feat: add page for creating org

[Mohmn]

Description

[Add a description of the changes]

Issue(s) addressed

• Resolves #issue_number

What kind of change(s) does this PR introduce?

• Enhancement
• Bug fix
• Refactor

Please check if the PR fulfils these requirements

• The commit message follows our guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

Issue

What is the current behavior?

What is the new behavior?

Breaking change

Does this PR introduce a breaking change?

Other useful information

[Mohmn]

@dadiorchen i have got theses questions
Q). What exact permissions/roles should allow a user to create/apply for an organization?

Q). since are moving now to Keycloak-based authorization, what is the expected source of truth for permissions:

• Keycloak token claims
• admin API user/policy data
• or both?

Q). After organization creation succeeds, what exactly should happen?

• create only the organization row
• im not sure about the verify flow , what exactly do u mean by this
  And I should see the verify menu item on the menu bar on the top left

Q) How should duplicate organizations be prevented?

• by organization name
• by email

[dadiorchen]

Q). What exact permissions/roles should allow a user to create/apply for an organization?
applying org is open to any role any user

Q). since are moving now to Keycloak-based authorization, what is the expected source of truth for permissions:
Okay the role from the keycloak token

Q). After organization creation succeeds, what exactly should happen?

• create only the organization row

Yes, after applying a org, a record should be created for this org (in entity table? I'm not sure, org like FCC they have record in the database, but we manually create them, now by appliying org, they are created at this moment.

• im not sure about the verify flow , what exactly do u mean by this
  And I should see the verify menu item on the menu bar on the top left

We don't dive into too much of this verify flow, on the client, if user has the role organization, it should allow the verify menu showing up on the left menu.

Q) How should duplicate organizations be prevented?

• by organization name
• by email

Let's consider this in the future.

[dadiorchen]

There isn’t new verify page, just the one in the menu existing already.

Let’s be simple, no apply needed, just a link on the home page once user login: apply to become an Greenstand associated Organzation

[dadiorchen]

Click the link to jump to apply page

[Mohmn]

sure

[dadiorchen]

Greenstand also use joi, for schema verification, but up to you to deceide which one to use

[Mohmn]

i m more familiar with zod that is why i used it

[Mohmn]

@dadiorchen I kept this PR focused and didn’t add Keycloak-based roles/policies yet.
To do that properly, we would need to integrate Keycloak authorization into the admin API, which would make this a much bigger change.
So for now I skipped that part and kept the current changes minimal. I’ll revisit it when we work on the admin API Keycloak integration.

[dadiorchen]

@Mohmn it is right to keep PR focused and small, but my major goal for this feature is to implement the role and permission, so let's implement them! Let's discuss if there is difficulty to do this. The goal:

• API integrate keycloak
• Create org role when user apply an org ( we simplied the workflow, in the future, the approval is required for application, and tail license for org, and payment)
• The client menu is controlled by role, originally, we can not see all the features: verify, species, contract, you need to hide them all.
• When the org is created (with the role creation by API -> keycloak request), the client should display the verify menu item because of org role is in the token.

[Mohmn]

@Mohmn it is right to keep PR focused and small, but my major goal for this feature is to implement the role and permission, so let's implement them! Let's discuss if there is difficulty to do this. The goal:

• API integrate keycloak
• Create org role when user apply an org ( we simplied the workflow, in the future, the approval is required for application, and tail license for org, and payment)
• The client menu is controlled by role, originally, we can not see all the features: verify, species, contract, you need to hide them all.
• When the org is created (with the role creation by API -> keycloak request), the client should display the verify menu item because of org role is in the token.

I’ll start working on the Keycloak API integration, i will research about the keycloak throughy. I’ll get back to you if I have questions.

[dadiorchen]

@Mohmn I have a question, before the user apply for org, why the menu already shows all the items, I suppose it just is hidden before the application

[Mohmn]

@Mohmn I have a question, before the user apply for org, why the menu already shows all the items, I suppose it just is hidden before the application

this is because i ran the bdd before using keycloak for authorization, do u want me to run it again and push the bdd tests again

[dadiorchen]

Yes, I will use the video to check the feature, so let's keep it up to date