feat(backend): develop patch /api/organizations/{orgid} api (#12470)

Co-authored-by: rohitvinodmalhotra@gmail.com <rohitvinodmalhotra@gmail.com> Co-authored-by: openhands <openhands@all-hands.dev> Co-authored-by: Chuck Butkus <chuck@all-hands.dev>
2026-03-22 05:37:20 +08:00 · 2026-01-23 01:29:35 +07:00
parent b685fd43dd
commit d5ee799670
5 changed files with 1192 additions and 1 deletions
--- a/enterprise/server/routes/org_models.py
+++ b/enterprise/server/routes/org_models.py
@@ -138,3 +138,34 @@ class OrgPage(BaseModel):

    items: list[OrgResponse]
    next_page_id: str | None = None
+
+
+class OrgUpdate(BaseModel):
+    """Request model for updating an organization."""
+
+    # Basic organization information (any authenticated user can update)
+    contact_name: str | None = None
+    contact_email: EmailStr | None = Field(default=None, strip_whitespace=True)
+    conversation_expiration: int | None = None
+    default_max_iterations: int | None = Field(default=None, gt=0)
+    remote_runtime_resource_factor: int | None = Field(default=None, gt=0)
+    billing_margin: float | None = Field(default=None, ge=0, le=1)
+    enable_proactive_conversation_starters: bool | None = None
+    sandbox_base_container_image: str | None = None
+    sandbox_runtime_container_image: str | None = None
+    mcp_config: dict | None = None
+    sandbox_api_key: str | None = None
+    max_budget_per_task: float | None = Field(default=None, gt=0)
+    enable_solvability_analysis: bool | None = None
+    v1_enabled: bool | None = None
+
+    # LLM settings (require admin/owner role)
+    default_llm_model: str | None = None
+    default_llm_api_key_for_byor: str | None = None
+    default_llm_base_url: str | None = None
+    search_api_key: str | None = None
+    security_analyzer: str | None = None
+    agent: str | None = None
+    confirmation_mode: bool | None = None
+    enable_default_condenser: bool | None = None
+    condenser_max_size: int | None = Field(default=None, ge=20)
--- a/enterprise/server/routes/orgs.py
+++ b/enterprise/server/routes/orgs.py
@@ -12,6 +12,7 @@ from server.routes.org_models import (
    OrgNotFoundError,
    OrgPage,
    OrgResponse,
+    OrgUpdate,
 )
 from storage.org_service import OrgService

@@ -320,3 +321,82 @@ async def delete_org(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail='An unexpected error occurred',
        )
+
+
+@org_router.patch('/{org_id}', response_model=OrgResponse)
+async def update_org(
+    org_id: UUID,
+    update_data: OrgUpdate,
+    user_id: str = Depends(get_user_id),
+) -> OrgResponse:
+    """Update an existing organization.
+
+    This endpoint allows authenticated users to update organization settings.
+    LLM-related settings require admin or owner role in the organization.
+
+    Args:
+        org_id: Organization ID to update (UUID validated by FastAPI)
+        update_data: Organization update data
+        user_id: Authenticated user ID (injected by dependency)
+
+    Returns:
+        OrgResponse: The updated organization details
+
+    Raises:
+        HTTPException: 400 if org_id is invalid UUID format (handled by FastAPI)
+        HTTPException: 403 if user lacks permission for LLM settings
+        HTTPException: 404 if organization not found
+        HTTPException: 422 if validation errors occur (handled by FastAPI)
+        HTTPException: 500 if update fails
+    """
+    logger.info(
+        'Updating organization',
+        extra={
+            'user_id': user_id,
+            'org_id': str(org_id),
+        },
+    )
+
+    try:
+        # Use service layer to update organization with permission checks
+        updated_org = await OrgService.update_org_with_permissions(
+            org_id=org_id,
+            update_data=update_data,
+            user_id=user_id,
+        )
+
+        # Retrieve credits from LiteLLM (following same pattern as create endpoint)
+        credits = await OrgService.get_org_credits(user_id, updated_org.id)
+
+        return OrgResponse.from_org(updated_org, credits=credits)
+
+    except ValueError as e:
+        # Organization not found
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=str(e),
+        )
+    except PermissionError as e:
+        # User lacks permission for LLM settings
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail=str(e),
+        )
+    except OrgDatabaseError as e:
+        logger.error(
+            'Database operation failed',
+            extra={'user_id': user_id, 'org_id': str(org_id), 'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='Failed to update organization',
+        )
+    except Exception as e:
+        logger.exception(
+            'Unexpected error updating organization',
+            extra={'user_id': user_id, 'org_id': str(org_id), 'error': str(e)},
+        )
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail='An unexpected error occurred',
+        )