feat(auth): block disabled user accounts at the subscription guard

RequireActiveTenantSubscription now optionally takes an AuthRepository
and rejects the request with 40311/user_disabled when the actor's user
row is anything other than active. Wire the repo through the tenant
router, surface the new error code in admin-web's
membershipBlockedErrors set, persist a "disabled" membership status when
markStoredMembershipBlocked sees user_disabled, and add localized copy
on the blocked screen and shell membership banner.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-04-30 01:31:26 +08:00
parent e15806bd91
commit c9267d2fae
8 changed files with 47 additions and 4 deletions
+4 -1
View File
@@ -65,7 +65,10 @@ func RegisterRoutes(app *bootstrap.App) {
desktopAuth.POST("/monitoring/tasks/:id/cancel", desktopMonitoringHandler.Cancel)
tenantProtected := protected.Group("/tenant")
tenantProtected.Use(RequireActiveTenantSubscription(repository.NewTenantPlanRepository(app.DB)))
tenantProtected.Use(RequireActiveTenantSubscription(
repository.NewTenantPlanRepository(app.DB),
repository.NewAuthRepository(app.DB),
))
tenantProtected.GET("/accounts", desktopAccountHandler.TenantList)
tenantProtected.POST("/accounts/:id/request-delete", desktopAccountHandler.RequestDelete)
tenantProtected.POST("/tasks/:id/reconcile", desktopTaskHandler.Reconcile)