49234c8
49234c8d30aff00cac3b9916999d6a67ee60c4a72c82cd2
8362859internal/web/handlers/orgs/settings_actions.gomodified@@ -37,7 +37,8 @@ func (h *Handlers) settingsActionsSecretSet(w http.ResponseWriter, r *http.Reque | ||
| 37 | 37 | return |
| 38 | 38 | } |
| 39 | 39 | if !decision.Allowed { |
| 40 | - h.renderOrgActionsSettings(w, r, org, "secrets", orgActionsWriteDeniedMessage(decision, "Organization Actions secrets"), "") | |
| 40 | + w.WriteHeader(decision.HTTPStatus()) | |
| 41 | + h.renderOrgActionsSettings(w, r, org, "secrets", orgActionsWriteDeniedMessage(decision, "Organization Actions secrets", string(org.Slug)), "") | |
| 41 | 42 | return |
| 42 | 43 | } |
| 43 | 44 | if h.d.SecretBox == nil { |
@@ -100,7 +101,8 @@ func (h *Handlers) settingsActionsVariableSet(w http.ResponseWriter, r *http.Req | ||
| 100 | 101 | return |
| 101 | 102 | } |
| 102 | 103 | if !decision.Allowed { |
| 103 | - h.renderOrgActionsSettings(w, r, org, "variables", orgActionsWriteDeniedMessage(decision, "Organization Actions variables"), "") | |
| 104 | + w.WriteHeader(decision.HTTPStatus()) | |
| 105 | + h.renderOrgActionsSettings(w, r, org, "variables", orgActionsWriteDeniedMessage(decision, "Organization Actions variables", string(org.Slug)), "") | |
| 104 | 106 | return |
| 105 | 107 | } |
| 106 | 108 | if err := r.ParseForm(); err != nil { |
@@ -170,7 +172,7 @@ func (h *Handlers) renderOrgActionsSettings(w http.ResponseWriter, r *http.Reque | ||
| 170 | 172 | "Notice": notice, |
| 171 | 173 | "FormAction": orgActionsSettingsPath(org.Slug, kind), |
| 172 | 174 | "WritesDisabled": !decision.Allowed, |
| 173 | - "WritesDisabledMessage": orgActionsWriteDeniedMessage(decision, orgActionsFeatureLabel(kind)), | |
| 175 | + "WritesDisabledMessage": orgActionsWriteDeniedMessage(decision, orgActionsFeatureLabel(kind), string(org.Slug)), | |
| 174 | 176 | } |
| 175 | 177 | switch kind { |
| 176 | 178 | case "secrets": |
@@ -245,13 +247,8 @@ func orgActionsFeatureLabel(kind string) string { | ||
| 245 | 247 | return "Organization Actions variables" |
| 246 | 248 | } |
| 247 | 249 | |
| 248 | -func orgActionsWriteDeniedMessage(decision entitlements.Decision, label string) string { | |
| 249 | - switch decision.Reason { | |
| 250 | - case entitlements.ReasonBillingActionNeeded: | |
| 251 | - return label + " are read-only until Team billing is brought back into good standing." | |
| 252 | - default: | |
| 253 | - return label + " require Team billing. Upgrade this organization to continue editing them." | |
| 254 | - } | |
| 250 | +func orgActionsWriteDeniedMessage(decision entitlements.Decision, label, orgSlug string) string { | |
| 251 | + return decision.UpgradeBanner(label, orgSlug).Message | |
| 255 | 252 | } |
| 256 | 253 | |
| 257 | 254 | func (h *Handlers) recordOrgActionsAudit(r *http.Request, viewer middleware.CurrentUser, action audit.Action, orgID int64, name string) { |
internal/web/handlers/orgs/settings_actions_test.gomodified@@ -110,7 +110,7 @@ func TestOrgActionsSettingsBlocksWritesWithoutTeamEntitlement(t *testing.T) { | ||
| 110 | 110 | "value": {"super-secret"}, |
| 111 | 111 | }) |
| 112 | 112 | mux.ServeHTTP(resp, req) |
| 113 | - if resp.Code != http.StatusOK { | |
| 113 | + if resp.Code != http.StatusPaymentRequired { | |
| 114 | 114 | t.Fatalf("POST org secret status=%d body=%s", resp.Code, resp.Body.String()) |
| 115 | 115 | } |
| 116 | 116 | if got := resp.Body.String(); !strings.Contains(got, "require Team billing") { |
