Skip to content

[Misc] Gate/scope user-directory enumeration on /users/search and /users/resolve#845

Open
chronoai-shining wants to merge 4 commits into
develop-autofrom
auto/refactor/816-misc-gate-scope-user-directory-enumerati
Open

[Misc] Gate/scope user-directory enumeration on /users/search and /users/resolve#845
chronoai-shining wants to merge 4 commits into
develop-autofrom
auto/refactor/816-misc-gate-scope-user-directory-enumerati

Conversation

@chronoai-shining
Copy link
Copy Markdown
Collaborator

@chronoai-shining chronoai-shining commented Jun 4, 2026

Closes #816

Automated change by /auto (run 20260604T121112Z-15019, runner auto-runner-20260604T121112Z-15019-15019-21847).
Base is hard-locked to develop-auto; squash-merged when CI is 100% green.

@chronoai-shining
feat(api): gate /users/search q + per-user rate limit on directory ro…
1f427ea 
…utes (#816)

Reject empty/1-char q via Zod min-length (env ORNN_USER_SEARCH_MIN_Q,
default 2) and mount the existing per-user rateLimit middleware on both
/users/search and /users/resolve (shared label users-directory, env
ORNN_USER_DIRECTORY_RATELIMIT_PER_MIN / _WINDOW_MS, default 30/min).
Repository empty-q branch intentionally untouched: admin/quota depends
on it; the enumeration gate lives in the route. Build/tests run
separately (scoped bun test + tsc, see PR).
@chronoai-shining
test(api): users-directory enumeration gate + rate-limit coverage (#816)
0acb6fe 
Empty/1-char q must 400 without touching the repository; 2-char prefix
resolves (typeahead positive control, email present); RL_MAX+1 bursts
on /users/search and /users/resolve both 429 with RFC 9239 headers;
shared users-directory label draws one per-user budget across routes.
@chronoai-shining
feat(web): require 2-char minimum before collaborator typeahead fires (
450b11b 
…#816)

The backend now 400s empty/1-char q on /users/search, so the picker no
longer fires on bare focus; a small i18n'd hint asks for 2+ characters.
Email stays the picker label — UserDirectoryEntry unchanged.
@chronoai-shining
docs: changeset for #816
5c3a303
@chronoai-shining chronoai-shining added priority:P3 Low / nice-to-have. Picked up only when the queue is otherwise empty. type:refactor Internal restructuring; no functional change. size:M Medium: a few files, one concern. Size is informational. status:blocked Failed or blocked; needs a human. /auto will not proceed. labels Jun 4, 2026
@chronoai-shining
Copy link
Copy Markdown
Collaborator Author

chronoai-shining commented Jun 4, 2026

auto-merge halted: ci-failure. Required checks did not reach a clean green state within policy; a human must intervene. (No force-push performed.)

This was referenced Jun 4, 2026
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

priority:P3 Low / nice-to-have. Picked up only when the queue is otherwise empty. size:M Medium: a few files, one concern. Size is informational. status:blocked Failed or blocked; needs a human. /auto will not proceed. type:refactor Internal restructuring; no functional change.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chronoai-shining