feat: add functionality for invites + org renaming

comatory · comatory · commit a4d69ab15ca4 · 2026-04-09T11:05:45.000+02:00
diff --git a/controlplane/src/core/bufservices/onboarding/createOnboarding.ts b/controlplane/src/core/bufservices/onboarding/createOnboarding.ts
@@ -8,8 +8,13 @@ import {
 import { FederatedGraphRepository } from '../../repositories/FederatedGraphRepository.js';
 import { OnboardingRepository } from '../../repositories/OnboardingRepository.js';
 import { OrganizationRepository } from '../../repositories/OrganizationRepository.js';
+import { UserInviteService } from '../../services/UserInviteService.js';
+import { AuditLogRepository } from '../../repositories/AuditLogRepository.js';
 import type { RouterOptions } from '../../routes.js';
 import { enrichLogger, getLogger, handleError } from '../../util.js';
+import { UnauthorizedError } from '../../errors/errors.js';
+import { OrganizationGroupRepository } from '../../repositories/OrganizationGroupRepository.js';
+import { organizationNameSchema } from '../../constants.js';
 
 export function createOnboarding(
   opts: RouterOptions,
@@ -22,8 +27,9 @@ export function createOnboarding(
     const authContext = await opts.authenticator.authenticate(ctx.requestHeader);
     logger = enrichLogger(ctx, logger, authContext);
 
+    const organizationId = authContext.organizationId;
     const orgRepo = new OrganizationRepository(logger, opts.db, opts.billingDefaultPlanId);
-    const org = await orgRepo.byId(authContext.organizationId);
+    const org = await orgRepo.byId(organizationId);
 
     if (!org || org.creatorUserId !== authContext.userId) {
       return {
@@ -35,10 +41,69 @@ export function createOnboarding(
       };
     }
 
-    // TODO: handle invitation flow + organization renaming
+    const auditLogRepo = new AuditLogRepository(opts.db);
+    if (authContext.organizationDeactivated || !authContext.rbac.isOrganizationAdmin) {
+      throw new UnauthorizedError();
+    }
+
+    const validatedName = organizationNameSchema.safeParse(req.organizationName);
+    if (!validatedName.success) {
+      return {
+        response: {
+          code: EnumStatusCode.ERR_BAD_REQUEST,
+          details: validatedName.error.errors[0]?.message || 'Invalid organization name',
+        },
+        federatedGraphsCount: 0,
+      };
+    }
+
+    const onboardingRepo = new OnboardingRepository(opts.db, organizationId);
+    const fedGraphRepo = new FederatedGraphRepository(logger, opts.db, organizationId);
+    const organizationGroupRepo = new OrganizationGroupRepository(opts.db);
+    const orgGroup = await organizationGroupRepo.byName({
+      organizationId,
+      name: 'organization-developer',
+    });
 
-    const onboardingRepo = new OnboardingRepository(opts.db, authContext.organizationId);
-    const fedGraphRepo = new FederatedGraphRepository(logger, opts.db, authContext.organizationId);
+    const service = new UserInviteService({
+      db: opts.db,
+      logger,
+      keycloakRealm: opts.keycloakRealm,
+      keycloak: opts.keycloakClient,
+      mailer: opts.mailerClient,
+    });
+
+    async function createInvitationPromise({
+      email,
+      organizationId,
+      userId,
+      groupId,
+    }: {
+      email: string;
+      organizationId: string;
+      userId: string;
+      groupId: string;
+    }) {
+      await service.inviteUser({
+        organizationId,
+        inviterUserId: userId,
+        email,
+        groups: [groupId],
+      });
+
+      await auditLogRepo.addAuditLog({
+        organizationId,
+        organizationSlug: authContext.organizationSlug,
+        auditAction: 'organization_invitation.created',
+        action: 'created',
+        actorId: authContext.userId,
+        auditableDisplayName: email,
+        auditableType: 'user',
+        actorDisplayName: authContext.userDisplayName,
+        apiKeyName: authContext.apiKeyName,
+        actorType: authContext.auth === 'api_key' ? 'api_key' : 'user',
+      });
+    }
 
     const [onboarding, federatedGraphsCount] = await Promise.all([
       onboardingRepo.createOrUpdate({
@@ -47,6 +112,24 @@ export function createOnboarding(
         email: req.email,
       }),
       fedGraphRepo.count(),
+      ...(validatedName.data === org.name
+        ? []
+        : [
+            orgRepo.updateOrganizationName({
+              id: org.id,
+              name: validatedName.data,
+            }),
+          ]),
+      ...(req.invititationEmails.length > 0 && orgGroup
+        ? req.invititationEmails.map((email) =>
+            createInvitationPromise({
+              email,
+              organizationId,
+              userId: authContext.userId,
+              groupId: orgGroup!.groupId,
+            }),
+          )
+        : []),
     ]);
 
     return {
diff --git a/controlplane/src/core/constants.ts b/controlplane/src/core/constants.ts
@@ -43,14 +43,16 @@ export const organizationSlugSchema = z
   })
   .refine((value) => !['login', 'signup', 'create', 'account'].includes(value), 'This slug is a reserved keyword.');
 
+export const organizationNameSchema = z
+  .string()
+  .trim()
+  .min(3, {
+    message: 'Invalid name. It must be of 3-32 characters in length.',
+  })
+  .max(32, { message: 'Invalid name. It must be of 3-32 characters in length.' });
+
 export const organizationSchema = z.object({
-  name: z
-    .string()
-    .trim()
-    .min(3, {
-      message: 'Invalid name. It must be of 3-32 characters in length.',
-    })
-    .max(32, { message: 'Invalid name. It must be of 3-32 characters in length.' }),
+  name: organizationNameSchema,
   slug: organizationSlugSchema,
 });
 
diff --git a/controlplane/src/core/repositories/OrganizationRepository.ts b/controlplane/src/core/repositories/OrganizationRepository.ts
@@ -108,6 +108,16 @@ export class OrganizationRepository {
       .execute();
   }
 
+  public async updateOrganizationName(input: { id: string; name: string }) {
+    await this.db
+      .update(organizations)
+      .set({
+        name: input.name,
+      })
+      .where(eq(organizations.id, input.id))
+      .execute();
+  }
+
   public async bySlug(slug: string): Promise<Omit<OrganizationDTO, 'rbac'> | null> {
     const org = await this.db
       .select({
