From a561b72df0aad30e3171276634aa2a64b0d9b069 Mon Sep 17 00:00:00 2001
From: Jason Cihelka <jcihelka@isotechnics.com>
Date: Wed, 24 May 2023 17:12:20 -0700
Subject: [PATCH] fix: check self-service flag in token middleware

---
 api/selfservice.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/api/selfservice.go b/api/selfservice.go
index 6e5c58b..ede3652 100644
--- a/api/selfservice.go
+++ b/api/selfservice.go
@@ -46,6 +46,9 @@ func selfServiceTokenMiddleware(dldm *core.DeltaDM) echo.MiddlewareFunc {
 			if p.ActorID == "" {
 				return c.String(401, "invalid provider self-service token")
 			}
+			if !p.AllowSelfService {
+				return c.String(401, "provider is not allowed to self-serve, please contact administrator to enable it")
+			}
 
 			c.Set(PROVIDER, p)