Remove accept statuses

2025-03-25 14:05:03 +00:00 · 2023-01-04 21:14:25 +07:00
parent 58830eab79
commit 54676c630e
27 changed files with 65 additions and 157 deletions
--- a/backend/src/controllers/v1/keyController.ts
+++ b/backend/src/controllers/v1/keyController.ts
@ -2,7 +2,6 @@ import { Request, Response } from 'express';
 import * as Sentry from '@sentry/node';
 import { Key } from '../../models';
 import { findMembership } from '../../helpers/membership';
-import { GRANTED } from '../../variables';

 /**
 * Add (encrypted) copy of workspace key for workspace with id [workspaceId] for user with
@ -26,9 +25,6 @@ export const uploadKey = async (req: Request, res: Response) => {
 			throw new Error('Failed receiver membership validation for workspace');
 		}

-		receiverMembership.status = GRANTED;
-		await receiverMembership.save();
-
 		await new Key({
 			encryptedKey: key.encryptedKey,
 			nonce: key.nonce,
--- a/backend/src/controllers/v1/membershipController.ts
+++ b/backend/src/controllers/v1/membershipController.ts
@ -7,7 +7,7 @@ import {
 } from '../../helpers/membership';
 import { sendMail } from '../../helpers/nodemailer';
 import { SITE_URL } from '../../config';
-import { ADMIN, MEMBER, GRANTED, ACCEPTED } from '../../variables';
+import { ADMIN, MEMBER, ACCEPTED } from '../../variables';

 /**
 * Check that user is a member of workspace with id [workspaceId]
@ -175,8 +175,7 @@ export const inviteUserToWorkspace = async (req: Request, res: Response) => {
 		// already a member of the workspace
 		const inviteeMembership = await Membership.findOne({
 			user: invitee._id,
-			workspace: workspaceId,
-			status: GRANTED
+			workspace: workspaceId
 		});

 		if (inviteeMembership)
@ -205,8 +204,7 @@ export const inviteUserToWorkspace = async (req: Request, res: Response) => {
 		const m = await new Membership({
 			user: invitee._id,
 			workspace: workspaceId,
-			role: MEMBER,
-			status: GRANTED
+			role: MEMBER
 		}).save();

 		await sendMail({
--- a/backend/src/controllers/v1/workspaceController.ts
+++ b/backend/src/controllers/v1/workspaceController.ts
@ -15,7 +15,7 @@ import {
 	deleteWorkspace as deleteWork
 } from '../../helpers/workspace';
 import { addMemberships } from '../../helpers/membership';
-import { ADMIN, COMPLETED, GRANTED } from '../../variables';
+import { ADMIN } from '../../variables';

 /**
 * Return public keys of members of workspace with id [workspaceId]
@ -33,13 +33,12 @@ export const getWorkspacePublicKeys = async (req: Request, res: Response) => {
 				workspace: workspaceId
 			}).populate<{ user: IUser }>('user', 'publicKey')
 		)
-			.filter((m) => m.status === COMPLETED || m.status === GRANTED)
-			.map((member) => {
-				return {
-					publicKey: member.user.publicKey,
-					userId: member.user._id
-				};
-			});
+		.map((member) => {
+			return {
+				publicKey: member.user.publicKey,
+				userId: member.user._id
+			};
+		});
 	} catch (err) {
 		Sentry.setUser({ email: req.user.email });
 		Sentry.captureException(err);
@ -169,8 +168,7 @@ export const createWorkspace = async (req: Request, res: Response) => {
 		await addMemberships({
 			userIds: [req.user._id],
 			workspaceId: workspace._id.toString(),
-			roles: [ADMIN],
-			statuses: [GRANTED]
+			roles: [ADMIN]
 		});
 	} catch (err) {
 		Sentry.setUser({ email: req.user.email });
--- a/backend/src/controllers/v2/workspaceController.ts
+++ b/backend/src/controllers/v2/workspaceController.ts
@ -21,10 +21,9 @@ import {
 	reformatPullSecrets
 } from '../../helpers/secret';
 import { pushKeys } from '../../helpers/key';
-import { addMemberships } from '../../helpers/membership';
 import { postHogClient, EventService } from '../../services';
 import { eventPushSecrets } from '../../events';
-import { ADMIN, COMPLETED, GRANTED, ENV_SET } from '../../variables';
+import { ENV_SET } from '../../variables';

