From 9e68c74bfece0b534bce6beb1f6758fd29820a82 Mon Sep 17 00:00:00 2001
From: Ilya Kreymer <ikreymer@gmail.com>
Date: Tue, 23 Apr 2024 22:32:25 +0200
Subject: [PATCH 1/2] allow configuring which org new users are added to if
 'registration_enabled' is enabled by setting 'registration_org_id' to the id
 of an alternative org fixes #1729

---
 backend/btrixcloud/orgs.py     |  3 +++
 backend/btrixcloud/users.py    | 16 +++++++++++-----
 chart/templates/configmap.yaml |  2 ++
 chart/values.yaml              |  4 ++++
 4 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/backend/btrixcloud/orgs.py b/backend/btrixcloud/orgs.py
index 804d60aa92..0740b3725f 100644
--- a/backend/btrixcloud/orgs.py
+++ b/backend/btrixcloud/orgs.py
@@ -169,6 +169,9 @@ async def get_org_for_user_by_id(
     async def get_org_by_id(self, oid: UUID):
         """Get an org by id"""
         res = await self.orgs.find_one({"_id": oid})
+        if not res:
+            raise HTTPException(status_code=400, detail="invalid_org_id")
+
         return Organization.from_dict(res)
 
     async def get_default_org(self):
diff --git a/backend/btrixcloud/users.py b/backend/btrixcloud/users.py
index f542a1729e..1536233313 100644
--- a/backend/btrixcloud/users.py
+++ b/backend/btrixcloud/users.py
@@ -86,6 +86,7 @@ def __init__(self, mdb, email, invites):
         self.email_collation = Collation("en", strength=2)
 
         self.registration_enabled = is_bool(os.environ.get("REGISTRATION_ENABLED"))
+        self.register_to_org_id = os.environ.get("REGISTER_TO_ORG_ID")
 
     # pylint: disable=attribute-defined-outside-init
     def set_ops(self, org_ops, crawl_config_ops, base_crawl_ops):
@@ -362,7 +363,7 @@ async def _create(
         except DuplicateKeyError:
             raise HTTPException(status_code=400, detail="user_already_exists")
 
-        add_to_default_org = False
+        add_to_org = False
 
         if create.inviteToken:
             new_user_invite = None
@@ -377,7 +378,7 @@ async def _create(
                 add_to_default_org = True
 
         else:
-            add_to_default_org = True
+            add_to_org = True
             if not is_verified:
                 asyncio.create_task(self.request_verify(user, request))
 
@@ -385,8 +386,13 @@ async def _create(
         auto_add_org: Optional[Organization] = None
 
         # if add to default, then get default org
-        if add_to_default_org:
-            auto_add_org = await self.org_ops.get_default_org()
+        if add_to_org:
+            if self.register_to_org_id:
+                auto_add_org = await self.org_ops.get_org_by_id(
+                    UUID(self.register_to_org_id)
+                )
+            else:
+                auto_add_org = await self.org_ops.get_default_org()
 
         # if creating new org, create here
         elif create.newOrg is True:
@@ -401,7 +407,7 @@ async def _create(
 
         # if org set, add user to org
         if auto_add_org:
-            await self.org_ops.add_user_to_org(auto_add_org, user.id)
+            await self.org_ops.add_user_to_org(auto_add_org, user.id, UserRole.CRAWLER)
 
         return user
 
diff --git a/chart/templates/configmap.yaml b/chart/templates/configmap.yaml
index d41f239149..ea0b067e89 100644
--- a/chart/templates/configmap.yaml
+++ b/chart/templates/configmap.yaml
@@ -22,6 +22,8 @@ data:
 
   REGISTRATION_ENABLED: "{{ .Values.registration_enabled | default 0 }}"
 
+  REGISTER_TO_ORG_ID: "{{ .Values.registration_org_id }}"
+
   ALLOW_DUPE_INVITES: "{{ .Values.allow_dupe_invites | default 0 }}"
 
   JWT_TOKEN_LIFETIME_MINUTES: "{{ .Values.jwt_token_lifetime_minutes | default 60 }}"
diff --git a/chart/values.yaml b/chart/values.yaml
index d084c1de67..e329d236a8 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -61,6 +61,10 @@ volume_storage_class:
 # crawler_node_type:
 
 registration_enabled: "0"
+
+# if set, along with 'registration_enabled', will add registrated users to this org
+# registration_org_id: ""
+
 jwt_token_lifetime_minutes: 1440
 
 # if set to "1", allow inviting same user to same org multiple times

From a7cb94fd5b5b1693219516af93e441bc04874869 Mon Sep 17 00:00:00 2001
From: Tessa Walsh <tessa@bitarchivist.net>
Date: Tue, 23 Apr 2024 23:02:02 +0200
Subject: [PATCH 2/2] Fix linting and rename variable

---
 backend/btrixcloud/users.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/backend/btrixcloud/users.py b/backend/btrixcloud/users.py
index 1536233313..fa024ef53e 100644
--- a/backend/btrixcloud/users.py
+++ b/backend/btrixcloud/users.py
@@ -336,6 +336,7 @@ async def _create(
         self, create: UserCreateIn, request: Optional[Request] = None
     ) -> User:
         """create new user in db"""
+        # pylint: disable=too-many-branches
         await self.validate_password(create.password)
 
         hashed_password = get_password_hash(create.password)
@@ -375,7 +376,7 @@ async def _create(
                 print(exc)
 
             if new_user_invite and not new_user_invite.oid:
-                add_to_default_org = True
+                add_to_org = True
 
         else:
             add_to_org = True