chore: move organizatinon sync to runtime configuration (#15431)

Moves the configuration from environment to database backed, to allow configuring organization sync at runtime.
2025-07-13 21:36:50 +00:00 · 2024-11-08 08:44:14 -06:00
parent 7b33ab0dcf
commit 782214bcd8
28 changed files with 883 additions and 280 deletions
--- a/enterprise/coderd/scim.go
+++ b/enterprise/coderd/scim.go
@ -281,7 +281,13 @@ func (api *API) scimPostUser(rw http.ResponseWriter, r *http.Request) {
 	// the default org, regardless if sync is enabled or not.
 	// This is to preserve single org deployment behavior.
 	organizations := []uuid.UUID{}
-	if api.IDPSync.AssignDefaultOrganization() {
+	//nolint:gocritic // SCIM operations are a system user
+	orgSync, err := api.IDPSync.OrganizationSyncSettings(dbauthz.AsSystemRestricted(ctx), api.Database)
+	if err != nil {
+		_ = handlerutil.WriteError(rw, xerrors.Errorf("failed to get organization sync settings: %w", err))
+		return
+	}
+	if orgSync.AssignDefault {
 		//nolint:gocritic // SCIM operations are a system user
 		defaultOrganization, err := api.Database.GetDefaultOrganization(dbauthz.AsSystemRestricted(ctx))
 		if err != nil {