diff --git a/server/src/modules/auth/oauth/service.ts b/server/src/modules/auth/oauth/service.ts index 3ce03b5ea4..734380df11 100644 --- a/server/src/modules/auth/oauth/service.ts +++ b/server/src/modules/auth/oauth/service.ts @@ -191,6 +191,7 @@ export class OauthService implements IOAuthService { [USER_ROLE.ADMIN], defaultOrganization.id, userDetails.id, + false, manager ); diff --git a/server/src/modules/auth/util.service.ts b/server/src/modules/auth/util.service.ts index b552489b35..ae0e541eb8 100644 --- a/server/src/modules/auth/util.service.ts +++ b/server/src/modules/auth/util.service.ts @@ -40,6 +40,7 @@ import { OrganizationUsersRepository } from '@modules/organization-users/reposit import { SessionUtilService } from '@modules/session/util.service'; import { OnboardingStatus } from '@modules/onboarding/constants'; import { IAuthUtilService } from './interfaces/IUtilService'; +import { SetupOrganizationsUtilService } from '@modules/setup-organization/util.service'; @Injectable() export class AuthUtilService implements IAuthUtilService { @@ -57,7 +58,8 @@ export class AuthUtilService implements IAuthUtilService { protected readonly onboardingUtilService: OnboardingUtilService, protected readonly instanceSettingsUtilService: InstanceSettingsUtilService, protected readonly rolesRepository: RolesRepository, - protected profileUtilService: ProfileUtilService + protected profileUtilService: ProfileUtilService, + protected readonly setupOrganizationsUtilService: SetupOrganizationsUtilService ) {} async validateLoginUser(email: string, password: string, organizationId?: string): Promise { @@ -147,7 +149,7 @@ export class AuthUtilService implements IAuthUtilService { if (!user && allowPersonalWorkspace) { const { name, slug } = generateNextNameAndSlug('My workspace'); - defaultOrganization = await this.organizationRepository.createOne(name, slug, manager); + defaultOrganization = await this.setupOrganizationsUtilService.create(name, slug, null, manager); } const { source, status } = getUserStatusAndSource(lifecycleEvents.USER_SSO_ACTIVATE, sso); @@ -159,10 +161,10 @@ export class AuthUtilService implements IAuthUtilService { firstName, lastName, email, - source, - status, + source: defaultOrganization?.id ? WORKSPACE_USER_SOURCE.SIGNUP : source, + status: defaultOrganization?.id ? USER_STATUS.ACTIVE : status, password, - role: USER_ROLE.END_USER, + role: defaultOrganization?.id ? USER_ROLE.ADMIN : USER_ROLE.END_USER, defaultOrganizationId: defaultOrganization?.id || organization.id, }, manager @@ -186,11 +188,31 @@ export class AuthUtilService implements IAuthUtilService { manager, WORKSPACE_USER_SOURCE.SIGNUP ); - if (defaultOrganization) { + await this.organizationUsersUtilService.attachUserGroup( + [USER_ROLE.END_USER], + organization.id, + user.id, + false, + manager + ); + if (defaultOrganization?.id) { // Setting up default organization - await this.organizationUsersRepository.createOne(user, defaultOrganization, true, manager); + await this.organizationUsersRepository.createOne( + user, + defaultOrganization, + false, + manager, + WORKSPACE_USER_SOURCE.SIGNUP, + true + ); + await this.organizationUsersUtilService.attachUserGroup( + [USER_ROLE.ADMIN], + defaultOrganization.id, + user.id, + false, + manager + ); } - await this.organizationUsersUtilService.attachUserGroup([USER_ROLE.END_USER], organization.id, user.id, manager); //localhost:8082/login/tooljets-workspace?redirectTo=/ return user; } @@ -335,7 +357,7 @@ export class AuthUtilService implements IAuthUtilService { } if (ssoGroups?.length) { - await this.organizationUsersUtilService.attachUserGroup(groupsIds, organizationId, userId, manager); + await this.organizationUsersUtilService.attachUserGroup(groupsIds, organizationId, userId, true, manager); await