fix: migrate remaining controllers from Auth0 sub to UUID identity (refs #220)
All checks were successful
Deploy to Staging / Build Images (pull_request) Successful in 3m40s
Deploy to Staging / Deploy to Staging (pull_request) Successful in 24s
Deploy to Staging / Verify Staging (pull_request) Successful in 10s
Deploy to Staging / Notify Staging Ready (pull_request) Successful in 8s
Deploy to Staging / Notify Staging Failure (pull_request) Has been skipped
All checks were successful
Deploy to Staging / Build Images (pull_request) Successful in 3m40s
Deploy to Staging / Deploy to Staging (pull_request) Successful in 24s
Deploy to Staging / Verify Staging (pull_request) Successful in 10s
Deploy to Staging / Notify Staging Ready (pull_request) Successful in 8s
Deploy to Staging / Notify Staging Failure (pull_request) Has been skipped
16 controllers still used request.user.sub (Auth0 ID) instead of request.userContext.userId (UUID) after the user_id column migration, causing 500 errors on all authenticated endpoints including dashboard. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Eric Gullickson
@@ -27,7 +27,7 @@ export class VehiclesController {
|
||||
|
||||
async getUserVehicles(request: FastifyRequest, reply: FastifyReply) {
|
||||
try {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
// Use tier-aware method to filter out locked vehicles after downgrade
|
||||
const vehiclesWithStatus = await this.vehiclesService.getUserVehiclesWithTierStatus(userId);
|
||||
// Only return active vehicles (filter out locked ones)
|
||||
@@ -37,7 +37,7 @@ export class VehiclesController {
|
||||
|
||||
return reply.code(200).send(vehicles);
|
||||
} catch (error) {
|
||||
logger.error('Error getting user vehicles', { error, userId: (request as any).user?.sub });
|
||||
logger.error('Error getting user vehicles', { error, userId: request.userContext?.userId });
|
||||
return reply.code(500).send({
|
||||
error: 'Internal server error',
|
||||
message: 'Failed to get vehicles'
|
||||
@@ -65,12 +65,12 @@ export class VehiclesController {
|
||||
}
|
||||
}
|
||||
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const vehicle = await this.vehiclesService.createVehicle(request.body, userId);
|
||||
|
||||
return reply.code(201).send(vehicle);
|
||||
} catch (error: any) {
|
||||
logger.error('Error creating vehicle', { error, userId: (request as any).user?.sub });
|
||||
logger.error('Error creating vehicle', { error, userId: request.userContext?.userId });
|
||||
|
||||
if (error instanceof VehicleLimitExceededError) {
|
||||
return reply.code(403).send({
|
||||
@@ -110,7 +110,7 @@ export class VehiclesController {
|
||||
|
||||
async getVehicle(request: FastifyRequest<{ Params: VehicleParams }>, reply: FastifyReply) {
|
||||
try {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const { id } = request.params;
|
||||
|
||||
// Check tier status - block access to locked vehicles
|
||||
@@ -131,7 +131,7 @@ export class VehiclesController {
|
||||
|
||||
return reply.code(200).send(vehicle);
|
||||
} catch (error: any) {
|
||||
logger.error('Error getting vehicle', { error, vehicleId: request.params.id, userId: (request as any).user?.sub });
|
||||
logger.error('Error getting vehicle', { error, vehicleId: request.params.id, userId: request.userContext?.userId });
|
||||
|
||||
if (error.message === 'Vehicle not found' || error.message === 'Unauthorized') {
|
||||
return reply.code(404).send({
|
||||
@@ -149,14 +149,14 @@ export class VehiclesController {
|
||||
|
||||
async updateVehicle(request: FastifyRequest<{ Params: VehicleParams; Body: UpdateVehicleBody }>, reply: FastifyReply) {
|
||||
try {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const { id } = request.params;
|
||||
|
||||
const vehicle = await this.vehiclesService.updateVehicle(id, request.body, userId);
|
||||
|
||||
return reply.code(200).send(vehicle);
|
||||
} catch (error: any) {
|
||||
logger.error('Error updating vehicle', { error, vehicleId: request.params.id, userId: (request as any).user?.sub });
|
||||
logger.error('Error updating vehicle', { error, vehicleId: request.params.id, userId: request.userContext?.userId });
|
||||
|
||||
if (error.message === 'Vehicle not found' || error.message === 'Unauthorized') {
|
||||
return reply.code(404).send({
|
||||
@@ -183,14 +183,14 @@ export class VehiclesController {
|
||||
|
||||
async deleteVehicle(request: FastifyRequest<{ Params: VehicleParams }>, reply: FastifyReply) {
|
||||
try {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const { id } = request.params;
|
||||
|
||||
await this.vehiclesService.deleteVehicle(id, userId);
|
||||
|
||||
return reply.code(204).send();
|
||||
} catch (error: any) {
|
||||
logger.error('Error deleting vehicle', { error, vehicleId: request.params.id, userId: (request as any).user?.sub });
|
||||
logger.error('Error deleting vehicle', { error, vehicleId: request.params.id, userId: request.userContext?.userId });
|
||||
|
||||
if (error.message === 'Vehicle not found' || error.message === 'Unauthorized') {
|
||||
return reply.code(404).send({
|
||||
@@ -208,13 +208,13 @@ export class VehiclesController {
|
||||
|
||||
async getTCO(request: FastifyRequest<{ Params: VehicleParams }>, reply: FastifyReply) {
|
||||
try {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const { id } = request.params;
|
||||
|
||||
const tco = await this.vehiclesService.getTCO(id, userId);
|
||||
return reply.code(200).send(tco);
|
||||
} catch (error: any) {
|
||||
logger.error('Error getting vehicle TCO', { error, vehicleId: request.params.id, userId: (request as any).user?.sub });
|
||||
logger.error('Error getting vehicle TCO', { error, vehicleId: request.params.id, userId: request.userContext?.userId });
|
||||
|
||||
if (error.statusCode === 404 || error.message === 'Vehicle not found') {
|
||||
return reply.code(404).send({
|
||||
@@ -383,7 +383,7 @@ export class VehiclesController {
|
||||
* Requires Pro or Enterprise tier
|
||||
*/
|
||||
async decodeVin(request: FastifyRequest<{ Body: DecodeVinRequest }>, reply: FastifyReply) {
|
||||
const userId = (request as any).user?.sub;
|
||||
const userId = request.userContext?.userId;
|
||||
|
||||
try {
|
||||
const { vin } = request.body;
|
||||
@@ -447,7 +447,7 @@ export class VehiclesController {
|
||||
}
|
||||
|
||||
async uploadImage(request: FastifyRequest<{ Params: VehicleParams }>, reply: FastifyReply) {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const vehicleId = request.params.id;
|
||||
|
||||
logger.info('Vehicle image upload requested', {
|
||||
@@ -604,7 +604,7 @@ export class VehiclesController {
|
||||
}
|
||||
|
||||
async downloadImage(request: FastifyRequest<{ Params: VehicleParams }>, reply: FastifyReply) {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const vehicleId = request.params.id;
|
||||
|
||||
logger.info('Vehicle image download requested', {
|
||||
@@ -654,7 +654,7 @@ export class VehiclesController {
|
||||
}
|
||||
|
||||
async deleteImage(request: FastifyRequest<{ Params: VehicleParams }>, reply: FastifyReply) {
|
||||
const userId = (request as any).user.sub;
|
||||
const userId = request.userContext!.userId;
|
||||
const vehicleId = request.params.id;
|
||||
|
||||
logger.info('Vehicle image delete requested', {
|
||||
|
||||
Reference in New Issue
Block a user