logto-io · darcyYe · Aug 8, 2024 · Aug 7, 2024 · Aug 8, 2024
@@ -95,7 +95,7 @@
     "zod": "^3.23.8"
   },
   "devDependencies": {
-    "@logto/cloud": "0.2.5-3b703da",
+    "@logto/cloud": "0.2.5-50ff8fe",
     "@silverhand/eslint-config": "6.0.1",
     "@silverhand/ts-config": "6.0.0",
     "@types/adm-zip": "^0.5.5",

@@ -7,8 +7,10 @@
 import assertThat from '#src/utils/assert-that.js';
 import {
   getTenantSubscriptionPlan,
-  getTenantSubscriptionQuotaAndUsage,
+  getTenantSubscriptionData,
   getTenantSubscriptionScopeUsage,
+  reportSubscriptionUpdates,
+  isReportSubscriptionUpdatesUsageKey,
 } from '#src/utils/subscription/index.js';
 import { type SubscriptionQuota, type FeatureQuota } from '#src/utils/subscription/types.js';
 
@@ -21,6 +23,11 @@
   throw new Error('Only support usage query for numeric quota');
 };
 
+const shouldReportSubscriptionUpdates = (planId: string, key: keyof SubscriptionQuota): boolean =>
+  EnvSet.values.isDevFeaturesEnabled &&
+  planId === ReservedPlanId.Pro &&
+  isReportSubscriptionUpdatesUsageKey(key);
+
 export const createQuotaLibrary = (
   queries: Queries,
   cloudConnection: CloudConnectionLibrary,
@@ -156,9 +163,16 @@
       return;
     }
 
-    const { quota: fullQuota, usage: fullUsage } = await getTenantSubscriptionQuotaAndUsage(
-      cloudConnection
-    );
+    const {
+      planId,
+      quota: fullQuota,
+      usage: fullUsage,
+    } = await getTenantSubscriptionData(cloudConnection);
+
+    // Do not block Pro plan from adding add-on resources.
+    if (shouldReportSubscriptionUpdates(planId, key)) {
+      return;
+    }
 
     // Type `SubscriptionQuota` and type `SubscriptionUsage` are sharing keys, this design helps us to compare the usage with the quota limit in a easier way.
     const { [key]: limit } = fullQuota;
@@ -227,7 +241,7 @@
       },
       scopeUsages,
     ] = await Promise.all([
-      getTenantSubscriptionQuotaAndUsage(cloudConnection),
+      getTenantSubscriptionData(cloudConnection),
       getTenantSubscriptionScopeUsage(cloudConnection, entityName),
     ]);
     const usage = scopeUsages[entityId] ?? 0;
@@ -262,5 +276,30 @@
     );
   };
 
-  return { guardKey, guardTenantUsageByKey, guardEntityScopesUsage };
+  const reportSubscriptionUpdatesUsage = async (key: keyof SubscriptionQuota) => {
+    const { isCloud, isIntegrationTest } = EnvSet.values;
+
+    // Cloud only feature, skip in non-cloud environments
+    if (!isCloud) {
+      return;
+    }
+
+    // Disable in integration tests
+    if (isIntegrationTest) {
+      return;
+    }
+
+    const { planId } = await getTenantSubscriptionData(cloudConnection);
+
+    if (shouldReportSubscriptionUpdates(planId, key)) {
+      await reportSubscriptionUpdates(cloudConnection, key);
+    }
+  };
+
+  return {
+    guardKey,
+    guardTenantUsageByKey,
+    guardEntityScopesUsage,
+    reportSubscriptionUpdatesUsage,
+  };
 };
@@ -1,3 +1,4 @@
+import { type Nullable } from '@silverhand/essentials';
 import type { MiddlewareType } from 'koa';
 
