Merge branch 'dev' into auth-providers-clients

2026-02-20 20:06:39 +00:00 · 2025-05-03 11:45:11 -04:00
parent 752c474983 9a167b5acb
commit a76dd9c9d1
38 changed files with 455 additions and 204 deletions
--- a/server/routers/org/createOrg.ts
+++ b/server/routers/org/createOrg.ts
@@ -3,13 +3,16 @@ import { z } from "zod";
 import { db } from "@server/db";
 import { eq } from "drizzle-orm";
 import {
+    apiKeyOrg,
+    apiKeys,
    domains,
    Org,
    orgDomains,
    orgs,
    roleActions,
    roles,
-    userOrgs
+    userOrgs,
+    users
 } from "@server/db/schemas";
 import response from "@server/lib/response";
 import HttpCode from "@server/types/HttpCode";
@@ -57,7 +60,7 @@ export async function createOrg(
    try {
        // should this be in a middleware?
        if (config.getRawConfig().flags?.disable_user_create_org) {
-            if (!req.user?.serverAdmin) {
+            if (req.user && !req.user?.serverAdmin) {
                return next(
                    createHttpError(
                        HttpCode.FORBIDDEN,
@@ -171,12 +174,33 @@ export async function createOrg(
                }))
            );

-            await trx.insert(userOrgs).values({
-                userId: req.user!.userId,
-                orgId: newOrg[0].orgId,
-                roleId: roleId,
-                isOwner: true
-            });
+            if (req.user) {
+                await trx.insert(userOrgs).values({
+                    userId: req.user!.userId,
+                    orgId: newOrg[0].orgId,
+                    roleId: roleId,
+                    isOwner: true
+                });
+            } else {
+                // if org created by root api key, set the server admin as the owner
+                const [serverAdmin] = await trx
+                    .select()
+                    .from(users)
+                    .where(eq(users.serverAdmin, true));
+
+                if (!serverAdmin) {
+                    error = "Server admin not found";
+                    trx.rollback();
+                    return;
+                }
+
+                await trx.insert(userOrgs).values({
+                    userId: serverAdmin.userId,
+                    orgId: newOrg[0].orgId,
+                    roleId: roleId,
+                    isOwner: true
+                });
+            }

            const memberRole = await trx
                .insert(roles)
@@ -194,6 +218,18 @@ export async function createOrg(
                    orgId
                }))
            );
+
+            const rootApiKeys = await trx
+                .select()
+                .from(apiKeys)
+                .where(eq(apiKeys.isRoot, true));
+
+            for (const apiKey of rootApiKeys) {
+                await trx.insert(apiKeyOrg).values({
+                    apiKeyId: apiKey.apiKeyId,
+                    orgId: newOrg[0].orgId
+                });
+            }
        });

        if (!org) {