 interface V2PushSecret {
 	type: string; // personal or shared
--- a/backend/src/ee/routes/v1/secret.ts
+++ b/backend/src/ee/routes/v1/secret.ts
@ -5,9 +5,9 @@ import {
 	requireSecretAuth,
    validateRequest
 } from '../../../middleware';
-import { body, query, param } from 'express-validator';
+import { query, param } from 'express-validator';
 import { secretController } from '../../controllers/v1';
-import { ADMIN, MEMBER, COMPLETED, GRANTED } from '../../../variables';
+import { ADMIN, MEMBER } from '../../../variables';

 router.get(
 	'/:secretId/secret-versions',
@ -15,8 +15,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireSecretAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('secretId').exists().trim(),
 	query('offset').exists().isInt(),
--- a/backend/src/ee/routes/v1/workspace.ts
+++ b/backend/src/ee/routes/v1/workspace.ts
@ -6,7 +6,7 @@ import {
 	validateRequest
 } from '../../../middleware';
 import { param, query } from 'express-validator';
-import { ADMIN, MEMBER, GRANTED } from '../../../variables';
+import { ADMIN, MEMBER } from '../../../variables';
 import { workspaceController } from '../../controllers/v1';

 router.get(
@ -15,8 +15,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	query('offset').exists().isInt(),
--- a/backend/src/helpers/membership.ts
+++ b/backend/src/helpers/membership.ts
@ -3,7 +3,7 @@ import { Membership, Key } from '../models';

 /**
 * Validate that user with id [userId] is a member of workspace with id [workspaceId]
- * and has at least one of the roles in [acceptedRoles] and statuses in [acceptedStatuses]
+ * and has at least one of the roles in [acceptedRoles]
 * @param {Object} obj
 * @param {String} obj.userId - id of user to validate
 * @param {String} obj.workspaceId - id of workspace
@ -12,12 +12,10 @@ const validateMembership = async ({
 	userId,
 	workspaceId,
 	acceptedRoles,
-	acceptedStatuses
 }: {
 	userId: string;
 	workspaceId: string;
 	acceptedRoles: string[];
-	acceptedStatuses: string[];
 }) => {
 	
 	let membership;
@ -33,11 +31,6 @@ const validateMembership = async ({
 		if (!acceptedRoles.includes(membership.role)) {
 			throw new Error('Failed to validate membership role');
 		}
-
-		if (!acceptedStatuses.includes(membership.status)) {
-			throw new Error('Failed to validate membership status');
-		}
-		
 	} catch (err) {
 		Sentry.setUser(null);
 		Sentry.captureException(err);
@ -72,18 +65,15 @@ const findMembership = async (queryObj: any) => {
 * @param {String[]} obj.userIds - id of users.
 * @param {String} obj.workspaceId - id of workspace.
 * @param {String[]} obj.roles - roles of users.
- * @param {String[]} obj.statuses - statuses of users.
 */
 const addMemberships = async ({
 	userIds,
 	workspaceId,
-	roles,
-	statuses
+	roles
 }: {
 	userIds: string[];
 	workspaceId: string;
 	roles: string[];
-	statuses: string[];
 }): Promise<void> => {
 	try {
 		const operations = userIds.map((userId, idx) => {
@ -92,14 +82,12 @@ const addMemberships = async ({
 					filter: {
 						user: userId,
 						workspace: workspaceId,
-						role: roles[idx],
-						status: statuses[idx]
+						role: roles[idx]
 					},
 					update: {
 						user: userId,
 						workspace: workspaceId,
-						role: roles[idx],
-						status: statuses[idx]
+						role: roles[idx]
 					},
 					upsert: true
 				}
--- a/backend/src/helpers/rateLimiter.ts
+++ b/backend/src/helpers/rateLimiter.ts
@ -3,7 +3,7 @@ import rateLimit from 'express-rate-limit';
 // 300 requests per 15 minutes
 const apiLimiter = rateLimit({
  windowMs: 15 * 60 * 1000,
-  max: 400,
+  max: 450,
  standardHeaders: true,
  legacyHeaders: false,
  skip: (request) => request.path === '/healthcheck'
@ -20,7 +20,7 @@ const signupLimiter = rateLimit({
 // 10 requests per hour
 const loginLimiter = rateLimit({
  windowMs: 60 * 60 * 1000,
-  max: 20,
+  max: 25,
  standardHeaders: true,
  legacyHeaders: false
 });
--- a/backend/src/helpers/signup.ts
+++ b/backend/src/helpers/signup.ts
@ -5,7 +5,7 @@ import { createOrganization } from './organization';
 import { addMembershipsOrg } from './membershipOrg';
 import { createWorkspace } from './workspace';
 import { addMemberships } from './membership';
-import { OWNER, ADMIN, ACCEPTED, GRANTED } from '../variables';
+import { OWNER, ADMIN, ACCEPTED } from '../variables';
 import { sendMail } from '../helpers/nodemailer';

 /**
@ -113,8 +113,7 @@ const initializeDefaultOrg = async ({
 		await addMemberships({
 			userIds: [user._id.toString()],
 			workspaceId: workspace._id.toString(),
-			roles: [ADMIN],
-			statuses: [GRANTED]
+			roles: [ADMIN]
 		});
 	} catch (err) {
 		throw new Error('Failed to initialize default organization and workspace');
--- a/backend/src/middleware/requireBotAuth.ts
+++ b/backend/src/middleware/requireBotAuth.ts
@ -7,11 +7,9 @@ type req = 'params' | 'body' | 'query';

 const requireBotAuth = ({
    acceptedRoles,
-    acceptedStatuses,
    location = 'params'
 }: {
    acceptedRoles: string[];
-    acceptedStatuses: string[];
    location?: req;
 }) => {
    return async (req: Request, res: Response, next: NextFunction) => {
@ -24,8 +22,7 @@ const requireBotAuth = ({
        await validateMembership({
            userId: req.user._id.toString(),
            workspaceId: bot.workspace.toString(),
-            acceptedRoles,
-            acceptedStatuses
+            acceptedRoles
        });
        
        req.bot = bot;
--- a/backend/src/middleware/requireIntegrationAuth.ts
+++ b/backend/src/middleware/requireIntegrationAuth.ts
@ -9,14 +9,11 @@ import { IntegrationNotFoundError, UnauthorizedRequestError } from '../utils/err
 * with the integration on request params.
 * @param {Object} obj
 * @param {String[]} obj.acceptedRoles - accepted workspace roles
- * @param {String[]} obj.acceptedStatuses - accepted workspace statuses
 */
 const requireIntegrationAuth = ({
-	acceptedRoles,
-	acceptedStatuses
+	acceptedRoles
 }: {
 	acceptedRoles: string[];
-	acceptedStatuses: string[];
 }) => {
 	return async (req: Request, res: Response, next: NextFunction) => {
 		// integration authorization middleware
@ -35,8 +32,7 @@ const requireIntegrationAuth = ({
 		await validateMembership({
 			userId: req.user._id.toString(),
 			workspaceId: integration.workspace.toString(),
-			acceptedRoles,
-			acceptedStatuses
+			acceptedRoles
 		});

 		const integrationAuth = await IntegrationAuth.findOne({
--- a/backend/src/middleware/requireIntegrationAuthorizationAuth.ts
+++ b/backend/src/middleware/requireIntegrationAuthorizationAuth.ts
@ -10,16 +10,13 @@ import { UnauthorizedRequestError } from '../utils/errors';
 * with the integration authorization on request params.
 * @param {Object} obj
 * @param {String[]} obj.acceptedRoles - accepted workspace roles
- * @param {String[]} obj.acceptedStatuses - accepted workspace statuses
 * @param {Boolean} obj.attachAccessToken - whether or not to decrypt and attach integration authorization access token onto request
 */
 const requireIntegrationAuthorizationAuth = ({
 	acceptedRoles,
-	acceptedStatuses,
 	attachAccessToken = true
 }: {
 	acceptedRoles: string[];
-	acceptedStatuses: string[];
 	attachAccessToken?: boolean;
 }) => {
 	return async (req: Request, res: Response, next: NextFunction) => {
@ -38,8 +35,7 @@ const requireIntegrationAuthorizationAuth = ({
 		await validateMembership({
 			userId: req.user._id.toString(),
 			workspaceId: integrationAuth.workspace.toString(),
-			acceptedRoles,
-			acceptedStatuses
+			acceptedRoles
 		});