 import { type QuotaLibrary } from '#src/libraries/quota.js';
@@ -45,3 +46,18 @@ export function newKoaQuotaGuard<StateT, ContextT, ResponseBodyT>({
     return next();
   };
 }
+
+export function koaReportSubscriptionUpdates<StateT, ContextT, ResponseBodyT>({
+  key,
+  quota,
+  methods = ['POST', 'PUT', 'DELETE'],
+}: NewUsageGuardConfig): MiddlewareType<StateT, ContextT, Nullable<ResponseBodyT>> {
+  return async (ctx, next) => {
+    await next();
+
+    // eslint-disable-next-line no-restricted-syntax
+    if (methods.includes(ctx.method.toUpperCase() as Method)) {
+      await quota.reportSubscriptionUpdatesUsage(key);
+    }
+  };
+}
@@ -1,4 +1,4 @@
 // TODO: @darcyYe refactor this file later to remove disable max line comment
 /* eslint-disable max-lines */
 import type { Role } from '@logto/schemas';
 import {
@@ -213,6 +213,11 @@
       }
 
       ctx.body = application;
+
+      if (rest.type === ApplicationType.MachineToMachine) {
+        await quota.reportSubscriptionUpdatesUsage('machineToMachineLimit');
+      }
+
       return next();
     }
   );
@@ -356,6 +361,10 @@
       await queries.applications.deleteApplicationById(id);
       ctx.status = 204;
 
+      if (type === ApplicationType.MachineToMachine) {
+        await quota.reportSubscriptionUpdatesUsage('machineToMachineLimit');
+      }
+
       return next();
     }
   );

@@ -18,7 +18,10 @@ import { EnvSet } from '#src/env-set/index.js';
 import RequestError from '#src/errors/RequestError/index.js';
 import koaGuard from '#src/middleware/koa-guard.js';
 import koaPagination from '#src/middleware/koa-pagination.js';
-import koaQuotaGuard, { newKoaQuotaGuard } from '#src/middleware/koa-quota-guard.js';
+import koaQuotaGuard, {
+  koaReportSubscriptionUpdates,
+  newKoaQuotaGuard,
+} from '#src/middleware/koa-quota-guard.js';
 import { type AllowedKeyPrefix } from '#src/queries/log.js';
 import assertThat from '#src/utils/assert-that.js';
 
@@ -169,6 +172,11 @@ export default function hookRoutes<T extends ManagementApiRouter>(
       response: Hooks.guard,
       status: [201, 400],
     }),
+    koaReportSubscriptionUpdates({
+      key: 'hooksLimit',
+      quota,
+      methods: ['POST'],
+    }),
     async (ctx, next) => {
       const { event, events, enabled, ...rest } = ctx.guard.body;
       assertThat(events ?? event, new RequestError({ code: 'hook.missing_events', status: 400 }));
@@ -257,6 +265,11 @@ export default function hookRoutes<T extends ManagementApiRouter>(
   router.delete(
     '/hooks/:id',
     koaGuard({ params: z.object({ id: z.string() }), status: [204, 404] }),
+    koaReportSubscriptionUpdates({
+      key: 'hooksLimit',
+      quota,
+      methods: ['DELETE'],
+    }),
     async (ctx, next) => {
       const { id } = ctx.guard.params;
       await deleteHookById(id);

@@ -6,13 +6,17 @@ import {
   type OrganizationRoleKeys,
 } from '@logto/schemas';
 import { generateStandardId } from '@logto/shared';
+import { condArray } from '@silverhand/essentials';
 import { z } from 'zod';
 
 import { EnvSet } from '#src/env-set/index.js';
 import { buildManagementApiContext } from '#src/libraries/hook/utils.js';
 import koaGuard from '#src/middleware/koa-guard.js';
 import koaPagination from '#src/middleware/koa-pagination.js';
-import koaQuotaGuard, { newKoaQuotaGuard } from '#src/middleware/koa-quota-guard.js';
+import koaQuotaGuard, {
+  koaReportSubscriptionUpdates,
+  newKoaQuotaGuard,
+} from '#src/middleware/koa-quota-guard.js';
 import { organizationRoleSearchKeys } from '#src/queries/organization/index.js';
 import SchemaRouter from '#src/utils/SchemaRouter.js';
 import { parseSearchOptions } from '#src/utils/search.js';
@@ -45,11 +49,17 @@ export default function organizationRoleRoutes<T extends ManagementApiRouter>(
     unknown,
     ManagementApiRouterContext
   >(OrganizationRoles, roles, {
-    middlewares: [
+    middlewares: condArray(
       EnvSet.values.isDevFeaturesEnabled
         ? newKoaQuotaGuard({ key: 'organizationsEnabled', quota, methods: ['POST', 'PUT'] })
         : koaQuotaGuard({ key: 'organizationsEnabled', quota, methods: ['POST', 'PUT'] }),
-    ],
+      EnvSet.values.isDevFeaturesEnabled &&
+        koaReportSubscriptionUpdates({
+          key: 'organizationsEnabled',
+          quota,
+          methods: ['POST', 'PUT', 'DELETE'],
+        })
+    ),
     disabled: { get: true, post: true },
     errorHandler,
     searchFields: ['name'],

