJnPjJ1rYSnJG9pRARwVeAFdRJiF6zSkMMdlJqOjt3txBTZC5eFBpMGl", - "drTYygm1f3mREyphAVwTLzBNZ+zH2ekY72QHd/inaqk+I2nLTwLOx+2vRnZsbhd5mGtUi1xm5aJNy2fA", - "ORJZuTB6Eyy77dSXGralCEoB/GzUB0KN7BCBXeQhIlirycZktDm/2dtT/ySMSqAa3LgoMpJgRd/kN6GI", - "vKut32f+7zhn3OzRZHKKU6RIBiGV3b/Z23/6PY9LuVSiNasiMOPU5odPv/l7xmckTYGaHd88/Y7/ZhLN", - "WUlTtePb51DqJfBb4E6wawdCjarjNFX29AmUR7ywmldhE2cFcEkM9iDHJGuA1jwJGW6F+Cs76toPY7Pf", - "INHIOk5zQpXmzzm7JSnwc87mJIOevZtMvVOPEU5TDkKgOWe5tsmE0TlZlBxShEu5RIVdXtkpLbMMz9Qe", - "xhZboUCn6VMJXAVg7w6m2uprQZZaeNib1YXifcP20hEfGftWFpr3F6AscWG8bycphlXxoIAsJ9T9OSI6", - "C8pabM2Vdrttfgo7YnSc1QnzVtC1QbjfKUS5jt7O6Jy1KbSB1XEg+tGzkB6g/KwkOQiJ80IFZBfvTw4P", - "D/9ZC8G8mlIsYUcNDulqTigRy979WF5kMLRjjMgcucU6tx80YPX1FaGIweZA+j3ikOk4XDIkl0SYOFxT", - "gG8x0Tvoz7pTcHubMB218FkH1tvF4GbSJxACLwJJ4HtMspIDys0A9H0J1OYOiAj0dY5JBunXGDG5BP6d", - "CEBfFZ1fR3i+DexVGGoo2PO1SWsnRC+9HELIsMTnuCggVThAKRbLGcM8RUlGlKx0IkRVxHxlQntFbhwZ", - "XhUdZZKAqBtJpaQaBcpBtE3lhWF3y6LEoBt95SDUTHnABWA4iD7xkQjZ7ctTLMfny2opSPWyoXyZwg95", - "0p8cS4YKLIRxOoDUDJcX64+nLtYYYSk8KfmBkillZqzLSreTomayQV+3uC5tNaFbZLMKLCE3+zFY16h7", - "0pFI1PY69IVsEhNi6+T8ywkracC8T86/oIRxU3iqp9NRM4f/+5uoP2uPoxPtLFUM3RkFmZzwTgU2H4Eu", - "5DI6Onj7Vi/s/t4fUqReI8Tkqak/fK5VD5u767rfFiHLxoLHanoI81r+Xr6tykdbUnqCCa8HnVcjjBkX", - "igC9TX8FLojJmUb629bjopxlJKm9mjGWAdb5Icf5p9kmtxojbW5Fgb/ToHg6JkgmcXZKxLdL8gd0bNPB", - "VG2V26QoR20YcrcOKpWuHM924TaVcSNasMJrgKMhihEINoALwzgcjamgrsAJjFD7Btdm0RFE9ThFVy6/", - "t4UNerpqhyClThnTtp9T75Agf8Cmn1NRzCcy7XV3eyF8mSJDO+3QpepWjq4GI/VuN4rHuIi8K/AwK9nX", - "u4OprCanWi4ktg+AM7nsVmsnKR/KHNMdDjhVOENLvQ5KlpB8QxxEmclh+voIq4caP9O7nyFyg+LuQ8LP", - "jXM+s23BQQCV9b38ceDZ6W7Us8G4CrgbPYx4o4DqZLG2T2deGXdloiGz+QQ546uQEzRv7uMB9w/+EfJS", - "l2aFC0gYT3u+VBtlbq2XDcEFY5+i9HFDHy59eLuOo7TxEej9+FQj1TyWY0IDxo0FIPNSQYlDQ3SS4/mc", - "JArPWCfgRGF2BHzzmpL6iPTKvOepWIex8w7X+Znk1lDrXH7HAtlJox2mkKwott9ET7q3W/S2dLqNzZqa", - "+fclSZZKkXWirNkNGnVt47hx5FjJugbnmvobgA1Zc3UmEbCvNIV0ugrlEYOiGs4rBpfw5fWOz9PgV4eI", - "U3dm3E4yQm7Tle+riXVG+sUn+iIcPWB02FrTyVDE6pbuos2fG3TRNlKUwh4QjyklqaEher4UaTuBzwk9", - "rxG0Hz9GSh+7qv45SWTJ4QvPxqUsvTQ/UISOk8eitSX4zsrFFwFcsRCoM2Us+QbpBWAxMpm/T73g4XY8", - "xZRCGq4VEDE1XHS97nECsekzGbRIJ8GPZvRja7PTvuJIEuOZx+o/dp0YemLl0tpk1SVXk3G8AYqmN7Ti", - "GnKLG/IKZLE0KTkHKm2IB2Jkbaua6eJwU1MdOV19Ddsln64k2fmcD6zkYmR1Kcc/LkLVq+49fg1UkoKj", - "N31/k7w4KNUeiVWb16j2IupTa2+RBufjv3TeMw1XZtSybZqU6UBSciJXl2pNsL0WOaGf2TfQJ8KaGhWi", - "LQGn2ihs79B/d/TAHT2ykjcuyL9AV17r58lTwBy4W2+m/3rvNGaC8xtpF9LsaUejh1VLL6UsNhdW/A+Q", - "qYbs6HivReJlWeAZFrA/hl03uJtjN+JgBFXVakqDrcWUbog9OpdE6jbHdwdTdOrPHo/Pz6I4unWl5Ghv", - "d393T1HBCqC4INFRdLi7t7un3BeWS63aCVYqm5QC+I47up/MVjv+I1MwE1goUOoCjUqwo3MmpFa2Qpxr", - "P5iu3lnvaI+GpixdPVqX0DatJesm3m37a6Mr7eARG5iGGzJCzU3mCHheZtnK9FWhHMtkSegCOU3smuau", - "vS4CPEcTNajqexsau19r4eofqwbVvUJ0dNX2B1fX6+s4EmWeY76KjiKjEdNw5FhBsxXy7Tx4IXQVW60T", - "Xav1gzi0PZJbwtDG6M8Nw42WolcHQSvs9LWDz+qhib4tQHdnWq/WirwFBED3C7Qx98W1xtVvbVyF+auG", - "TGxHnWLgxTsnK6BXiopfQDYQMQiICgiTGWNSSI6LkY7IomHqp71EWISqGUNA8IIoILVN5C9GwV7amrCa", - "em2oq9U787lNl2X7WH47jQWvIa3jkfN8x8nYGe6iyPjx9hLKk0Iq0Lw0/NGxN28KvCBUNzcagp/UzdgG", - "/aGxhw9DbCiVuLoO5gRX10qTXemRmhTOcFqBFxFSX3CxUqyZgX1Qt4NJ/eZXv0FcVj1R9zMM8RzQazWC", - "jYbfRufXT+xtjz31hW010PWh785hYz2Mv6lv67kf/J4BfbqtfUvApSAxycTuU4LI3g0aGvvmFQPOirEL", - "b6bTpQ9kpqcmekKIbHTtBHDyod6PIzxojKg90/VR+tVEuNrk5M6fZK4n3J/xd/Hsa5qXbpbtC9jWxqrz", - "0yc1smbzwmhDc0fDP03tgabmBMkdSpyteQBac/Mla4u8ppYutGIEwlmmIxVzgI+rq5Q2tUAzyBhdCCRZ", - "jL4TuUTmrARhqgxeH6CgeYYXu1HcBreuqj+lPbdL96MRqbnTrD9j+hQGTT86ArFlRXsgw4p7kuNKIY9f", - "kmt3sj9z8e0+ubQ98LPX0V9kTeXhmDGa0Tx2ZOT6//VCb4fT0O8Fwia7cZfo3X3+vwl7sVWuYnSLM5Ji", - "SejCX3bXDV/INHd0+4uqcLzdB9Df+H9xBRtf062h7M/36dsGka46rGHkMNOLzTvzqxBr85s8MlkGHJx6", - "rCH02f2CxPYI8vHT4zvIdqfQMzvIQNvPEHRLPeUZ/OOfNiE3Qh92vg7gk1pfXVfSUAO5bdN7GNaf0Fdu", - "thGOjs+0a7Cy2P2JplZpMfeK3zoAfETkPMXJbuAXRUY5yv12xNKAlm78rQvvxTi0P23Gepw2BL6VA2wc", - "AaeQgbm20sT0qX7eRvU9T4IdtuMHHA6+GYAhh5zdvlAgvipwXWhBjsKXvQA5sRWL4bqISlnc7+y5Modf", - "xhRC5BIIR/qBq4ASOme6MmJvwnYkOXaZU0fME36CO++hjv4Ot7h/feWSFgsNnPjLsVok9vld4+cizZFw", - "87fxoPHQwK3xwK27vl7/PwAA//8=", + "7Fxbb9s68v8qhP5/YF+UOGnaxW7e4qQ9DbbdDZL2YIEgSGlpbPNUInVIKq1P1t99waski