test fix

sle3pyy · sle3pyy · commit 46bc95f20672 · 2026-03-18T18:51:36.000Z
diff --git a/api/src/routers/realm/user_routes.py b/api/src/routers/realm/user_routes.py
@@ -4,7 +4,7 @@
 
 from src.core.security import Roles, Resource, Scope
 from src.core.dependencies import SessionDep, OAuth2Scheme
-from src.models import RealmUserCreate
+from src.models import OrgUserCreate, RealmUserCreate
 from src.services.platform_admin import get_platform_admin_service
 
 realm_service = get_platform_admin_service()
@@ -29,6 +29,30 @@ def create_user_in_realm(
     )
 
 
+@router.post(
+    "/realms/{realm}/users",
+    status_code=status.HTTP_201_CREATED,
+    dependencies=[Depends(Roles(Resource.ORG_MANAGER, Scope.MANAGE))],
+)
+def create_user_in_own_realm(
+    session: SessionDep,
+    realm: str,
+    user: OrgUserCreate,
+    token: OAuth2Scheme,
+):
+    """Create a new user inside the caller's Keycloak realm/tenant."""
+    realm_service.validate_realm_access(token, realm)
+    return realm_service.create_user_in_realm(
+        session,
+        realm=realm,
+        username=user.username,
+        name=user.name,
+        email=user.email,
+        role=user.role,
+        group_id=user.group_id,
+    )
+
+
 @router.get("/realms/{realm}/users", dependencies=[Depends(Roles(Resource.ORG_MANAGER, Scope.MANAGE))])
 def list_users_in_realm(session: SessionDep, realm: str, token: OAuth2Scheme):
     """List users inside the specified Keycloak realm/tenant."""
diff --git a/web/src/components/admin/tenant-org-manager/BulkImportModal.tsx b/web/src/components/admin/tenant-org-manager/BulkImportModal.tsx
@@ -76,14 +76,13 @@ export function BulkImportModal({
                 continue;
             }
             try {
-                const res = await fetch(`${API_BASE}/org-manager/${encodeURIComponent(realm)}/users`, {
+                const res = await fetch(`${API_BASE}/realms/${encodeURIComponent(realm)}/users`, {
                     method: "POST",
                     headers: {
                         Authorization: keycloak.token ? `Bearer ${keycloak.token}` : "",
                         "Content-Type": "application/json",
                     },
                     body: JSON.stringify({
-                        realm,
                         username: u.username,
                         name: u.name,
                         email: u.email,
diff --git a/web/src/components/admin/tenant-org-manager/NewUserModal.tsx b/web/src/components/admin/tenant-org-manager/NewUserModal.tsx
@@ -74,15 +74,14 @@ export function NewUserModal({ realm, groups, onClose, onUserCreated }: NewUserM
 
         try {
             const res = await fetch(
-                `${API_BASE}/org-manager/${encodeURIComponent(realm)}/users`,
+                `${API_BASE}/realms/${encodeURIComponent(realm)}/users`,
                 {
                     method: "POST",
                     headers: {
                         Authorization: keycloak.token ? `Bearer ${keycloak.token}` : "",
                         "Content-Type": "application/json",
                     },
                     body: JSON.stringify({
-                        realm,
                         username: newUserUsername || newUserEmail.split("@")[0],
                         name: newUserName,
                         email: newUserEmail,
