check that SingleOrg policy is enabled before saying users cant create new orgs (#1110)

* check that SingleOrg policy is enabled before saying users cant create new orgs * fixed org user kick check for SingleOrg * code review cleanup
2025-06-30 15:42:48 -05:00 · 2021-01-25 11:19:33 -05:00
parent bc4eeff604
commit 445ce33c47
2 changed files with 6 additions and 4 deletions
--- a/src/Core/Services/Implementations/PolicyService.cs
+++ b/src/Core/Services/Implementations/PolicyService.cs
@ -107,11 +107,13 @@ namespace Bit.Core.Services
                        case Enums.PolicyType.SingleOrg:
                            var userOrgs = await _organizationUserRepository.GetManyByManyUsersAsync(
                                    removableOrgUsers.Select(ou => ou.UserId.Value));
+                            organization = organization ?? await _organizationRepository.GetByIdAsync(policy.OrganizationId);
                            foreach (var orgUser in removableOrgUsers)
                            {
-                                if (userOrgs.Any(ou => ou.UserId == orgUser.UserId && ou.Status != OrganizationUserStatusType.Invited))
+                                if (userOrgs.Any(ou => ou.UserId == orgUser.UserId 
+                                            && ou.OrganizationId != organization.Id 
+                                            && ou.Status != OrganizationUserStatusType.Invited))
                                {
-                                    organization = organization ?? await _organizationRepository.GetByIdAsync(policy.OrganizationId);
                                    await organizationService.DeleteUserAsync(policy.OrganizationId, orgUser.Id,
                                        savingUserId);
                                    await _mailService.SendOrganizationUserRemovedForPolicySingleOrgEmailAsync(