From db46c9489648a96effe06e01e16f1e1979d95d8d Mon Sep 17 00:00:00 2001
From: swve <bdswve@gmail.com>
Date: Thu, 28 Nov 2024 22:09:17 +0100
Subject: [PATCH] fix: sign up with usergroups issue

---
 apps/api/src/services/users/usergroups.py |  9 ++++++---
 apps/api/src/services/users/users.py      | 15 +++++++++------
 2 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/apps/api/src/services/users/usergroups.py b/apps/api/src/services/users/usergroups.py
index acc68ba3..cfada64b 100644
--- a/apps/api/src/services/users/usergroups.py
+++ b/apps/api/src/services/users/usergroups.py
@@ -16,7 +16,7 @@ from src.db.usergroup_resources import UserGroupResource
 from src.db.usergroup_user import UserGroupUser
 from src.db.organizations import Organization
 from src.db.usergroups import UserGroup, UserGroupCreate, UserGroupRead, UserGroupUpdate
-from src.db.users import AnonymousUser, PublicUser, User, UserRead
+from src.db.users import AnonymousUser, InternalUser, PublicUser, User, UserRead
 
 
 async def create_usergroup(
@@ -275,7 +275,7 @@ async def delete_usergroup_by_id(
 async def add_users_to_usergroup(
     request: Request,
     db_session: Session,
-    current_user: PublicUser | AnonymousUser,
+    current_user: PublicUser | AnonymousUser | InternalUser,
     usergroup_id: int,
     user_ids: str,
 ) -> str:
@@ -486,10 +486,13 @@ async def remove_resources_from_usergroup(
 async def rbac_check(
     request: Request,
     usergroup_uuid: str,
-    current_user: PublicUser | AnonymousUser,
+    current_user: PublicUser | AnonymousUser | InternalUser,
     action: Literal["create", "read", "update", "delete"],
     db_session: Session,
 ):
+    if isinstance(current_user, InternalUser):
+        return True
+
     await authorization_verify_if_user_is_anon(current_user.id)
 
     await authorization_verify_based_on_roles_and_authorship(
diff --git a/apps/api/src/services/users/users.py b/apps/api/src/services/users/users.py
index 401f48ab..c23f6df7 100644
--- a/apps/api/src/services/users/users.py
+++ b/apps/api/src/services/users/users.py
@@ -21,6 +21,7 @@ from src.security.rbac.rbac import (
 from src.db.organizations import Organization, OrganizationRead
 from src.db.users import (
     AnonymousUser,
+    InternalUser,
     PublicUser,
     User,
     UserCreate,
@@ -147,19 +148,21 @@ async def create_user_with_invite(
     # Usage check
     check_limits_with_usage("members", org_id, db_session)
 
+    
+
+    user = await create_user(request, db_session, current_user, user_object, org_id)
+
     # Check if invite code contains UserGroup
-    if inviteCode.usergroup_id:
+    if inviteCode.get("usergroup_id"):
         # Add user to UserGroup
         await add_users_to_usergroup(
             request,
             db_session,
-            current_user,
-            inviteCode.usergroup_id,
-            user_object.username,
+            InternalUser(id=0),
+            int(inviteCode.get("usergroup_id")), # Convert to int since usergroup_id is expected to be int
+            str(user.id),
         )
 
-    user = await create_user(request, db_session, current_user, user_object, org_id)
-
     increase_feature_usage("members", org_id, db_session)
 
     return user