From 66296db971444717f87f455444dc9c3fe09c8844 Mon Sep 17 00:00:00 2001
From: Iraq <66622793+kkrime@users.noreply.github.com>
Date: Thu, 13 Feb 2025 09:17:05 +0000
Subject: [PATCH] fix: custom userID not being added when specified in
 zitadel.org.v2.AddOrganizationRequest.AddOrganization() request (#9334)

# Which Problems Are Solved

When specifying a `user_id` as a human admin in
`zitadel.org.v2.AddOrganizationRequest.AddOrganization()` the `user_id`
specified in the request should have been used, before it was being
ignored, this has been fixed with this PR

# Additional Context
- Closes https://github.com/zitadel/zitadel/issues/9308

---------

Co-authored-by: Iraq Jaber <IraqJaber@gmail.com>
---
 .../grpc/org/v2/integration_test/org_test.go   |  8 +++++---
 internal/api/grpc/org/v2/org.go                |  1 +
 internal/command/org.go                        | 18 +++++++++++++-----
 3 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/internal/api/grpc/org/v2/integration_test/org_test.go b/internal/api/grpc/org/v2/integration_test/org_test.go
index 2bca4b9349..aa8a718e68 100644
--- a/internal/api/grpc/org/v2/integration_test/org_test.go
+++ b/internal/api/grpc/org/v2/integration_test/org_test.go
@@ -43,6 +43,7 @@ func TestMain(m *testing.M) {
 
 func TestServer_AddOrganization(t *testing.T) {
 	idpResp := Instance.AddGenericOAuthProvider(CTX, Instance.DefaultOrg.Id)
+	userId := "userID"
 
 	tests := []struct {
 		name    string
@@ -81,7 +82,7 @@ func TestServer_AddOrganization(t *testing.T) {
 			wantErr: true,
 		},
 		{
-			name: "admin with init",
+			name: "admin with init with userID passed for Human admin",
 			ctx:  CTX,
 			req: &org.AddOrganizationRequest{
 				Name: gofakeit.AppName(),
@@ -89,6 +90,7 @@ func TestServer_AddOrganization(t *testing.T) {
 					{
 						UserType: &org.AddOrganizationRequest_Admin_Human{
 							Human: &user.AddHumanUserRequest{
+								UserId: &userId,
 								Profile: &user.SetHumanProfile{
 									GivenName:  "firstname",
 									FamilyName: "lastname",
@@ -108,7 +110,7 @@ func TestServer_AddOrganization(t *testing.T) {
 				OrganizationId: integration.NotEmpty,
 				CreatedAdmins: []*org.AddOrganizationResponse_CreatedAdmin{
 					{
-						UserId:    integration.NotEmpty,
+						UserId:    userId,
 						EmailCode: gu.Ptr(integration.NotEmpty),
 						PhoneCode: nil,
 					},
@@ -140,7 +142,7 @@ func TestServer_AddOrganization(t *testing.T) {
 								IdpLinks: []*user.IDPLink{
 									{
 										IdpId:    idpResp.Id,
-										UserId:   "userID",
+										UserId:   userId,
 										UserName: "username",
 									},
 								},
diff --git a/internal/api/grpc/org/v2/org.go b/internal/api/grpc/org/v2/org.go
index be830bc7b5..5f21f7403e 100644
--- a/internal/api/grpc/org/v2/org.go
+++ b/internal/api/grpc/org/v2/org.go
@@ -57,6 +57,7 @@ func addOrganizationRequestAdminToCommand(admin *org.AddOrganizationRequest_Admi
 		if err != nil {
 			return nil, err
 		}
+
 		return &command.OrgSetupAdmin{
 			Human: human,
 			Roles: admin.GetRoles(),
diff --git a/internal/command/org.go b/internal/command/org.go
index 261a571cb2..a018a90c82 100644
--- a/internal/command/org.go
+++ b/internal/command/org.go
@@ -96,16 +96,24 @@ func (c *orgSetupCommands) setupOrgAdmin(admin *OrgSetupAdmin, allowInitialMail
 		c.validations = append(c.validations, c.commands.AddOrgMemberCommand(c.aggregate, admin.ID, orgAdminRoles(admin.Roles)...))
 		return nil
 	}
-	userID, err := c.commands.idGenerator.Next()
-	if err != nil {
-		return err
+
+	var userID string
+	if admin.Human != nil && admin.Human.ID != "" {
+		userID = admin.Human.ID
+	} else {
+		var err error
+		userID, err = c.commands.idGenerator.Next()
+		if err != nil {
+			return err
+		}
 	}
+
 	if admin.Human != nil {
 		admin.Human.ID = userID
 		c.validations = append(c.validations, c.commands.AddHumanCommand(admin.Human, c.aggregate.ID, c.commands.userPasswordHasher, c.commands.userEncryption, allowInitialMail))
 	} else if admin.Machine != nil {
 		admin.Machine.Machine.AggregateID = userID
-		if err = c.setupOrgAdminMachine(c.aggregate, admin.Machine); err != nil {
+		if err := c.setupOrgAdminMachine(c.aggregate, admin.Machine); err != nil {
 			return err
 		}
 	}
@@ -179,7 +187,7 @@ func (c *orgSetupCommands) push(ctx context.Context) (_ *CreatedOrg, err error)
 func (c *orgSetupCommands) createdAdmins() []*CreatedOrgAdmin {
 	users := make([]*CreatedOrgAdmin, 0, len(c.admins))
 	for _, admin := range c.admins {
-		if admin.ID != "" {
+		if admin.ID != "" && admin.Human == nil {
 			continue
 		}
 		if admin.Human != nil {