 		req.integrationAuth = integrationAuth;
--- a/backend/src/middleware/requireSecretAuth.ts
+++ b/backend/src/middleware/requireSecretAuth.ts
@ -9,15 +9,12 @@ import {
 * Validate if user on request has proper membership to modify secret.
 * @param {Object} obj
 * @param {String[]} obj.acceptedRoles - accepted workspace roles
- * @param {String[]} obj.acceptedStatuses - accepted workspace statuses
 * @param {String[]} obj.location - location of [workspaceId] on request (e.g. params, body) for parsing
 */
 const requireSecretAuth = ({
-    acceptedRoles,
-    acceptedStatuses
+    acceptedRoles
 }: {
    acceptedRoles: string[];
-    acceptedStatuses: string[];
 }) => {
    return async (req: Request, res: Response, next: NextFunction) => {
        try {
@ -34,8 +31,7 @@ const requireSecretAuth = ({
            await validateMembership({
                userId: req.user._id.toString(),
                workspaceId: secret.workspace.toString(),
-                acceptedRoles,
-                acceptedStatuses
+                acceptedRoles
            });
            
            req.secret = secret as any;
--- a/backend/src/middleware/requireServiceTokenDataAuth.ts
+++ b/backend/src/middleware/requireServiceTokenDataAuth.ts
@ -7,11 +7,9 @@ type req = 'params' | 'body' | 'query';

 const requireServiceTokenDataAuth = ({
    acceptedRoles,
-    acceptedStatuses,
    location = 'params'
 }: {
    acceptedRoles: string[];
-    acceptedStatuses: string[];
    location?: req;
 }) => {
    return async (req: Request, res: Response, next: NextFunction) => {
@ -30,8 +28,7 @@ const requireServiceTokenDataAuth = ({
            await validateMembership({
                userId: req.user._id.toString(),
                workspaceId: serviceTokenData.workspace.toString(),
-                acceptedRoles,
-                acceptedStatuses
+                acceptedRoles
            });
        }
        
--- a/backend/src/middleware/requireWorkspaceAuth.ts
+++ b/backend/src/middleware/requireWorkspaceAuth.ts
@ -9,16 +9,13 @@ type req = 'params' | 'body' | 'query';
 * on request params.
 * @param {Object} obj
 * @param {String[]} obj.acceptedRoles - accepted workspace roles for JWT auth
- * @param {String[]} obj.acceptedStatuses - accepted workspace statuses for JWT auth
 * @param {String[]} obj.location - location of [workspaceId] on request (e.g. params, body) for parsing
 */
 const requireWorkspaceAuth = ({
 	acceptedRoles,
-	acceptedStatuses,
 	location = 'params'
 }: {
 	acceptedRoles: string[];
-	acceptedStatuses: string[];
 	location?: req;
 }) => {
 	return async (req: Request, res: Response, next: NextFunction) => {
@ -30,8 +27,7 @@ const requireWorkspaceAuth = ({
 				const membership = await validateMembership({
 					userId: req.user._id.toString(),
 					workspaceId,
-					acceptedRoles,
-					acceptedStatuses
+					acceptedRoles
 				});

 				req.membership = membership;
--- a/backend/src/models/membership.ts
+++ b/backend/src/models/membership.ts
@ -1,5 +1,5 @@
 import { Schema, model, Types } from 'mongoose';
-import { ADMIN, MEMBER, INVITED, COMPLETED, GRANTED } from '../variables';
+import { ADMIN, MEMBER } from '../variables';

 export interface IMembership {
 	_id: Types.ObjectId;
@ -7,7 +7,6 @@ export interface IMembership {
 	inviteEmail?: string;
 	workspace: Types.ObjectId;
 	role: 'admin' | 'member';
-	status: 'invited' | 'completed' | 'granted';
 }

 const membershipSchema = new Schema(
@ -28,12 +27,6 @@ const membershipSchema = new Schema(
 			type: String,
 			enum: [ADMIN, MEMBER],
 			required: true
-		},
-		status: {
-			// INVITED, COMPLETED, GRANTED
-			type: String,
-			enum: [INVITED, COMPLETED, GRANTED],
-			required: true
 		}
 	},
 	{
--- a/backend/src/routes/v1/bot.ts
+++ b/backend/src/routes/v1/bot.ts
@ -8,7 +8,7 @@ import {
    validateRequest
 } from '../../middleware';
 import { botController } from '../../controllers/v1';
-import { ADMIN, MEMBER, COMPLETED, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';