7o4ibPpQZ/a", + "SLzM5TejmeHQ91HC8oJRoFJEx/dRgTnOQQLXf81KkqW3JFX/T0EknBSSMBodR+cpUEnmBDhicySXgPTY", + "/SiOiHpfYLmM4ojiHKLjap044vB7STik0bHkJcSRSJaQY7XBnPEcy+g4Kks9Uq4KNVdITugiWq9jv8wt", + "47cS8iLDEtqk/Uv/B2doTjIJHM1WhjZEPM0xctMbDxmvnuOMYOHZ+b0Evmrz0yCkzks37aJN8CnLc7wn", + "QMleQooyIqSSqqH6/EwgydACJBISy1KAQHPGFWnwvchYCtHxHGcC+kkVvbInEnIxQglxlOPv52bw4cGB", + "f485x2rTkpLfS7AD1CbrOBJylakxaunIS8Lxsq04vAwkQ4QmWZnCWFH4LYOc/z+HeXQc/d+kMoiJGSYm", + "U7X1lZ6uOGgw3cWhuE1KLhgPMKifIw6y5BRSBVBlQAWHO8JKYRjmIApGBSBC0ZeEgxLFLZb/cfr8goyq", + "uiBqNx8BSnGbkZzINp0f8XeSlzmiZT4zdq6FpSRvaEcFcFTgBXQRYRau05DCHJeZjI7fHMQV2AiVR68i", + "DS61o8VWTqj9y4ucUAkL4Jp4gWk6Y9/Pz8Z4Jzu4wz9VS/UZSVt+EnA+bn81smNzu8jjXKNa5CorF21a", + "PgHOkcjKhdGbYNldp77UsC1FUArg56M+EGpkhwjsIo8RwVpNNiajzfn1wYH6J2FUAtXgxkWRkQQr+ia/", + "CUXkfW39PvN/yznjZo8mk1OcIkUyCKns/vXB4e73PCnlUonWrIrAjFObH+1+83eMz0iaAjU7vt79jv9k", + "Es1ZSVO145vnUOoV8DvgTrBrB0KNqpM0Vfb0EZRHvLSaV2ETZwVwSQz2IMcka4DWPAkZboX4azvqxg9j", + "s98g0cg6SXNCleYvOLsjKfALzuYkg569m0y9VY8RTlMOQqA5Z7m2yYTROVmUHFKES7lEhV1e2SktswzP", + "1B7GFluhQKfpUwlcBWBvX0211deCLLXwsDerC8X7hu2lIz4w9rUsNO8vQFni0njfTlIMq+JRAVlOqPtz", + "RHQWlLXYmivtdtv8FHbE6DirE+atoGuDcL9TiHIdvZ3TOWtTaAOrk0D0o2chPUD5WUlyEBLnhQrILt+d", + "Hh0d/b0Wgnk1pVjCnhoc0tWcUCKWvfuxvMhgaMcYkTlyi3VuP2jA6usrQhGDzYH0e8Qh03G4ZEguiTBx", + "uKYA32Gid9Cfdafg9jZhOmrhsw6st4vBzaSPIAReBJLAd5hkJQeUmwHo2xKozR0QEejLHJMM0i8xYnIJ", + "/BsRgL4oOr+M8Hwb2Ksw1FCw52uT1k6IXnk5hJBhic9xUUCqcIBSLJYzhnmKkowoWelEiKqI+dqE9orc", + "ODK8KjrKJAFRN5JKSTUKlINom8oLw+6WRYlBN/qDg1Az5QEXgOEg+sQHImS3L0+xHJ8vq6Ug1cuG8mUK", + "3+Vpf3IsGSqwEMbpAFIzXF6sP566WGOEpfCk5AdKppSZsS4r3U6KmskGfd3iurLVhG6RzSqwhNzsh2Bd", + "o+5JRyJR2+vQF7JJTIit04vPp6ykAfM+vfiMEsZN4ameTkfNHP6vr6P+rD2OTrWzVDF0ZxRkcsJ7Fdh8", + "ALqQy+j41Zs3emH39+GQIvUaISbPTP3hU6162Nxd1/22CFk2FjxR00OY1/L38m1VPtqS0hNMeD3ovBph", + "zLhQBOhd+itwQUzONNLfth4X5SwjSe3VjLEMsM4POc4/zja51RhpcysK/I0GxdMxQTKJszMivl6RP6Bj", + "mw6maqvcJUU5asOQu3VQqXTleLYLt6mMG9GCFV4DHA1RjECwAVwYxuFoTAV1BU5ghNo3uDaLjiCqxym6", + "cvmDLWzQ01U7BCl1ypi2/Zx6hwT5Azb9nIpiPpJpr7s7COHLFBnaaYcuVbdydDUYqXf7UTzGReRdgYdZ", + "yb7eH0xlNTnVciGxvQecyWW3WjtJeV/mmO5xwKnCGVrqdVCyhOQr4iDKTA7T10dYPdT4md79DJEbFHcf", + "En5qnPOZbQsOAqis7+WPA8/P9qOeDcZVwN3oYcQbBVQni7V9OvPKuCsTDZnNR8gZX4WcoHnzEA94+Opv", + "IS91ZVa4hITxtOdLtVHm1nrZEFww9ilKHzf04dKHt+s4Shsfgd6PTzVSzWM5JjRg3FgAMi8VlDg0RCc5", + "ns9JovCMdQJOFGZHwDevKamPSK/MB56KdRg773Cdn0huDbXO5TcskJ002mEKyYpi+030pAe7RW9LZ9vY", + "rKmZf1uSZKkUWSfKmt2gUdc2jhtHjpWsa3Cuqb8B2JA1V2cSAftKU0inq1AeMSiq4bxicAlfXu/4PA1+", + "dYg4c2fG7SQj5DZd+b6aWGekX3yiL8LRA0aHrTWdDEWsbuku2vy5QRdtI0Up7AHxmFKSGhqi53ORthP4", + "nNCLGkGH8VOk9LGr6l+QRJYcPvNsXMrSS/MjReg4eSpaW4LvrFx8FsAVC4E6U8aSr5BeAhYjk/mH1Ase", + "b8dTTCmk4VoBEVPDRdfrHicQmz6TQYt0EvxgRj+1NjvtK44kMZ55rP5j14mhJ1YurU1WXXI1GccboGh6", + "QyuuIbe4Ia9AFkuTknOg0oZ4IEbWtqqZLg43NdWR09XXsF3y6UqSnc95z0ouRlaXcvz9MlS96t7j10Al", + "KTh60/c3yYuDUu2RWLV5jWovoj619hZpcD7+S+c903BlRi3bpkmZDiQlJ3J1pdYE22uRE/qJfQV9Iqyp", + "USHaEnCqjcL2Dv17Tw/c0yMreeOC/AN05bV+njwFzIG79Wb6r3dOYyY4v5V2Ic2edjR6WLX0Uspic2HF", + "/wCZasiejvdaJF6VBZ5hAYdj2HWDuzl2I16NoKpaTWmwtZjSDbFH55JI3eb49tUUnfmzx5OL8yiO7lwp", + "OTrYP9w/UFSwAiguSHQcHe0f7B8o94XlUqt2gpXKJqUAvueO7iez1Z7/yBTMBBYKlLpAoxLs6IIJqZWt", + "EOfaD6art9Y72qOhKUtXT9YltE1rybqJd9v+2uhKe/WEDUzDDRmh5iZzBDwvs2xl+qpQjmWyJHSBnCb2", + "TXPXQRcBnqOJGlT1vQ2NPay1cPWPVYPqXiE6vm77g+ub9U0ciTLPMV9Fx5HRiGk4cqyg2Qr5dh68ELqK", + "rdaJbtT6QRzaHsktYWhj9OeG4UZL0Q8HQSvs9EcHn9VDE31bgO7etF6tFXkLCIDuF2hj7rNrjavf2rgO", + "81cNmdiOOsXAi3dOVkA/KCp+AdlAxCAgKiBMZoxJITkuRjoii4apn/YSYRGqZgwBwQuigNQ2kb8YBXtp", + "a8Jq6rWhrlbvzOc2XZbtY/ntNBa8hrSOR87zHSdjZ7iLIuPH20soO4VUoHlp+KNjb94UeEGobm40BO/U", + "zdgG/aGxR49DbCiVuL4J5gTXN0qTXemRmhTOcFqBFxFSX3CxUqyZgX1Qt4NJ/eZXv0FcVT1RDzMM8RzQ", + "azWCjYbfRufXT+xtjz31hW010PWh795hYz2Mv6lv63kY/J4BfbqtfUvApSAxycT+LkFk7wYNjX39AwPO", + "irELb6bTpQ9kpqcm2iFENrp2Ajh5X+/HER40RtSe6foo/WoiXG1ycu9PMtcT7s/4u3j2Nc0rN8v2BWxr", + "Y9X56U6NrNm8MNrQ3NHwT1N7pKk5QXKHEmdrHoDW3HzJ2iKvqaVLrRiBcJbpSMUc4OPqKqVNLdAMMkYX", + "AkkWo29ELpE5K0GYKoPXByhonuHFfhS3wa2r6ru053bpfjQiNXea9WdMn8Kg6UdHILasaA9kWHFPclwp", + "5OlLcu1O9mcuvj0kl7YHfvY6+ousqTweM0YzmseOjFz/v17o7XAa+r1A2GQ37hK9u8//F2EvtspVjO5w", + "RlIsCV34y+664QuZ5o5uf1EVjrf7APob/y+uYONrujWU/fk+fdsg0lWHNYwcZnqxeW9+FWJtfpNHJsuA", + "g1OPNYQ+uV+Q2B5BPn56egfZ7hR6ZgcZaPsZgm6ppzyDf/zTJuRG6MPO1wF8Uuur60oaaiC3bXqPw/oO", + "feVmG+Ho+Ey7BiuL/Z9oapUWc6/4rQPAJ0TOLk52A78oMspRHrYjlga0dONvXXgvxqH9aTPWk7Qh8K0c", + "YOMIOIUMzLWVJqbP9PM2qh94EuywHT/icPD1AAw55OzuhQLxhwLXpRbkKHzZC5ATW7EYrouolMX9zp4r", + "c/hlTCFELoFwpB+4Ciihc6YrI/YmbEeSY5c5c8Ts8BPceQ919He4xf3/vFyy+w9si+cGsPxtWi1D+/y+", + "8fuS5gy5+WN60Hho8Nl44NZd36z/GwAA//8=", } // decodeSpec returns the embedded OpenAPI spec as raw JSON bytes, diff --git a/packages/dashboard-api/internal/handlers/templates_defaults.go b/packages/dashboard-api/internal/handlers/templates_defaults.go index aa259f4c9d..bb9ba37029 100644 --- a/packages/dashboard-api/internal/handlers/templates_defaults.go +++ b/packages/dashboard-api/internal/handlers/templates_defaults.go @@ -6,6 +6,7 @@ import ( "github.com/gin-gonic/gin" "go.uber.org/zap" + "github.com/e2b-dev/infra/packages/auth/pkg/auth" "github.com/e2b-dev/infra/packages/dashboard-api/internal/api" "github.com/e2b-dev/infra/packages/shared/pkg/logger" "github.com/e2b-dev/infra/packages/shared/pkg/telemetry" @@ -15,6 +16,15 @@ func (s *APIStore) GetTemplatesDefaults(c *gin.Context) { ctx := c.Request.Context() telemetry.ReportEvent(ctx, "list default templates") + team := auth.MustGetTeamInfo(c) + if team.ClusterID != nil { + c.JSON(http.StatusOK, api.DefaultTemplatesResponse{ + Templates: []api.DefaultTemplate{}, + }) + + return + } + rows, err := s.db.Dashboard.GetDefaultTemplates(ctx) if err != nil { logger.L().Error(ctx, "failed to get default templates", zap.Error(err)) diff --git a/spec/openapi-dashboard.yml b/spec/openapi-dashboard.yml index be8c2102e1..180abbd012 100644 --- a/spec/openapi-dashboard.yml +++ b/spec/openapi-dashboard.yml @@ -1066,7 +1066,9 @@ paths: tags: [templates] security: - Supabase1TokenAuth: [] + Supabase2TeamAuth: [] - AuthProviderBearerAuth: [] + AuthProviderTeamAuth: [] responses: "200": description: Successfully returned default templates.