From 0da1ffea7fbb9032cdef3d6f1e235e6f76c77245 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Mon, 27 Apr 2026 14:48:00 +0200
Subject: [PATCH] fix: guard against null orgId in createAndInviteUser and
 createUserWithPassword
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Vendor admins use global roles, not org roles — passing null orgId
would previously cause addUserToOrganization to call
/api/organizations/null/users and fail.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../saas/identity/LogtoManagementClient.java   | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/src/main/java/net/siegeln/cameleer/saas/identity/LogtoManagementClient.java b/src/main/java/net/siegeln/cameleer/saas/identity/LogtoManagementClient.java
index 50386eb..0f0ba49 100644
--- a/src/main/java/net/siegeln/cameleer/saas/identity/LogtoManagementClient.java
+++ b/src/main/java/net/siegeln/cameleer/saas/identity/LogtoManagementClient.java
@@ -222,9 +222,11 @@ public class LogtoManagementClient {
                 .retrieve()
                 .body(Map.class);
             String userId = String.valueOf(userResp.get("id"));
-            addUserToOrganization(orgId, userId);
-            if (roleId != null) {
-                assignOrganizationRole(orgId, userId, roleId);
+            if (orgId != null) {
+                addUserToOrganization(orgId, userId);
+                if (roleId != null) {
+                    assignOrganizationRole(orgId, userId, roleId);
+                }
             }
             return userId;
         } catch (Exception e) {
@@ -233,7 +235,7 @@ public class LogtoManagementClient {
         }
     }
 
-    /** Create a user with username/password and add to org with role. */
+    /** Create a user with username/password and optionally add to org with role. */
     @SuppressWarnings("unchecked")
     public String createUserWithPassword(String username, String password, String orgId, String roleId) {
         if (!isAvailable()) return null;
@@ -246,9 +248,11 @@ public class LogtoManagementClient {
                 .retrieve()
                 .body(Map.class);
             String userId = String.valueOf(userResp.get("id"));
-            addUserToOrganization(orgId, userId);
-            if (roleId != null) {
-                assignOrganizationRole(orgId, userId, roleId);
+            if (orgId != null) {
+                addUserToOrganization(orgId, userId);
+                if (roleId != null) {
+                    assignOrganizationRole(orgId, userId, roleId);
+                }
             }
             log.info("Created user '{}' and added to org {} with role {}", username, orgId, roleId);
             return userId;