@@ -1,7 +1,11 @@
 import { OrganizationScopes } from '@logto/schemas';
+import { condArray } from '@silverhand/essentials';
 
 import { EnvSet } from '#src/env-set/index.js';
-import koaQuotaGuard, { newKoaQuotaGuard } from '#src/middleware/koa-quota-guard.js';
+import koaQuotaGuard, {
+  newKoaQuotaGuard,
+  koaReportSubscriptionUpdates,
+} from '#src/middleware/koa-quota-guard.js';
 import SchemaRouter from '#src/utils/SchemaRouter.js';
 
 import { errorHandler } from '../organization/utils.js';
@@ -19,11 +23,17 @@ export default function organizationScopeRoutes<T extends ManagementApiRouter>(
   ]: RouterInitArgs<T>
 ) {
   const router = new SchemaRouter(OrganizationScopes, scopes, {
-    middlewares: [
+    middlewares: condArray(
       EnvSet.values.isDevFeaturesEnabled
         ? newKoaQuotaGuard({ key: 'organizationsEnabled', quota, methods: ['POST', 'PUT'] })
         : koaQuotaGuard({ key: 'organizationsEnabled', quota, methods: ['POST', 'PUT'] }),
-    ],
+      EnvSet.values.isDevFeaturesEnabled &&
+        koaReportSubscriptionUpdates({
+          key: 'organizationsEnabled',
+          quota,
+          methods: ['POST', 'PUT', 'DELETE'],
+        })
+    ),
     errorHandler,
     searchFields: ['name'],
   });

@@ -1,11 +1,14 @@
 import { type OrganizationWithFeatured, Organizations, featuredUserGuard } from '@logto/schemas';
-import { yes } from '@silverhand/essentials';
+import { condArray, yes } from '@silverhand/essentials';
 import { z } from 'zod';
 
 import { EnvSet } from '#src/env-set/index.js';
 import koaGuard from '#src/middleware/koa-guard.js';
 import koaPagination from '#src/middleware/koa-pagination.js';
-import koaQuotaGuard, { newKoaQuotaGuard } from '#src/middleware/koa-quota-guard.js';
+import koaQuotaGuard, {
+  newKoaQuotaGuard,
+  koaReportSubscriptionUpdates,
+} from '#src/middleware/koa-quota-guard.js';
 import SchemaRouter from '#src/utils/SchemaRouter.js';
 import { parseSearchOptions } from '#src/utils/search.js';
 
@@ -31,11 +34,17 @@ export default function organizationRoutes<T extends ManagementApiRouter>(
   ] = args;
 
   const router = new SchemaRouter(Organizations, organizations, {
-    middlewares: [
+    middlewares: condArray(
       EnvSet.values.isDevFeaturesEnabled
         ? newKoaQuotaGuard({ key: 'organizationsEnabled', quota, methods: ['POST', 'PUT'] })
         : koaQuotaGuard({ key: 'organizationsEnabled', quota, methods: ['POST', 'PUT'] }),
-    ],
+      EnvSet.values.isDevFeaturesEnabled &&
+        koaReportSubscriptionUpdates({
+          key: 'organizationsEnabled',
+          quota,
+          methods: ['POST', 'PUT', 'DELETE'],
+        })
+    ),
     errorHandler,
     searchFields: ['name'],
     disabled: { get: true },