internal/web/handlers/orgs/teams.gomodified@@ -156,8 +156,11 @@ func (h *Handlers) teamCreate(w http.ResponseWriter, r *http.Request) { | ||
| 156 | 156 | } |
| 157 | 157 | if !decision.Allowed { |
| 158 | 158 | notice := "secret-teams-upgrade" |
| 159 | - if decision.Reason == entitlements.ReasonBillingActionNeeded { | |
| 159 | + switch decision.Reason { | |
| 160 | + case entitlements.ReasonBillingActionNeeded: | |
| 160 | 161 | notice = "secret-teams-billing" |
| 162 | + case entitlements.ReasonEnterpriseContactSales: | |
| 163 | + notice = "secret-teams-enterprise" | |
| 161 | 164 | } |
| 162 | 165 | http.Redirect(w, r, "/"+string(org.Slug)+"/teams?notice="+notice, http.StatusSeeOther) |
| 163 | 166 | return |
@@ -186,6 +189,8 @@ func teamsNoticeMessage(code string) string { | ||
| 186 | 189 | return "Secret teams require Team billing. Upgrade this organization to create them." |
| 187 | 190 | case "secret-teams-billing": |
| 188 | 191 | return "Secret teams are read-only until Team billing is brought back into good standing." |
| 192 | + case "secret-teams-enterprise": | |
| 193 | + return "Secret teams are unavailable for Enterprise preview organizations. Contact sales to enable them." | |
| 189 | 194 | default: |
| 190 | 195 | return "" |
| 191 | 196 | } |
internal/web/handlers/repo/settings_branches.gomodified@@ -219,13 +219,19 @@ func (h *Handlers) branchProtectionEntitlementNotice(ctx context.Context, row re | ||
| 219 | 219 | |
| 220 | 220 | func branchProtectionNoticeCode(decision entitlements.Decision, requiredReviewers bool) string { |
| 221 | 221 | if requiredReviewers { |
| 222 | - if decision.Reason == entitlements.ReasonBillingActionNeeded { | |
| 222 | + switch decision.Reason { | |
| 223 | + case entitlements.ReasonBillingActionNeeded: | |
| 223 | 224 | return "required-reviewers-billing" |
| 225 | + case entitlements.ReasonEnterpriseContactSales: | |
| 226 | + return "required-reviewers-enterprise" | |
| 224 | 227 | } |
| 225 | 228 | return "required-reviewers-upgrade" |
| 226 | 229 | } |
| 227 | - if decision.Reason == entitlements.ReasonBillingActionNeeded { | |
| 230 | + switch decision.Reason { | |
| 231 | + case entitlements.ReasonBillingActionNeeded: | |
| 228 | 232 | return "branch-protection-billing" |
| 233 | + case entitlements.ReasonEnterpriseContactSales: | |
| 234 | + return "branch-protection-enterprise" | |
| 229 | 235 | } |
| 230 | 236 | return "branch-protection-upgrade" |
| 231 | 237 | } |
@@ -332,10 +338,14 @@ func settingsBranchesNoticeMessage(code string) string { | ||
| 332 | 338 | return "Advanced branch protection on private organization repositories requires Team billing." |
| 333 | 339 | case "branch-protection-billing": |
| 334 | 340 | return "Advanced branch protection is read-only until Team billing is brought back into good standing." |
| 341 | + case "branch-protection-enterprise": | |
| 342 | + return "Advanced branch protection is unavailable for Enterprise preview organizations. Contact sales to enable it." | |
| 335 | 343 | case "required-reviewers-upgrade": |
| 336 | 344 | return "Required reviewers on private organization repositories require Team billing." |
| 337 | 345 | case "required-reviewers-billing": |
| 338 | 346 | return "Required reviewers are read-only until Team billing is brought back into good standing." |
| 347 | + case "required-reviewers-enterprise": | |
| 348 | + return "Required reviewers are unavailable for Enterprise preview organizations. Contact sales to enable them." | |
| 339 | 349 | default: |
| 340 | 350 | return "" |
| 341 | 351 | } |