feat: enhance organization management; add member registration and validation, update user registration flow, and improve enum handling

app/services/organization_service.py

@@ -24,6 +24,10 @@ class OrganizationForbiddenError(OrganizationServiceError):
     """Raised when a user does not have enough privileges."""
 
 
+class OrganizationMemberAlreadyExistsError(OrganizationServiceError):
+    """Raised when attempting to add a duplicate organization member."""
+
+
 @dataclass(slots=True, frozen=True)
 class OrganizationContext:
     """Resolved organization and membership information for a request."""
@@ -84,4 +88,29 @@ class OrganizationService:
         """Members can only mutate entities they own (contacts/deals/tasks)."""
 
         if context.role == OrganizationRole.MEMBER and owner_id != context.user_id:
-            raise OrganizationForbiddenError("Members can only modify their own records")
+            raise OrganizationForbiddenError("Members can only modify their own records")
+
+    async def add_member(
+        self,
+        *,
+        context: OrganizationContext,
+        user_id: int,
+        role: OrganizationRole,
+    ) -> OrganizationMember:
+        """Add a user to the current organization enforced by permissions."""
+
+        self.ensure_can_manage_settings(context)
+
+        existing = await self._repository.get_membership(context.organization_id, user_id)
+        if existing is not None:
+            raise OrganizationMemberAlreadyExistsError("User already belongs to this organization")
+
+        membership = OrganizationMember(
+            organization_id=context.organization_id,
+            user_id=user_id,
+            role=role,
+        )
+        self._repository.session.add(membership)
+        await self._repository.session.commit()
+        await self._repository.session.refresh(membership)
+        return membership