@@ -7,7 +7,10 @@ import { EnvSet } from '#src/env-set/index.js';
 import RequestError from '#src/errors/RequestError/index.js';
 import koaGuard from '#src/middleware/koa-guard.js';
 import koaPagination from '#src/middleware/koa-pagination.js';
-import koaQuotaGuard, { newKoaQuotaGuard } from '#src/middleware/koa-quota-guard.js';
+import koaQuotaGuard, {
+  newKoaQuotaGuard,
+  koaReportSubscriptionUpdates,
+} from '#src/middleware/koa-quota-guard.js';
 import assertThat from '#src/utils/assert-that.js';
 import { attachScopesToResources } from '#src/utils/resource.js';
 
@@ -87,6 +90,11 @@ export default function resourceRoutes<T extends ManagementApiRouter>(
       response: Resources.guard.extend({ scopes: Scopes.guard.array().optional() }),
       status: [201, 422],
     }),
+    koaReportSubscriptionUpdates({
+      key: 'resourcesLimit',
+      quota,
+      methods: ['POST'],
+    }),
     async (ctx, next) => {
       const { body } = ctx.guard;
       const { indicator } = body;
@@ -184,6 +192,11 @@ export default function resourceRoutes<T extends ManagementApiRouter>(
   router.delete(
     '/resources/:id',
     koaGuard({ params: object({ id: string().min(1) }), status: [204, 400, 404] }),
+    koaReportSubscriptionUpdates({
+      key: 'resourcesLimit',
+      quota,
+      methods: ['DELETE'],
+    }),
     async (ctx, next) => {
       const { id } = ctx.guard.params;
 

@@ -19,7 +19,7 @@ export default function signInExperiencesRoutes<T extends ManagementApiRouter>(
   const { deleteConnectorById } = queries.connectors;
   const {
     signInExperiences: { validateLanguageInfo },
-    quota: { guardKey, guardTenantUsageByKey },
+    quota: { guardKey, guardTenantUsageByKey, reportSubscriptionUpdatesUsage },
   } = libraries;
   const { getLogtoConnectors } = connectors;
 
@@ -122,6 +122,8 @@ export default function signInExperiencesRoutes<T extends ManagementApiRouter>(
           : rest
       );
 
+      await reportSubscriptionUpdatesUsage('mfaEnabled');
+
       return next();
     }
   );

@@ -11,7 +11,10 @@ import { EnvSet } from '#src/env-set/index.js';
 import RequestError from '#src/errors/RequestError/index.js';
 import koaGuard from '#src/middleware/koa-guard.js';
 import koaPagination from '#src/middleware/koa-pagination.js';
-import koaQuotaGuard, { newKoaQuotaGuard } from '#src/middleware/koa-quota-guard.js';
+import koaQuotaGuard, {
+  koaReportSubscriptionUpdates,
+  newKoaQuotaGuard,
+} from '#src/middleware/koa-quota-guard.js';
 import { ssoConnectorCreateGuard, ssoConnectorPatchGuard } from '#src/routes/sso-connector/type.js';
 import { ssoConnectorFactories } from '#src/sso/index.js';
 import { isSupportedSsoConnector, isSupportedSsoProvider } from '#src/sso/utils.js';
@@ -77,6 +80,11 @@ export default function singleSignOnConnectorsRoutes<T extends ManagementApiRout
       response: SsoConnectors.guard,
       status: [200, 400, 409, 422],
     }),
+    koaReportSubscriptionUpdates({
+      quota,
+      key: 'enterpriseSsoLimit',
+      methods: ['POST'],
+    }),
     async (ctx, next) => {
       const { body } = ctx.guard;
       const { providerName, connectorName, config, domains, ...rest } = body;
@@ -202,6 +210,11 @@ export default function singleSignOnConnectorsRoutes<T extends ManagementApiRout
       params: z.object({ id: z.string().min(1) }),
       status: [204, 404],
     }),
+    koaReportSubscriptionUpdates({
+      quota,
+      key: 'enterpriseSsoLimit',
+      methods: ['DELETE'],
+    }),
     async (ctx, next) => {
       const { id } = ctx.guard.params;
 

@@ -7,5 +7,6 @@ export const createMockQuotaLibrary = (): QuotaLibrary => {
     guardKey: jest.fn(),
     guardTenantUsageByKey: jest.fn(),
     guardEntityScopesUsage: jest.fn(),
+    reportSubscriptionUpdatesUsage: jest.fn(),
   };
 };