Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-06 20:40:08 -05:00
Code Issues Activity

refactor(core): create tenant organization for first admin (#5127)

Browse source
This commit is contained in:
Gao Sun 2023-12-20 13:07:06 +08:00 committed by GitHub
parent 3f8e42af81
commit bbc223b81c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
packages/core/src/routes/interaction/actions/submit-interaction.ts
View file

@ -10,6 +10,9 @@ import {
InteractionEvent, InteractionEvent,
adminConsoleApplicationId, adminConsoleApplicationId,
MfaFactor, MfaFactor,
getTenantOrganizationId,
getTenantRole,
TenantRole,
} from '@logto/schemas'; } from '@logto/schemas';
import { generateStandardId } from '@logto/shared'; import { generateStandardId } from '@logto/shared';
import { conditional, conditionalArray, trySafe } from '@silverhand/essentials'; import { conditional, conditionalArray, trySafe } from '@silverhand/essentials';
@ -129,12 +132,24 @@ async function handleSubmitRegister(
getInitialUserRoles(isInAdminTenant, isCreatingFirstAdminUser, isCloud) getInitialUserRoles(isInAdminTenant, isCreatingFirstAdminUser, isCloud)
); );
if (isCreatingFirstAdminUser) {
// In OSS, we need to limit sign-in experience to "sign-in only" once // In OSS, we need to limit sign-in experience to "sign-in only" once
// the first admin has been create since we don't want other unexpected registrations // the first admin has been create since we don't want other unexpected registrations
if (isCreatingFirstAdminUser) {
await updateDefaultSignInExperience({ await updateDefaultSignInExperience({
signInMode: isCloud ? SignInMode.SignInAndRegister : SignInMode.SignIn, signInMode: isCloud ? SignInMode.SignInAndRegister : SignInMode.SignIn,
}); });
// Create tenant organization and assign the admin user to it.
// This is only for Cloud integration tests and data alignment, OSS still uses the legacy Management API user role.
const organizationId = getTenantOrganizationId(defaultTenantId);
// @ts-expect-error this notation should be no more needed after we upgrade TypeScript
await queries.organizations.relations.users.insert([organizationId, id]);
// @ts-expect-error this notation should be no more needed after we upgrade TypeScript
await queries.organizations.relations.rolesUsers.insert([
organizationId,
getTenantRole(TenantRole.Owner).id,
id,
]);
} }
await assignInteractionResults(ctx, provider, { login: { accountId: id } }); await assignInteractionResults(ctx, provider, { login: { accountId: id } });