this.licenseUserService.validateUser(manager); } diff --git a/server/src/modules/organization-users/interfaces/IUtilService.ts b/server/src/modules/organization-users/interfaces/IUtilService.ts index 673fea1ed1..4099cea3d6 100644 --- a/server/src/modules/organization-users/interfaces/IUtilService.ts +++ b/server/src/modules/organization-users/interfaces/IUtilService.ts @@ -14,7 +14,13 @@ export interface IOrganizationUsersUtilService { roleUpdateObj: RoleUpdate, manager: EntityManager ): Promise; - attachUserGroup(groups: string[], organizationId: string, userId: string, manager?: EntityManager): Promise; + attachUserGroup( + groups: string[], + organizationId: string, + userId: string, + areGroupIds: boolean, + manager?: EntityManager + ): Promise; updateUserStatus(userId: string, status: string, manager?: EntityManager): Promise; findInvitingUserByEmail(email: string, manager?: EntityManager): Promise; validateInvitingUser(email: string, organizationId: string, manager: EntityManager): Promise; diff --git a/server/src/modules/organization-users/repository.ts b/server/src/modules/organization-users/repository.ts index ae429c172e..c297d41a7e 100644 --- a/server/src/modules/organization-users/repository.ts +++ b/server/src/modules/organization-users/repository.ts @@ -19,7 +19,8 @@ export class OrganizationUsersRepository extends Repository { organization: DeepPartial, isInvite?: boolean, manager?: EntityManager, - source: WORKSPACE_USER_SOURCE = WORKSPACE_USER_SOURCE.INVITE + source: WORKSPACE_USER_SOURCE = WORKSPACE_USER_SOURCE.INVITE, + isDefaultOrganization: boolean = false ): Promise { return await dbTransactionWrap(async (manager: EntityManager) => { return await manager.save( @@ -28,7 +29,7 @@ export class OrganizationUsersRepository extends Repository { organization, invitationToken: isInvite ? uuid.v4() : null, status: isInvite ? WORKSPACE_USER_STATUS.INVITED : WORKSPACE_USER_STATUS.ACTIVE, - source, + source: isDefaultOrganization ? WORKSPACE_USER_SOURCE.SIGNUP : source, role: 'all-users', createdAt: new Date(), updatedAt: new Date(), diff --git a/server/src/modules/organization-users/util.service.ts b/server/src/modules/organization-users/util.service.ts index c7c0a7db19..a817dbdfe0 100644 --- a/server/src/modules/organization-users/util.service.ts +++ b/server/src/modules/organization-users/util.service.ts @@ -136,6 +136,7 @@ export class OrganizationUsersUtilService implements IOrganizationUsersUtilServi groups: string[], organizationId: string, userId: string, + areGroupIds: boolean = false, manager?: EntityManager ): Promise { if (!groups) return; @@ -146,13 +147,11 @@ export class OrganizationUsersUtilService implements IOrganizationUsersUtilServi try { for (const addGroup of groups) { - const orgGroupPermission = await this.groupPermissionsRepository.getGroup( - { - organizationId: organizationId, - name: addGroup, - }, - manager - ); + const groupQuery = areGroupIds + ? { organizationId: organizationId, id: addGroup } + : { organizationId: organizationId, name: addGroup }; + + const orgGroupPermission = await this.groupPermissionsRepository.getGroup(groupQuery, manager); if (!orgGroupPermission) { throw new BadRequestException(`${addGroup} group does not exist for current organization`); } @@ -485,7 +484,7 @@ export class OrganizationUsersUtilService implements IOrganizationUsersUtilServi ); } - await this.attachUserGroup(inviteNewUserDto.groups, currentOrganization.id, updatedUser.id, manager); + await this.attachUserGroup(inviteNewUserDto.groups, currentOrganization.id, updatedUser.id, true, manager); await this.licenseUserService.validateUser(manager); await this.licenseOrganizationService.validateOrganization(manager);