Skip to content

feat(api): accept organizationId in chat requests with auth validation#123

Merged
sweetmantech merged 1 commit intotestfrom
sweetmantech/myc-3941-api-apichat-accept-organizationid-with-auth-validation
Jan 16, 2026
Merged

feat(api): accept organizationId in chat requests with auth validation#123
sweetmantech merged 1 commit intotestfrom
sweetmantech/myc-3941-api-apichat-accept-organizationid-with-auth-validation

Conversation

@sweetmantech
Copy link
Contributor

@sweetmantech sweetmantech commented Jan 16, 2026

Summary

  • Add organizationId field to chat request schema for /api/chat and /api/chat/generate endpoints
  • Create validateOrganizationAccess function to verify if an account can operate on behalf of an organization
  • Validate membership before using provided organizationId to override org context
  • Return 403 error when user is not authorized for the specified organization

Test plan

  • Unit tests for validateOrganizationAccess function
  • Unit tests for organizationId validation in validateChatRequest
  • All 503 tests passing
  • Manual testing with frontend passing organizationId

🤖 Generated with Claude Code

@sweetmantech @claude
feat(api): allow frontend to pass organizationId in chat requests
de8c5aa 
- Add organizationId field to chatRequestSchema
- Create validateOrganizationAccess function to check if an account
  can operate on behalf of an organization (either IS the org or is a member)
- Validate organizationId in validateChatRequest and use it to override
  orgId when user is authorized
- Return 403 error when user is not a member of the specified org
- Add comprehensive tests for all scenarios

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@vercel
Copy link
Contributor

vercel bot commented Jan 16, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
recoup-api Ready Ready Preview Jan 16, 2026 1:54am

@coderabbitai
Copy link

coderabbitai bot commented Jan 16, 2026

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sweetmantech sweetmantech merged commit abe9c7f into test Jan 16, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sweetmantech

Comments