From 91c33b04316ad07a402aa1af28c7366763c47fe9 Mon Sep 17 00:00:00 2001
From: wh1te909 <7434746+wh1te909@users.noreply.github.com>
Date: Sat, 16 Nov 2024 19:28:28 +0000
Subject: [PATCH] add setting override to disable sso

---
 api/tacticalrmm/tacticalrmm/urls.py      | 9 ++++++---
 docker/.env.example                      | 5 ++++-
 docker/containers/tactical/entrypoint.sh | 2 ++
 docker/docker-compose.yml                | 1 +
 4 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/api/tacticalrmm/tacticalrmm/urls.py b/api/tacticalrmm/tacticalrmm/urls.py
index b5b19094..8a248619 100644
--- a/api/tacticalrmm/tacticalrmm/urls.py
+++ b/api/tacticalrmm/tacticalrmm/urls.py
@@ -24,8 +24,6 @@ register_converter(AgentIDConverter, "agent")
 
 urlpatterns = [
     path("", home),
-    # all auth urls
-    path("_allauth/", include(allauth_urls)),
     path("v2/checkcreds/", CheckCredsV2.as_view()),
     path("v2/login/", LoginViewV2.as_view()),
     path("logout/", knox_views.LogoutView.as_view()),
@@ -44,10 +42,15 @@ urlpatterns = [
     path("scripts/", include("scripts.urls")),
     path("alerts/", include("alerts.urls")),
     path("accounts/", include("accounts.urls")),
-    path("accounts/", include("ee.sso.urls")),
     path("reporting/", include("ee.reporting.urls")),
 ]
 
+if not getattr(settings, "TRMM_DISABLE_SSO", False):
+    urlpatterns += (
+        path("_allauth/", include(allauth_urls)),
+        path("accounts/", include("ee.sso.urls")),
+    )
+
 if getattr(settings, "BETA_API_ENABLED", False):
     urlpatterns += (path("beta/v1/", include("beta.v1.urls")),)
 
diff --git a/docker/.env.example b/docker/.env.example
index 51c20b98..0321927b 100644
--- a/docker/.env.example
+++ b/docker/.env.example
@@ -5,7 +5,7 @@ VERSION=latest
 TRMM_USER=tactical
 TRMM_PASS=tactical
 
-# optional web port override settings 
+# optional web port override settings
 TRMM_HTTP_PORT=80
 TRMM_HTTPS_PORT=443
 
@@ -30,3 +30,6 @@ TRMM_DISABLE_WEB_TERMINAL=False
 
 # disable server side scripts
 TRMM_DISABLE_SERVER_SCRIPTS=False
+
+# disable sso
+TRMM_DISABLE_SSO=False
diff --git a/docker/containers/tactical/entrypoint.sh b/docker/containers/tactical/entrypoint.sh
index eb35a712..0eda0839 100644
--- a/docker/containers/tactical/entrypoint.sh
+++ b/docker/containers/tactical/entrypoint.sh
@@ -20,6 +20,7 @@ set -e
 : "${SKIP_UWSGI_CONFIG:=0}"
 : "${TRMM_DISABLE_WEB_TERMINAL:=False}"
 : "${TRMM_DISABLE_SERVER_SCRIPTS:=False}"
+: "${TRMM_DISABLE_SSO:=False}"
 
 : "${CERT_PRIV_PATH:=${TACTICAL_DIR}/certs/privkey.pem}"
 : "${CERT_PUB_PATH:=${TACTICAL_DIR}/certs/fullchain.pem}"
@@ -120,6 +121,7 @@ MESH_WS_URL = '${MESH_WS_URL}'
 ADMIN_ENABLED = False
 TRMM_DISABLE_WEB_TERMINAL = ${TRMM_DISABLE_WEB_TERMINAL}
 TRMM_DISABLE_SERVER_SCRIPTS = ${TRMM_DISABLE_SERVER_SCRIPTS}
+TRMM_DISABLE_SSO = ${TRMM_DISABLE_SSO}
 EOF
   )"
 
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 1ebefee5..f71cfab7 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -64,6 +64,7 @@ services:
       TRMM_PASS: ${TRMM_PASS}
       TRMM_DISABLE_WEB_TERMINAL: ${TRMM_DISABLE_WEB_TERMINAL}
       TRMM_DISABLE_SERVER_SCRIPTS: ${TRMM_DISABLE_SERVER_SCRIPTS}
+      TRMM_DISABLE_SSO: ${TRMM_DISABLE_SSO}
     depends_on:
       - tactical-postgres
       - tactical-meshcentral