From 0c17ebd621e10aaa0c54338f19e45c920c1a1e0b Mon Sep 17 00:00:00 2001
From: Jeffrey Smith II <jeffreyssmith2nd@gmail.com>
Date: Mon, 13 Jun 2022 09:20:26 -0400
Subject: [PATCH] fix: users and orgs permissions should not be scoped under an
 org (#398)

---
 clients/auth/auth.go               |  3 +++
 clients/auth/auth_internal_test.go | 14 ++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/clients/auth/auth.go b/clients/auth/auth.go
index 3f8b9ca..4da821c 100644
--- a/clients/auth/auth.go
+++ b/clients/auth/auth.go
@@ -444,6 +444,9 @@ func (c Client) printAuth(opts printParams) error {
 }
 
 func makePermResource(permType string, id string, orgId string) api.PermissionResource {
+	if permType == "orgs" || permType == "users" {
+		orgId = ""
+	}
 	pr := api.PermissionResource{Type: permType}
 	if id != "" {
 		pr.Id = &id
diff --git a/clients/auth/auth_internal_test.go b/clients/auth/auth_internal_test.go
index 576ea60..c0bdd43 100644
--- a/clients/auth/auth_internal_test.go
+++ b/clients/auth/auth_internal_test.go
@@ -41,6 +41,20 @@ func Test_makePermResource(t *testing.T) {
 			inOrgId:  "45678",
 			expected: api.PermissionResource{Type: "qux", Id: api.PtrString("12345"), OrgID: api.PtrString("45678")},
 		},
+		{
+			name:     "users",
+			inType:   "users",
+			inId:     "12345",
+			inOrgId:  "45678",
+			expected: api.PermissionResource{Type: "users", Id: api.PtrString("12345"), OrgID: nil},
+		},
+		{
+			name:     "orgs",
+			inType:   "orgs",
+			inId:     "12345",
+			inOrgId:  "45678",
+			expected: api.PermissionResource{Type: "orgs", Id: api.PtrString("12345"), OrgID: nil},
+		},
 	}
 
 	for _, tc := range testCases {