Skip to content

feat(permissions): add email-to-username lookup for users #115

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dealako merged 3 commits into from
Oct 4, 2025
Merged

feat(permissions): add email-to-username lookup for users #115

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a29bde3
feat(permissions): add email-to-username lookup for users
asithade Oct 4, 2025
57f4f14
fix(nats): correct JSON response parsing in email-to-username lookup
asithade Oct 4, 2025
23ba9d0
fix(settings): fix error response type
asithade Oct 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions apps/lfx-one/src/app/modules/project/settings/components/user-form/user-form.component.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,19 @@
<form [formGroup]="form()" (ngSubmit)="onSubmit()" class="space-y-6">
<!-- User Information Section -->
<div class="flex flex-col gap-3">
<!-- Username -->
<!-- Username or Email -->
<div>
<label for="username" class="block text-sm font-medium text-gray-700 mb-1"> Username <span class="text-red-500">*</span> </label>
<label for="username" class="block text-sm font-medium text-gray-700 mb-1"> Username or Email <span class="text-red-500">*</span> </label>
<lfx-input-text
size="small"
[form]="form()"
control="username"
id="username"
placeholder="Enter username"
placeholder="Enter username or email address"
styleClass="w-full"
data-testid="settings-user-form-username"></lfx-input-text>
@if (form().get('username')?.errors?.['required'] && form().get('username')?.touched) {
<p class="mt-1 text-xs text-red-600">Username is required</p>
<p class="mt-1 text-xs text-red-600">Username or email is required</p>
}
</div>
</div>
Expand Down
29 changes: 23 additions & 6 deletions apps/lfx-one/src/app/modules/project/settings/components/user-form/user-form.component.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
// Copyright The Linux Foundation and each contributor to LFX.
// SPDX-License-Identifier: MIT

import { HttpErrorResponse } from '@angular/common/http';
import { Component, computed, inject, signal } from '@angular/core';
import { FormControl, FormGroup, ReactiveFormsModule, Validators } from '@angular/forms';
import { ButtonComponent } from '@components/button/button.component';
Expand Down Expand Up @@ -92,13 +93,29 @@ export class UserFormComponent {
});
this.dialogRef.close(true);
},
error: (error: any) => {
error: (error: HttpErrorResponse) => {
console.error('Error saving user:', error);
this.messageService.add({
severity: 'error',
summary: 'Error',
detail: `Failed to ${this.isEditing() ? 'update' : 'add'} user. Please try again.`,
});

// Check if it's a 404 error for email not found
if (error.status === 404 && error.error?.code === 'NOT_FOUND') {
const usernameValue = formValue.username;
const isEmail = usernameValue.includes('@');

this.messageService.add({
severity: 'error',
summary: 'User Not Found',
detail: isEmail
? `No user found with email address "${usernameValue}". Please verify the email address and try again.`
: error.error?.message || 'User not found',
});
} else {
this.messageService.add({
severity: 'error',
summary: 'Error',
detail: error.error?.message || `Failed to ${this.isEditing() ? 'update' : 'add'} user. Please try again.`,
});
}

this.submitting.set(false);
},
});
Expand Down
31 changes: 29 additions & 2 deletions apps/lfx-one/src/server/controllers/project.controller.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -259,12 +259,39 @@ export class ProjectController {
return;
}

const result = await this.projectService.updateProjectPermissions(req, uid, 'add', userData.username, userData.role);
// Detect if input is email or username
const isEmail = userData.username.includes('@');
let username = userData.username;

if (isEmail) {
req.log.info(
{
email: userData.username,
operation: 'add_user_project_permissions',
},
'Email detected, resolving to username via NATS'
);

// Resolve email to username via NATS
username = await this.projectService.resolveEmailToUsername(req, userData.username);

req.log.info(
{
email: userData.username,
username,
operation: 'add_user_project_permissions',
},
'Successfully resolved email to username'
);
}

const result = await this.projectService.updateProjectPermissions(req, uid, 'add', username, userData.role);

Logger.success(req, 'add_user_project_permissions', startTime, {
uid,
username: userData.username,
username,
role: userData.role,
resolved_from_email: isEmail,
});

res.status(201).json(result);
Expand Down
85 changes: 85 additions & 0 deletions apps/lfx-one/src/server/services/project.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,91 @@ export class ProjectService {
return result;
}

/**
* Resolve email address to username using NATS request-reply pattern
* @param req - Express request object for logging
* @param email - Email address to lookup
* @returns Username associated with the email
* @throws ResourceNotFoundError if user not found
*/
public async resolveEmailToUsername(req: Request, email: string): Promise<string> {
const codec = this.natsService.getCodec();

// Normalize email input
const normalizedEmail = email.trim().toLowerCase();

try {
req.log.info({ email: normalizedEmail }, 'Resolving email to username via NATS');

const response = await this.natsService.request(NatsSubjects.EMAIL_TO_USERNAME, codec.encode(normalizedEmail), { timeout: NATS_CONFIG.REQUEST_TIMEOUT });

const responseText = codec.decode(response.data);

// Parse once and branch on the result shape
let username: string;
try {
const parsed = JSON.parse(responseText);

// Check if it's an error response
if (typeof parsed === 'object' && parsed !== null && parsed.success === false) {
req.log.info({ email: normalizedEmail, error: parsed.error }, 'User email not found via NATS');

throw new ResourceNotFoundError('User', normalizedEmail, {
operation: 'resolve_email_to_username',
service: 'project_service',
path: '/nats/email-to-username',
});
}

// Extract username from JSON success response or JSON string
username = typeof parsed === 'string' ? parsed : parsed.username;
} catch (parseError) {
// Re-throw ResourceNotFoundError as-is
if (parseError instanceof ResourceNotFoundError) {
throw parseError;
}

// JSON parsing failed - use raw text as username
username = responseText;
}

// Trim and validate username
username = username.trim();

if (!username || username === '') {
Comment on lines +246 to +261
Copy link

@coderabbitai coderabbitai bot Oct 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Guard against non-string usernames before trimming.

