From ae67e82f26aa6467fe6bc19aabcb405b2831602a Mon Sep 17 00:00:00 2001
From: Ben Irvin <ben@innerdvations.com>
Date: Tue, 18 Jul 2023 17:37:13 +0200
Subject: [PATCH] Revert "allow null defaultRole on backend"

This reverts commit 64c995d4ccf5681bac9b10e575ce808f6e17d120.
---
 .../admin/ee/provider-options.test.api.js     | 48 +------------------
 .../ee/server/validation/authentication.js    |  7 +--
 2 files changed, 3 insertions(+), 52 deletions(-)

diff --git a/api-tests/core/admin/ee/provider-options.test.api.js b/api-tests/core/admin/ee/provider-options.test.api.js
index bb7488244a..f06fcff90e 100644
--- a/api-tests/core/admin/ee/provider-options.test.api.js
+++ b/api-tests/core/admin/ee/provider-options.test.api.js
@@ -103,7 +103,7 @@ describeOnCondition(edition === 'EE')('SSO Provider Options', () => {
     ])('can be %s', async (name, value) => {
       const newData = {
         ssoLockedRoles: value,
-        defaultRole: null,
+        defaultRole: localData.restrictedRole.id, // TODO: there seems to be a bug with not setting a default role
         autoRegister: false,
       };
       const res = await requests.admin.put('/admin/providers/options', {
@@ -127,7 +127,7 @@ describeOnCondition(edition === 'EE')('SSO Provider Options', () => {
       const res = await requests.admin.put('/admin/providers/options', {
         body: {
           ssoLockedRoles: value,
-          defaultRole: null,
+          defaultRole: localData.restrictedRole.id, // TODO: there seems to be a bug with not setting a default role
           autoRegister: false,
         },
       });
@@ -138,49 +138,5 @@ describeOnCondition(edition === 'EE')('SSO Provider Options', () => {
         expect(Array.isArray(res.body)).toBeFalsy();
       }
     });
-
-    describe('autoRegister and defaultRole', () => {
-      test.each([
-        [null, false],
-        [1, false],
-        [1, true],
-      ])('defaultRole can be %s when autoRegister is %s', async (defaultRole, autoRegister) => {
-        const newData = {
-          defaultRole,
-          autoRegister,
-        };
-        const res = await requests.admin.put('/admin/providers/options', {
-          body: newData,
-        });
-        if (hasSSO) {
-          expect(res.status).toEqual(200);
-          const parsed = JSON.parse(res.text);
-          expect(parsed.data).toMatchObject(newData);
-        } else {
-          expect(res.status).toBe(404);
-          expect(Array.isArray(res.body)).toBeFalsy();
-        }
-      });
-
-      test.each([
-        [null, true],
-        [{}, true],
-        [9999, true],
-      ])('defaultRole cannot be %s when autoRegister is %s', async (defaultRole, autoRegister) => {
-        const newData = {
-          defaultRole,
-          autoRegister,
-        };
-        const res = await requests.admin.put('/admin/providers/options', {
-          body: newData,
-        });
-        if (hasSSO) {
-          expect(res.status).toEqual(400);
-        } else {
-          expect(res.status).toBe(404);
-          expect(Array.isArray(res.body)).toBeFalsy();
-        }
-      });
-    });
   });
 });
diff --git a/packages/core/admin/ee/server/validation/authentication.js b/packages/core/admin/ee/server/validation/authentication.js
index 00653c198c..c498a4b10c 100644
--- a/packages/core/admin/ee/server/validation/authentication.js
+++ b/packages/core/admin/ee/server/validation/authentication.js
@@ -6,13 +6,8 @@ const providerOptionsUpdateSchema = yup.object().shape({
   autoRegister: yup.boolean().required(),
   defaultRole: yup
     .strapiID()
-    .when('autoRegister', (value, initSchema) => {
-      return value ? initSchema.required() : initSchema.nullable();
-    })
+    .required()
     .test('is-valid-role', 'You must submit a valid default role', (roleId) => {
-      if (roleId === null) {
-        return true;
-      }
       return strapi.admin.services.role.exists({ id: roleId });
     }),
   ssoLockedRoles: yup