fix(webapp): make RBAC role assignment on invite accept non-fatal

matt-aitken · matt-aitken · commit c5f5a44c4d30 · 2026-06-15T15:43:29.000+01:00
The setUserRole call in acceptInvite ran outside a try/catch, so a thrown
error from the RBAC plugin escaped and turned the whole invite-accept into
a 400 (the membership was already created in the transaction). Wrap it so
both a returned {ok:false} and a thrown error are logged, including the
stack, and never block joining the org.
diff --git a/apps/webapp/app/models/member.server.ts b/apps/webapp/app/models/member.server.ts
@@ -227,19 +227,35 @@ export async function acceptInvite({
     };
   });
 
-  // If the invite carried an explicit RBAC role. Errors are logged, not fatal.
+  // If the invite carried an explicit RBAC role, assign it. Best-effort: the
+  // invite is already consumed and membership created above, so a failure here
+  // — a returned {ok:false} or a thrown error from the plugin — must not block
+  // joining the org. Swallow and log either way; without the catch a plugin
+  // throw escapes and turns the whole invite-accept into a 400.
   if (result.rbacRoleId) {
-    const roleResult = await rbac.setUserRole({
-      userId: user.id,
-      organizationId: result.organization.id,
-      roleId: result.rbacRoleId,
-    });
-    if (!roleResult.ok) {
-      logger.error("acceptInvite: skipped RBAC role assignment", {
+    try {
+      const roleResult = await rbac.setUserRole({
+        userId: user.id,
+        organizationId: result.organization.id,
+        roleId: result.rbacRoleId,
+      });
+      if (!roleResult.ok) {
+        logger.error("acceptInvite: skipped RBAC role assignment", {
+          organizationId: result.organization.id,
+          userId: user.id,
+          rbacRoleId: result.rbacRoleId,
+          reason: roleResult.error,
+        });
+      }
+    } catch (error) {
+      logger.error("acceptInvite: RBAC role assignment threw", {
         organizationId: result.organization.id,
         userId: user.id,
         rbacRoleId: result.rbacRoleId,
-        reason: roleResult.error,
+        error:
+          error instanceof Error
+            ? { name: error.name, message: error.message, stack: error.stack }
+            : String(error),
       });
     }
   }