When parsed is an object but does not expose a string username field (e.g., { success: true } or nested payloads), parsed.username becomes undefined. The subsequent username.trim() call throws a runtime TypeError, aborting the flow instead of returning a clean ResourceNotFoundError. Please gate the value before trimming and fall back gracefully.

-        username = typeof parsed === 'string' ? parsed : parsed.username;
+        if (typeof parsed === 'string') {
+          username = parsed;
+        } else if (parsed && typeof parsed === 'object' && 'username' in parsed && typeof (parsed as { username: unknown }).username === 'string') {
+          username = (parsed as { username: string }).username;
+        }
       } catch (parseError) {
         // Re-throw ResourceNotFoundError as-is
         if (parseError instanceof ResourceNotFoundError) {
           throw parseError;
         }
 
         // JSON parsing failed - use raw text as username
         username = responseText;
       }
 
-      // Trim and validate username
-      username = username.trim();
+      // Trim and validate username
+      if (typeof username !== 'string') {
+        req.log.info({ email: normalizedEmail }, 'Empty username returned from NATS');
+        throw new ResourceNotFoundError('User', normalizedEmail, {
+          operation: 'resolve_email_to_username',
+          service: 'project_service',
+          path: '/nats/email-to-username',
+        });
+      }
+
+      username = username.trim();
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
// Extract username from JSON success response or JSON string
username = typeof parsed === 'string' ? parsed : parsed.username;
} catch (parseError) {
// Re-throw ResourceNotFoundError as-is
if (parseError instanceof ResourceNotFoundError) {
throw parseError;
}
// JSON parsing failed - use raw text as username
username = responseText;
}
// Trim and validate username
username = username.trim();
if (!username || username === '') {
// Extract username from JSON success response or JSON string
if (typeof parsed === 'string') {
username = parsed;
} else if (
parsed &&
typeof parsed === 'object' &&
'username' in parsed &&
typeof (parsed as { username: unknown }).username === 'string'
) {
username = (parsed as { username: string }).username;
}
} catch (parseError) {
// Re-throw ResourceNotFoundError as-is
if (parseError instanceof ResourceNotFoundError) {
throw parseError;
}
// JSON parsing failed - use raw text as username
username = responseText;
}
// Trim and validate username
if (typeof username !== 'string') {
req.log.info({ email: normalizedEmail }, 'Empty username returned from NATS');
throw new ResourceNotFoundError('User', normalizedEmail, {
operation: 'resolve_email_to_username',
service: 'project_service',
path: '/nats/email-to-username',
});
}
username = username.trim();
if (!username || username === '') {
🤖 Prompt for AI Agents 
In apps/lfx-one/src/server/services/project.service.ts around lines 246 to 261,
the code assumes parsed.username is a string and calls username.trim(), which
will throw if parsed.username is undefined or non-string; instead, guard and
coerce before trimming: check if parsed is a string and use it, otherwise if
parsed.username is a string use that, else fall back to responseText (or an
empty string), then call trim() on the confirmed string and proceed to the empty
check/ResourceNotFoundError path.

req.log.info({ email: normalizedEmail }, 'Empty username returned from NATS');

throw new ResourceNotFoundError('User', normalizedEmail, {
operation: 'resolve_email_to_username',
service: 'project_service',
path: '/nats/email-to-username',
});
}

req.log.info({ email: normalizedEmail, username }, 'Successfully resolved email to username');

return username;
} catch (error) {
// Re-throw ResourceNotFoundError as-is
if (error instanceof ResourceNotFoundError) {
throw error;
}

req.log.error({ error: error instanceof Error ? error.message : error, email: normalizedEmail }, 'Failed to resolve email to username via NATS');

// If it's a timeout or no responder error, treat as not found
if (error instanceof Error && (error.message.includes('timeout') || error.message.includes('503'))) {
throw new ResourceNotFoundError('User', normalizedEmail, {
operation: 'resolve_email_to_username',
service: 'project_service',
path: '/nats/email-to-username',
});
}

throw error;
}
}

/**
* Get project ID by slug using NATS request-reply pattern
* @private
Expand Down
1 change: 1 addition & 0 deletions packages/shared/src/enums/nats.enum.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,4 +7,5 @@
export enum NatsSubjects {
PROJECT_SLUG_TO_UID = 'lfx.projects-api.slug_to_uid',
USER_METADATA_UPDATE = 'lfx.auth-service.user_metadata.update',
EMAIL_TO_USERNAME = 'lfx.auth-service.email_to_username',
}
11 changes: 11 additions & 0 deletions packages/shared/src/interfaces/auth.interface.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161,3 +161,14 @@ export interface AuthConfig {
/** Default route type for unmatched routes */
defaultType: RouteType;
}

/**
* Error response from email to username NATS lookup
* @description Response structure when user email is not found
*/
export interface EmailToUsernameErrorResponse {
/** Success flag - always false for error responses */
success: false;
/** Error message describing the failure */
error: string;
}