From cb18af110673927c616ef26d9ecc9f9cb72b0d8c Mon Sep 17 00:00:00 2001 From: Chaker Atallah <74781393+MrChaker@users.noreply.github.com> Date: Fri, 1 May 2026 23:12:09 +0100 Subject: [PATCH 1/2] fix: add invitation check (#13066) --- .../src/app/authentication/authentication.service.ts | 10 ++++++++++ .../app/user-invitations/user-invitation.module.ts | 11 +++++++---- packages/server/api/src/app/user/user-service.ts | 7 ------- 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/packages/server/api/src/app/authentication/authentication.service.ts b/packages/server/api/src/app/authentication/authentication.service.ts index 931f1f5b4d6..cdd8dac7545 100644 --- a/packages/server/api/src/app/authentication/authentication.service.ts +++ b/packages/server/api/src/app/authentication/authentication.service.ts @@ -137,6 +137,16 @@ export const authenticationService = (log: FastifyBaseLogger) => ({ imageUrl: params.imageUrl, }) } + const existingUser = await userService(log).getOneByIdentityAndPlatform({ + identityId: userIdentity.id, + platformId, + }) + if (isNil(existingUser)) { + await authenticationUtils(log).assertUserIsInvitedToPlatformOrProject({ + email: params.email, + platformId, + }) + } const user = await userService(log).getOrCreateWithProject({ identity: userIdentity, platformId, diff --git a/packages/server/api/src/app/user-invitations/user-invitation.module.ts b/packages/server/api/src/app/user-invitations/user-invitation.module.ts index b11034e9750..5ac8a16ef3a 100644 --- a/packages/server/api/src/app/user-invitations/user-invitation.module.ts +++ b/packages/server/api/src/app/user-invitations/user-invitation.module.ts @@ -148,17 +148,20 @@ async function shouldAutoAcceptInvitation(principal: Principal, request: SendUse if (principal.type === PrincipalType.SERVICE) { return true } - + if (request.type === InvitationType.PLATFORM) { return false } - + const identity = await userIdentityService(log).getIdentityByEmail(request.email) if (isNil(identity)) { return false } - - const user = await userService(log).getOneByIdentityIdOnly({ identityId: identity.id }) + + const user = await userService(log).getOneByIdentityAndPlatform({ + identityId: identity.id, + platformId: principal.platform.id, + }) return !isNil(user) } diff --git a/packages/server/api/src/app/user/user-service.ts b/packages/server/api/src/app/user/user-service.ts index b8f3b1f7e5c..96e96ac583c 100644 --- a/packages/server/api/src/app/user/user-service.ts +++ b/packages/server/api/src/app/user/user-service.ts @@ -131,9 +131,6 @@ export const userService = (log: FastifyBaseLogger) => ({ const usersWithMetaInformation = await Promise.all(data.map(this.getMetaInformation)) return paginationHelper.createPage(usersWithMetaInformation, cursor) }, - async getOneByIdentityIdOnly({ identityId }: GetOneByIdentityIdOnlyParams): Promise { - return userRepo().findOneBy({ identityId }) - }, async getByIdentityId({ identityId }: GetByIdentityId): Promise { return userRepo().find({ where: { identityId } }) }, @@ -309,10 +306,6 @@ type ListParams = { limit?: number } -type GetOneByIdentityIdOnlyParams = { - identityId: string -} - type GetByIdentityId = { identityId: string } From e909bef6e3ac19955a8d81732e7e2155930b5bf8 Mon Sep 17 00:00:00 2001 From: Chaker Atallah <74781393+MrChaker@users.noreply.github.com> Date: Fri, 1 May 2026 23:36:53 +0100 Subject: [PATCH 2/2] fix: build error (#13068) --- .../src/app/user-invitations/user-invitation.module.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/server/api/src/app/user-invitations/user-invitation.module.ts b/packages/server/api/src/app/user-invitations/user-invitation.module.ts index 5ac8a16ef3a..646fcf340eb 100644 --- a/packages/server/api/src/app/user-invitations/user-invitation.module.ts +++ b/packages/server/api/src/app/user-invitations/user-invitation.module.ts @@ -48,9 +48,9 @@ const invitationController: FastifyPluginAsyncZod = async (app) => { await platformMustBeOwnedByCurrentUser.call(app, request, reply) break } - const status = await shouldAutoAcceptInvitation(request.principal, request.body, request.log) ? InvitationStatus.ACCEPTED : InvitationStatus.PENDING - const projectRole = await getProjectRoleAndAssertIfFound(request.principal.platform.id, request.body) const platformId = request.principal.platform.id + const status = await shouldAutoAcceptInvitation(request.principal, request.body, platformId, request.log) ? InvitationStatus.ACCEPTED : InvitationStatus.PENDING + const projectRole = await getProjectRoleAndAssertIfFound(platformId, request.body) const invitation = await userInvitationsService(request.log).create({ email, @@ -144,7 +144,7 @@ async function getProjectIdAndAssertPermission( return requestQuery.projectId ?? null } -async function shouldAutoAcceptInvitation(principal: Principal, request: SendUserInvitationRequest, log: FastifyBaseLogger): Promise { +async function shouldAutoAcceptInvitation(principal: Principal, request: SendUserInvitationRequest, platformId: string, log: FastifyBaseLogger): Promise { if (principal.type === PrincipalType.SERVICE) { return true } @@ -160,7 +160,7 @@ async function shouldAutoAcceptInvitation(principal: Principal, request: SendUse const user = await userService(log).getOneByIdentityAndPlatform({ identityId: identity.id, - platformId: principal.platform.id, + platformId, }) return !isNil(user) }