fix(api): scope task status-change emails to assignee, not whole org#2669
Merged
fix(api): scope task status-change emails to assignee, not whole org#2669
Conversation
notifyStatusChange and notifyBulkStatusChange were emailing every non-platform-admin member of the org on any task status change, then leaning on isUserUnsubscribed to filter. That filter had gaps (multi-role users, custom roles, unsaved matrix state), so employees with "Task Assignments" unchecked still received status-change emails. Now: - Single status change: emails only the task's assignee. If the task has no assignee, falls back to owners + admins. Actor always excluded, isUserUnsubscribed still honored. - Bulk status change: groups tasks by assignee and sends each one a bulk email with the count of THEIR tasks. Unassigned tasks are routed to owners/admins with the unassigned count. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
2 Skipped Deployments
|
RolesService.filterMembersWithPermission(orgId, members, resource, action)
returns the subset of members whose combined (built-in + custom) role
permissions grant the requested resource:action. One batched
organizationRole.findMany query regardless of member count.
Matches better-auth's hasPermissionFn semantics: comma-separated role
strings treated as a union; unknown role names skipped silently. Uses
BUILT_IN_ROLE_PERMISSIONS (derived from the same role.statements that
better-auth initializes with) so answers stay in lockstep with the
runtime permission guard.
Enables upcoming migration of notifier recipient selection from
hardcoded role-string matching (role.includes('admin')) to
permission-based filtering — so custom roles like "Compliance Manager"
with task:update automatically qualify.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
0 issues found across 2 files (changes from recent commits).
Requires human review: This PR modifies core notification business logic by changing recipient selection for task status updates and introduces a new permission-filtering utility in RolesService.
claudfuen
pushed a commit
that referenced
this pull request
Apr 24, 2026
## [3.33.1](v3.33.0...v3.33.1) (2026-04-24) ### Bug Fixes * **api:** scope task status-change emails to assignee, not whole org ([#2669](#2669)) ([fd0aa1c](fd0aa1c))
Contributor
|
🎉 This PR is included in version 3.33.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Employees were receiving Task Status Updated emails even when their role had Task Assignments unchecked in the notifications matrix, because
notifyStatusChange/notifyBulkStatusChangewere emailing every non-platform-admin member of the org and leaning onisUserUnsubscribedto filter. That filter has gaps (multi-role users, custom roles, unsaved matrix state) so spam still escaped.Now:
isUserUnsubscribed('taskAssignments', orgId)still runs per recipient, so personal opt-outs and role matrix still work.getOwnerAdminRecipientshelper splitsmember.roleon commas and checks for exact'owner'/'admin'(safer than the previouscontainsmatcher).notifyAssigneeChange,notifyBulkAssigneeChange,notifyEvidenceReviewRequested,notifyAutomationFailures,task-item-assignment-notifier,comment-mention-notifierandfinding-notifierwere already targeting narrow audiences — untouched.Follow-ups (separate ticket)
Found some smaller gaps worth tracking but out of scope here:
isUserUnsubscribedpass noorganizationId, so role-matrix settings don't apply:notifyEvidenceReviewRequested,notifyBulkEvidenceReviewRequested,notifyAutomationFailures,notifyBulkAutomationFailures.role.includes('admin')in automation-failure flows would false-match custom roles like "Security Admin".Test plan
task-notifier.service.spec.ts— 8 cases covering assignee targeting, actor exclusion, owner/admin fallback, unsubscribe honoring, bulk per-assignee countscd apps/api && npx jest src/tasks/— 113/113 pass🤖 Generated with Claude Code
Summary by cubic
Scopes task status-change emails to the assignee instead of the whole org, reducing noisy notifications. Bulk updates now send per-assignee summaries; actor is excluded and unsubscribe/matrix settings still apply.
Bug Fixes
isUserUnsubscribedwithorganizationId; add safer owner/admin detection via a helper that parses comma-separated roles.New Features
RolesService.filterMembersWithPermission(orgId, members, resource, action)to filter members by effective permissions (supports comma-separated and custom roles with one batched query), enabling future migration from role-string checks to permission-based recipient selection.Written for commit 55c2ee6. Summary will update on new commits.