Skip to content

feat(saas): add endpoint to retrieve companies associated with a user's email#1853

Merged
Artuomka merged 1 commit into
mainfrom
backend_tests
Jul 1, 2026
Merged

feat(saas): add endpoint to retrieve companies associated with a user's email#1853
Artuomka merged 1 commit into
mainfrom
backend_tests

Conversation

@Artuomka

@Artuomka Artuomka commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator

Summary by CodeRabbit

  • New Features

    • Added a new endpoint to look up companies associated with a user email.
    • Results now return a simple list of company IDs and names.
  • Bug Fixes

    • Email input is validated before processing.
    • When no matching companies are found, the API now returns a clear error response.
  • Chores

    • Registered the new lookup capability in the SaaS service and protected it with existing auth rules.

Copilot AI review requested due to automatic review settings July 1, 2026 12:59
@Artuomka Artuomka enabled auto-merge July 1, 2026 13:00
@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Adds a new SaaS use case, ISaasGetUserEmailCompanies interface, and SAAS_GET_USER_EMAIL_COMPANIES DI token to fetch companies by user email. Wires a new GET endpoint in SaasController with email validation, registers the provider in SaasModule, and protects the route via SaaSAuthMiddleware.

Changes

Get companies by user email

Layer / File(s) Summary
Contract: token and interface
backend/src/common/data-injection.tokens.ts, backend/src/microservices/saas-microservice/use-cases/saas-use-cases.interface.ts
Adds SAAS_GET_USER_EMAIL_COMPANIES enum member and defines ISaasGetUserEmailCompanies interface with execute(userEmail) returning FoundUserEmailCompaniesInfoDs[].
Use case implementation
backend/src/microservices/saas-microservice/use-cases/saas-get-user-email-companies.use.case.ts
Implements SaasGetUserEmailCompaniesUseCase, querying companies by lowercased email via companyInfoRepository.findCompanyInfosByUserEmail, throwing BAD_REQUEST if none found, and mapping results to {id, name}.
Controller endpoint
backend/src/microservices/saas-microservice/saas.controller.ts
Adds GET user/email/:email/companies endpoint with Swagger metadata, validates email via ValidationHelper, and invokes the new use case, injecting it via the new token.
Module wiring
backend/src/microservices/saas-microservice/saas.module.ts
Registers the new use case provider and adds the new route to SaaSAuthMiddleware protected paths.

Estimated code review effort: 2 (Simple) | ~10 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant SaasController
  participant ValidationHelper
  participant SaasGetUserEmailCompaniesUseCase
  participant CompanyInfoRepository

  Client->>SaasController: GET user/email/:email/companies
  SaasController->>ValidationHelper: validateOrThrowHttpExceptionEmail(email)
  SaasController->>SaasGetUserEmailCompaniesUseCase: execute(email)
  SaasGetUserEmailCompaniesUseCase->>CompanyInfoRepository: findCompanyInfosByUserEmail(email)
  CompanyInfoRepository-->>SaasGetUserEmailCompaniesUseCase: companies or empty
  SaasGetUserEmailCompaniesUseCase-->>SaasController: FoundUserEmailCompaniesInfoDs[]
  SaasController-->>Client: companies response
Loading

Suggested reviewers: gugu, lyubov-voloshko

Poem

A hop, a query, a lowercased mail,
I fetch your companies without fail. 🐰
Through tokens and routes I nimbly bound,
Till JSON companies are safely found.
Thump-thump goes my joyful tail!

🚥 Pre-merge checks | ✅ 6
✅ Passed checks (6 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: a new SaaS endpoint for retrieving companies by user email.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Security Check ✅ Passed Email is validated, the query is parameterized, and the new SaaS route is protected by SaaSAuthMiddleware, returning only id/name pairs.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch backend_tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot requested review from gugu and lyubov-voloshko July 1, 2026 13:01

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new SaaS-microservice “bridge” endpoint that lets rocketadmin-saas retrieve the list of companies associated with a given user email (supporting the multi-company login picker), mirroring existing core behavior.