 router.get(
    '/:workspaceId',
@ -16,8 +16,7 @@ router.get(
        acceptedAuthModes: ['jwt']
    }),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
    param('workspaceId').exists().trim().notEmpty(),
    validateRequest,
@ -30,8 +29,7 @@ router.patch(
        acceptedAuthModes: ['jwt']
    }),
    requireBotAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
    }),
    body('isActive').isBoolean(),
    body('botKey'),
--- a/backend/src/routes/v1/integration.ts
+++ b/backend/src/routes/v1/integration.ts
@ -5,7 +5,7 @@ import {
 	requireIntegrationAuth,
 	validateRequest
 } from '../../middleware';
-import { ADMIN, MEMBER, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';
 import { body, param } from 'express-validator';
 import { integrationController } from '../../controllers/v1';

@ -15,8 +15,7 @@ router.patch(
        acceptedAuthModes: ['jwt']
    }),
 	requireIntegrationAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('integrationId').exists().trim(),
 	body('app').exists().trim(),
@ -35,8 +34,7 @@ router.delete(
        acceptedAuthModes: ['jwt']
    }),
 	requireIntegrationAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('integrationId').exists().trim(),
 	validateRequest,
--- a/backend/src/routes/v1/integrationAuth.ts
+++ b/backend/src/routes/v1/integrationAuth.ts
@ -7,7 +7,7 @@ import {
 	requireIntegrationAuthorizationAuth,
 	validateRequest
 } from '../../middleware';
-import { ADMIN, MEMBER, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';
 import { integrationAuthController } from '../../controllers/v1';

 router.get(
@ -25,7 +25,6 @@ router.post(
    }),
 	requireWorkspaceAuth({
 		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED],
 		location: 'body'
 	}),
 	body('workspaceId').exists().trim().notEmpty(),
@ -41,8 +40,7 @@ router.get(
        acceptedAuthModes: ['jwt']
    }),
 	requireIntegrationAuthorizationAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('integrationAuthId'),
 	validateRequest,
@ -56,7 +54,6 @@ router.delete(
    }),
 	requireIntegrationAuthorizationAuth({
 		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED],
 		attachAccessToken: false
 	}),
 	param('integrationAuthId'),
--- a/backend/src/routes/v1/key.ts
+++ b/backend/src/routes/v1/key.ts
@ -6,7 +6,7 @@ import {
 	validateRequest
 } from '../../middleware';
 import { body, param } from 'express-validator';
-import { ADMIN, MEMBER, COMPLETED, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';
 import { keyController } from '../../controllers/v1';

 router.post(
@ -15,8 +15,7 @@ router.post(
        acceptedAuthModes: ['jwt']
    }),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	body('key').exists(),
@ -30,8 +29,7 @@ router.get(
        acceptedAuthModes: ['jwt']
    }),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId'),
 	validateRequest,
--- a/backend/src/routes/v1/secret.ts
+++ b/backend/src/routes/v1/secret.ts
@ -8,7 +8,7 @@ import {
 } from '../../middleware';
 import { body, query, param } from 'express-validator';
 import { secretController } from '../../controllers/v1';
-import { ADMIN, MEMBER, COMPLETED, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';

 router.post(
 	'/:workspaceId',
@ -16,8 +16,7 @@ router.post(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	body('secrets').exists(),
 	body('keys').exists(),
@ -34,8 +33,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	query('environment').exists().trim(),
 	query('channel'),
--- a/backend/src/routes/v1/serviceToken.ts
+++ b/backend/src/routes/v1/serviceToken.ts
@ -7,7 +7,7 @@ import {
 	validateRequest
 } from '../../middleware';
 import { body } from 'express-validator';
-import { ADMIN, MEMBER, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';
 import { serviceTokenController } from '../../controllers/v1';

 // note: deprecate service-token routes in favor of service-token data routes/structure
@ -25,7 +25,6 @@ router.post(
 	}),
 	requireWorkspaceAuth({
 		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED],
 		location: 'body'
 	}),
 	body('name').exists().trim().notEmpty(),
--- a/backend/src/routes/v1/workspace.ts
+++ b/backend/src/routes/v1/workspace.ts
@ -6,7 +6,7 @@ import {
 	requireWorkspaceAuth,
 	validateRequest
 } from '../../middleware';
-import { ADMIN, MEMBER, COMPLETED, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';
 import { workspaceController, membershipController } from '../../controllers/v1';

 router.get(
@ -15,8 +15,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
@ -30,7 +29,6 @@ router.get(
 	}),
 	requireWorkspaceAuth({
 		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
@ -51,8 +49,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
@ -76,8 +73,7 @@ router.delete(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
@ -90,8 +86,7 @@ router.post(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	body('name').exists().trim().notEmpty(),
@ -105,8 +100,7 @@ router.post(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	body('email').exists().trim().notEmpty(),
@ -120,8 +114,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
@ -134,8 +127,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
@ -148,8 +140,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
--- a/backend/src/routes/v2/serviceTokenData.ts
+++ b/backend/src/routes/v2/serviceTokenData.ts
@ -10,8 +10,6 @@ import { param, body } from 'express-validator';
 import {
    ADMIN,
    MEMBER,
-    COMPLETED,
-    GRANTED
 } from '../../variables';
 import { serviceTokenDataController } from '../../controllers/v2';

@ -30,7 +28,6 @@ router.post(
 	}),
    requireWorkspaceAuth({
        acceptedRoles: [ADMIN, MEMBER],
-        acceptedStatuses: [COMPLETED, GRANTED],
        location: 'body'
    }),
    body('name').exists().trim(),
@ -50,8 +47,7 @@ router.delete(
 		acceptedAuthModes: ['jwt']
 	}),
    requireServiceTokenDataAuth({
-        acceptedRoles: [ADMIN, MEMBER],
-        acceptedStatuses: [COMPLETED, GRANTED],
+        acceptedRoles: [ADMIN, MEMBER]
    }),
    param('serviceTokenDataId').exists().trim(),
    validateRequest,
--- a/backend/src/routes/v2/workspace.ts
+++ b/backend/src/routes/v2/workspace.ts
@ -6,7 +6,7 @@ import {
 	requireWorkspaceAuth,
 	validateRequest
 } from '../../middleware';
-import { ADMIN, MEMBER, COMPLETED, GRANTED } from '../../variables';
+import { ADMIN, MEMBER } from '../../variables';
 import { workspaceController } from '../../controllers/v2';

 router.post(
@ -15,8 +15,7 @@ router.post(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	body('secrets').exists(),
 	body('keys').exists(),
@ -33,8 +32,7 @@ router.get(
 		acceptedAuthModes: ['jwt', 'serviceToken']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	query('environment').exists().trim(),
 	query('channel'),
@ -49,8 +47,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [COMPLETED, GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),	
 	param('workspaceId').exists().trim(),
 	validateRequest,	
@ -63,8 +60,7 @@ router.get(
 		acceptedAuthModes: ['jwt']
 	}),
 	requireWorkspaceAuth({
-		acceptedRoles: [ADMIN, MEMBER],
-		acceptedStatuses: [GRANTED]
+		acceptedRoles: [ADMIN, MEMBER]
 	}),
 	param('workspaceId').exists().trim(),
 	validateRequest,
--- a/backend/src/variables/index.ts
+++ b/backend/src/variables/index.ts
@ -28,8 +28,6 @@ import {
  MEMBER,
  INVITED,
  ACCEPTED,
-  COMPLETED,
-  GRANTED
 } from './organization';
 import { SECRET_SHARED, SECRET_PERSONAL } from './secret';
 import { EVENT_PUSH_SECRETS, EVENT_PULL_SECRETS } from './event';
@ -42,8 +40,6 @@ export {
  MEMBER,
  INVITED,
  ACCEPTED,
-  COMPLETED,
-  GRANTED,
  SECRET_SHARED,
  SECRET_PERSONAL,
  ENV_DEV,
--- a/backend/src/variables/organization.ts
+++ b/backend/src/variables/organization.ts
@ -9,16 +9,10 @@ const INVITED = 'invited';
 // -- organization
 const ACCEPTED = 'accepted';

-// -- workspace
-const COMPLETED = 'completed';
-const GRANTED = 'granted';
-
 export {
    OWNER,
    ADMIN,
    MEMBER,
    INVITED,
-    ACCEPTED,
-    COMPLETED,
-    GRANTED
+    ACCEPTED
 }