fix: resolve tenant member removal and move aggregation bugs

- adminfront: Update removeMutation to correctly pass 'isRemoveTenant: true' and the specific tenant slug instead of empty string - backend: Fix 'Move' operation (Normal Update) in UpdateUser to correctly remove the old primary company code from the 'companyCodes' array and sync the deletion to Keto, ensuring accurate member count aggregation
2026-05-07 15:43:08 +09:00
parent 9e45313b5d
commit f6cf261fd5
2 changed files with 49 additions and 21 deletions
--- a/backend/internal/handler/user_handler.go
+++ b/backend/internal/handler/user_handler.go
@@ -1588,27 +1588,54 @@ func (h *UserHandler) UpdateUser(c *fiber.Ctx) error {
 				}
 			}
 		} else {
-			// Normal update: replace primary company code and ensure it's in existingCodes
-			traits["companyCode"] = code
-			// Resolve TenantID for Kratos Trait
-			if h.TenantService != nil && code != "" {
-				if tenant, err := h.TenantService.GetTenantBySlug(c.Context(), code); err == nil && tenant != nil {
-					traits["tenant_id"] = tenant.ID
-				}
-			}
+		        // Normal update (Move): replace primary company code and remove the old one from existingCodes
+		        currentPrimary := extractTraitString(traits, "companyCode")
+		        if currentPrimary != "" && currentPrimary != code {
+		                // Remove old primary from existingCodes
+		                var newCodes []string
+		                for _, existing := range existingCodes {
+		                        if existing != currentPrimary {
+		                                newCodes = append(newCodes, existing)
+		                        }
+		                }
+		                existingCodes = newCodes

-			found := false
-			for _, existing := range existingCodes {
-				if existing == code {
-					found = true
-					break
-				}
-			}
-			if !found && code != "" {
-				existingCodes = append(existingCodes, code)
-			}
-		}
-	}
+		                // [Keto Sync] Remove membership for the old tenant
+		                if h.TenantService != nil && h.KetoOutboxRepo != nil {
+		                        go func(removedSlug string) {
+		                                bgCtx := context.Background()
+		                                if t, err := h.TenantService.GetTenantBySlug(bgCtx, removedSlug); err == nil && t != nil {
+		                                        _ = h.KetoOutboxRepo.Create(bgCtx, &domain.KetoOutbox{
+		                                                Namespace: "Tenant",
+		                                                Object:    t.ID,
+		                                                Relation:  "members",
+		                                                Subject:   "User:" + userID,
+		                                                Action:    domain.KetoOutboxActionDelete,
+		                                        })
+		                                }
+		                        }(currentPrimary)
+		                }
+		        }
+
+		        traits["companyCode"] = code
+		        // Resolve TenantID for Kratos Trait
+		        if h.TenantService != nil && code != "" {
+		                if tenant, err := h.TenantService.GetTenantBySlug(c.Context(), code); err == nil && tenant != nil {
+		                        traits["tenant_id"] = tenant.ID
+		                }
+		        }
+
+		        found := false
+		        for _, existing := range existingCodes {
+		                if existing == code {
+		                        found = true
+		                        break
+		                }
+		        }
+		        if !found && code != "" {
+		                existingCodes = append(existingCodes, code)
+		        }
+		}	}

 	// Deduplicate and save back companyCodes
 	var codesToSave []string