Changes:

  • Introduces SaasGetUserEmailCompaniesUseCase to fetch companies by user email via companyInfoRepository.
  • Wires a new controller route GET /saas/user/email/:email/companies (with email validation) and registers the provider in SaasModule.
  • Adds a new DI token UseCaseType.SAAS_GET_USER_EMAIL_COMPANIES and corresponding use-case interface.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
backend/src/microservices/saas-microservice/use-cases/saas-use-cases.interface.ts Adds the ISaasGetUserEmailCompanies contract and DS import.
backend/src/microservices/saas-microservice/use-cases/saas-get-user-email-companies.use.case.ts Implements the new SaaS bridge use case for email → companies lookup.
backend/src/microservices/saas-microservice/saas.module.ts Registers the new use case and applies SaaS auth middleware to the new route.
backend/src/microservices/saas-microservice/saas.controller.ts Exposes GET /saas/user/email/:email/companies with input validation and Swagger metadata.
backend/src/common/data-injection.tokens.ts Adds the new UseCaseType.SAAS_GET_USER_EMAIL_COMPANIES token.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +9 to +14
/**
* Returns the companies a given email is registered in. This is the SaaS microservice bridge for the
* open-source `GET /my/email/:email` endpoint (GetUserEmailCompaniesUseCase) — duplicated here on
* purpose so rocketadmin-saas can expose the same lookup (used by the multi-company login picker)
* through its own `/saas/*` surface. The open-source endpoint is left untouched.
*/
Comment on lines +202 to +213
@ApiOperation({ summary: 'Get companies where a user with this email is registered' })
@ApiResponse({
status: 200,
description: 'Companies where a user with this email is registered.',
type: FoundUserEmailCompaniesInfoDs,
isArray: true,
})
@Get('user/email/:email/companies')
async getUserEmailCompanies(@Param('email') email: string): Promise<Array<FoundUserEmailCompaniesInfoDs>> {
ValidationHelper.validateOrThrowHttpExceptionEmail(email);
return await this.getUserEmailCompaniesUseCase.execute(email);
}
@Artuomka Artuomka merged commit b097ad5 into main Jul 1, 2026
16 of 18 checks passed
@Artuomka Artuomka deleted the backend_tests branch July 1, 2026 13:05

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
backend/src/microservices/saas-microservice/saas.controller.ts (1)

202-213: 🔒 Security & Privacy | 🔵 Trivial | ⚖️ Poor tradeoff

Email passed via URL path will appear in access/proxy logs.

Placing the email in the path (user/email/:email/companies) means it can end up in server access logs, CDN/proxy logs, or error trackers. This mirrors the existing users/email/:userEmail route and the referenced open-source /my/email/:email endpoint, so it's consistent with established convention here — just flagging for awareness rather than as a new regression.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/src/microservices/saas-microservice/saas.controller.ts` around lines
202 - 213, The `getUserEmailCompanies` endpoint in `saas.controller.ts` exposes
the email in the URL path via `@Get('user/email/:email/companies')`, which means
it can be captured by access/proxy logs and error tooling. No immediate code
change is required if this route is intentionally kept for convention, but if
you decide to harden it later, update `getUserEmailCompanies` and
`ValidationHelper.validateOrThrowHttpExceptionEmail` to accept the email from a
less log-sensitive source (for example, query or request body) while preserving
the existing validation and `getUserEmailCompaniesUseCase.execute(email)` flow.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@backend/src/microservices/saas-microservice/saas.controller.ts`:
- Around line 202-213: The `getUserEmailCompanies` endpoint in
`saas.controller.ts` exposes the email in the URL path via
`@Get('user/email/:email/companies')`, which means it can be captured by
access/proxy logs and error tooling. No immediate code change is required if
this route is intentionally kept for convention, but if you decide to harden it
later, update `getUserEmailCompanies` and
`ValidationHelper.validateOrThrowHttpExceptionEmail` to accept the email from a
less log-sensitive source (for example, query or request body) while preserving
the existing validation and `getUserEmailCompaniesUseCase.execute(email)` flow.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ca20a4bf-f56c-4f49-971a-6a0aab6d50f4

📥 Commits

Reviewing files that changed from the base of the PR and between 7e6c052 and ec69410.

📒 Files selected for processing (5)
  • backend/src/common/data-injection.tokens.ts
  • backend/src/microservices/saas-microservice/saas.controller.ts
  • backend/src/microservices/saas-microservice/saas.module.ts
  • backend/src/microservices/saas-microservice/use-cases/saas-get-user-email-companies.use.case.ts
  • backend/src/microservices/saas-microservice/use-cases/saas-use-cases.interface.ts

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants