From d4408634a679af80be3f633321270a79580cf37a Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Sun, 5 Apr 2026 12:38:39 +0200
Subject: [PATCH] =?UTF-8?q?feat:=20rewrite=20MeController=20=E2=80=94=20re?=
 =?UTF-8?q?ad=20from=20JWT=20claims,=20Management=20API=20only=20for=20col?=
 =?UTF-8?q?d=20start?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .../cameleer/saas/config/MeController.java    | 35 +++++++++++++------
 1 file changed, 25 insertions(+), 10 deletions(-)

diff --git a/src/main/java/net/siegeln/cameleer/saas/config/MeController.java b/src/main/java/net/siegeln/cameleer/saas/config/MeController.java
index de6ab4a..1ed4276 100644
--- a/src/main/java/net/siegeln/cameleer/saas/config/MeController.java
+++ b/src/main/java/net/siegeln/cameleer/saas/config/MeController.java
@@ -15,12 +15,12 @@ import java.util.Map;
 @RestController
 public class MeController {
 
-    private final LogtoManagementClient logtoClient;
     private final TenantService tenantService;
+    private final LogtoManagementClient logtoClient;
 
-    public MeController(LogtoManagementClient logtoClient, TenantService tenantService) {
-        this.logtoClient = logtoClient;
+    public MeController(TenantService tenantService, LogtoManagementClient logtoClient) {
         this.tenantService = tenantService;
+        this.logtoClient = logtoClient;
     }
 
     @GetMapping("/api/me")
@@ -32,19 +32,35 @@ public class MeController {
         Jwt jwt = jwtAuth.getToken();
         String userId = jwt.getSubject();
 
-        List<String> globalRoles = logtoClient.getUserRoles(userId);
-        boolean isPlatformAdmin = globalRoles.contains("platform-admin");
+        String orgId = jwt.getClaimAsString("organization_id");
+
+        List<String> globalRoles = jwt.getClaimAsStringList("roles");
+        boolean isPlatformAdmin = globalRoles != null && globalRoles.contains("platform-admin");
+
+        if (orgId != null) {
+            var tenant = tenantService.getByLogtoOrgId(orgId).orElse(null);
+            List<Map<String, Object>> tenants = tenant != null
+                    ? List.of(Map.<String, Object>of(
+                            "id", tenant.getId().toString(),
+                            "name", tenant.getName(),
+                            "slug", tenant.getSlug(),
+                            "logtoOrgId", tenant.getLogtoOrgId()))
+                    : List.of();
+
+            return ResponseEntity.ok(Map.of(
+                    "userId", userId,
+                    "isPlatformAdmin", isPlatformAdmin,
+                    "tenants", tenants));
+        }
 
         List<Map<String, String>> logtoOrgs = logtoClient.getUserOrganizations(userId);
-
         List<Map<String, Object>> tenants = logtoOrgs.stream()
                 .map(org -> tenantService.getByLogtoOrgId(org.get("id"))
                         .map(t -> Map.<String, Object>of(
                                 "id", t.getId().toString(),
                                 "name", t.getName(),
                                 "slug", t.getSlug(),
-                                "logtoOrgId", t.getLogtoOrgId()
-                        ))
+                                "logtoOrgId", t.getLogtoOrgId()))
                         .orElse(null))
                 .filter(t -> t != null)
                 .toList();
@@ -52,7 +68,6 @@ public class MeController {
         return ResponseEntity.ok(Map.of(
                 "userId", userId,
                 "isPlatformAdmin", isPlatformAdmin,
-                "tenants", tenants
-        ));
+                "tenants", tenants));
     }
 }