fix permissions when adding members to orgs (#1154)

backend/LexBoxApi/GraphQL/LexQueries.cs

@@ -152,6 +152,15 @@ public IQueryable<User> UsersInMyOrg(LexBoxDbContext context, LoggedInContext lo
     [UseProjection]
     [GraphQLType<OrgByIdGqlConfiguration>]
     public async Task<Organization?> OrgById(LexBoxDbContext dbContext, Guid orgId, IPermissionService permissionService, IResolverContext context)
+    {
+        return await QueryOrgById(dbContext, orgId, permissionService, context);
+    }
+
+    [GraphQLIgnore]
+    internal static async Task<Organization?> QueryOrgById(LexBoxDbContext dbContext,
+        Guid orgId,
+        IPermissionService permissionService,
+        IResolverContext context)
     {
         var org = await dbContext.Orgs.Where(o => o.Id == orgId).AsNoTracking().Project(context).SingleOrDefaultAsync();
         if (org is null) return org;

backend/LexBoxApi/GraphQL/OrgMutations.cs

@@ -1,5 +1,7 @@
-using LexBoxApi.Auth;
+using HotChocolate.Resolvers;
+using LexBoxApi.Auth;
 using LexBoxApi.Auth.Attributes;
+using LexBoxApi.GraphQL.CustomTypes;
 using LexBoxApi.Models.Org;
 using LexBoxApi.Services;
 using LexBoxApi.Services.Email;
@@ -92,17 +94,18 @@ public async Task<IQueryable<Organization>> AddProjectToOrg(
     [Error<DbError>]
     [Error<NotFoundException>]
     [UseMutationConvention]
-    [UseFirstOrDefault]
     [UseProjection]
-    public async Task<IQueryable<Organization>> AddProjectsToOrg(
+    [GraphQLType<OrgByIdGqlConfiguration>]
+    public async Task<Organization?> AddProjectsToOrg(
         LexBoxDbContext dbContext,
         IPermissionService permissionService,
         [Service] ProjectService projectService,
+        IResolverContext resolverContext,
         Guid orgId,
         Guid[] projectIds)
     {
         // Bail out immediately, not even checking permissions, if no projects added at all
-        if (projectIds == null || projectIds.Length == 0) return dbContext.Orgs.Where(o => o.Id == orgId);
+        if (projectIds == null || projectIds.Length == 0) return await LexQueries.QueryOrgById(dbContext, orgId, permissionService, resolverContext);
 
         var org = await dbContext.Orgs.Include(o => o.Members).Include(o => o.Projects).SingleOrDefaultAsync(o => o.Id == orgId);
         NotFoundException.ThrowIfNull(org);
@@ -124,7 +127,7 @@ public async Task<IQueryable<Organization>> AddProjectsToOrg(
             projectService.InvalidateProjectOrgIdsCache(projectId);
         }
         await dbContext.SaveChangesAsync();
-        return dbContext.Orgs.Where(o => o.Id == orgId);
+        return await LexQueries.QueryOrgById(dbContext, orgId, permissionService, resolverContext);
     }
 
     [Error<DbError>]

frontend/schema.graphql

@@ -18,7 +18,7 @@ type AddProjectToOrgPayload {
 }
 
 type AddProjectsToOrgPayload {
-  organization: Organization
+  orgById: OrgById
   errors: [AddProjectsToOrgError!]
 }
 

frontend/src/routes/(authenticated)/org/[org_id]/+page.ts

@@ -140,7 +140,7 @@ export async function _addOrgMember(orgId: UUID, emailOrUsername: string, role:
             }
           }
           addProjectsToOrg(input: $projectsInput) {
-            organization {
+            orgById {
               id
               projects {
                 id
@@ -321,7 +321,7 @@ export async function _addProjectsToOrg(orgId: UUID, projectIds: string[]): $OpR
       graphql(`
         mutation AddProjectsToOrg($input: AddProjectsToOrgInput!) {
           addProjectsToOrg(input: $input) {
-            organization {
+            orgById {
               id
               projects {
                 id