From cd79355e692724ddcc25cf339c9024cdbafd85ea Mon Sep 17 00:00:00 2001 From: Stephan D Date: Mon, 24 Nov 2025 15:18:31 +0100 Subject: [PATCH] fixed org ref setting --- .../internal/server/accountapiimp/signup.go | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/api/server/internal/server/accountapiimp/signup.go b/api/server/internal/server/accountapiimp/signup.go index 04af6fc..f1e3ff3 100644 --- a/api/server/internal/server/accountapiimp/signup.go +++ b/api/server/internal/server/accountapiimp/signup.go @@ -11,6 +11,7 @@ import ( "github.com/google/uuid" "github.com/tech/sendico/pkg/api/http/response" + "github.com/tech/sendico/pkg/db/storable" "github.com/tech/sendico/pkg/merrors" "github.com/tech/sendico/pkg/model" "github.com/tech/sendico/pkg/mservice" @@ -31,10 +32,19 @@ func (a *AccountAPI) createOrg(ctx context.Context, sr *srequest.Signup, permiss return nil, merrors.DataConflict(fmt.Sprintf("invalid time zone '%s' provided, error %s", sr.OrganizationTimeZone, err.Error())) } + // explicitly set org ref for permission related checks as unprotected template implementation + // is not aware of permisssions and won't set org + orgRef := primitive.NewObjectID() org := &model.Organization{ OrganizationBase: model.OrganizationBase{ PermissionBound: model.PermissionBound{ + Base: storable.Base{ + ID: orgRef, + }, PermissionRef: permissionRef, + OrganizationBoundBase: model.OrganizationBoundBase{ + OrganizationRef: orgRef, + }, }, Describable: model.Describable{ Name: name, @@ -48,11 +58,6 @@ func (a *AccountAPI) createOrg(ctx context.Context, sr *srequest.Signup, permiss a.logger.Warn("Failed to create organization", zap.Error(err)) return nil, err } - org.OrganizationRef = org.ID - if err := a.odb.Unprotected().Update(ctx, org); err != nil { - a.logger.Warn("Failed to update organization reference", zap.Error(err)) - return nil, err - } return org, nil }