Fix premium check for self-hosted

[elie222]

Route watch and digest handlers to respect self-hosted premium bypass by using utils/premium.getPremiumUserFilter across email account queries

Replace inline premium filters in account queries with utils/premium.getPremiumUserFilter and extend Outlook not-found detection; bump version to v2.21.32. Core changes are in watch and resend routes and the watch manager utility.

📍Where to Start

Start with the getPremiumUserFilter implementation in index.ts, then review its usage in the Google and Outlook watch routes: route.ts and route.ts.

---

Macroscope summarized b73f4cc.

Summary by CodeRabbit

• Bug Fixes

  • Improved error detection and handling for not-found scenarios during email synchronization.

• Chores

  • Version bumped to v2.21.32.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Updated (UTC)
inbox-zero	Ready	Preview	Dec 3, 2025 4:46pm

[coderabbitai]

Walkthrough

Centralizes premium-user filtering logic by introducing getPremiumUserFilter() utility function in apps/web/utils/premium/index.ts and refactoring five API routes and utilities to use this function instead of inline premium filters. Additionally enhances error handling in webhook processing to detect Outlook-specific not-found error codes. Version bumped to v2.21.32.

Changes

Cohort / File(s)	Summary
Premium filter centralization — API watch routes apps/web/app/api/google/watch/all/route.ts, apps/web/app/api/outlook/watch/all/route.ts	Import getPremiumUserFilter and replace inline premium filter objects with function spread in Prisma queries
Premium filter centralization — Resend routes apps/web/app/api/resend/digest/all/route.ts, apps/web/app/api/resend/summary/all/route.ts	Replace explicit premium-user filtering with spread of getPremiumUserFilter() in where clauses
Premium filter centralization — Utilities apps/web/utils/premium/index.ts, apps/web/utils/email/watch-manager.ts	Add new getPremiumUserFilter() export that returns environment-aware premium filter; apply in watch-manager for email account selection
Error handling enhancement apps/web/utils/webhook/process-history-item.ts	Extend not-found error detection to include Outlook-specific error codes ("ErrorItemNotFound", "itemNotFound") in addition to existing Google-based checks
Version update version.txt	Bump version from v2.21.31 to v2.21.32

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• Verify getPremiumUserFilter() behavior: Ensure the environment flag NEXT_PUBLIC_BYPASS_PREMIUM_CHECKS is correctly handled and the filter object shape matches Prisma expectations across all call sites.
• Cross-file consistency: Confirm that replacing inline filters with the utility function produces identical behavior in all five affected files.
• Outlook error detection: Test the new error code checks ("ErrorItemNotFound", "itemNotFound") to ensure Outlook-specific failures are properly caught alongside existing Google error patterns.

Possibly related PRs

• Centralised watch emails #923: Main PR's changes to centralize premium-user filtering directly modify the email watch manager and watch routes that PR #923 introduced.
• Fix bug where removed users reappear in premium sharing #743: Both PRs modify apps/web/utils/premium/index.ts, introducing or refactoring premium utility functions.
• Only allow clean if active premium account #795: Both PRs enhance premium utilities in apps/web/utils/premium/index.ts with new helper functions for gating premium behavior.

Poem

🐰 Filters once scattered, now gathered in one,
The rabbit hops through code, refactoring done,
Premium checks centralized, clean and so neat,
With Outlook's error codes, the path now complete! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Fix premium check for self-hosted' accurately describes the main objective of this PR, which centralizes premium user filtering logic into a reusable utility function and adds environment-based bypass support for self-hosted deployments.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/disable-premium-self-hosted

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

apps/web/utils/premium/index.ts (1)

145-158: Consider adding explicit return type and JSDoc documentation.

The implementation is correct and aligns with the PR objective. However, for a new public utility function, consider adding:

1. An explicit return type to make the Prisma filter shape clear
2. JSDoc documentation explaining the bypass behavior and usage

Apply this diff to improve type safety and documentation:

+/**
+ * Returns a Prisma filter for premium users.
+ * When NEXT_PUBLIC_BYPASS_PREMIUM_CHECKS is enabled, returns an empty filter (no restrictions).
+ * Otherwise, filters for users with active Lemon Squeezy or Stripe subscriptions.
+ */
-export function getPremiumUserFilter() {
+export function getPremiumUserFilter(): Record<string, unknown> | { user: { premium: { OR: unknown[] } } } {
   if (env.NEXT_PUBLIC_BYPASS_PREMIUM_CHECKS) return {};
 
   return {
     user: {
       premium: {
         OR: [
           { lemonSqueezyRenewsAt: { gt: new Date() } },
           { stripeSubscriptionStatus: { in: ["active", "trialing"] } },
         ],
       },
     },
   };
 }

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between de3bc27 and b73f4cc.

📒 Files selected for processing (8)

• apps/web/app/api/google/watch/all/route.ts (2 hunks)
• apps/web/app/api/outlook/watch/all/route.ts (2 hunks)
• apps/web/app/api/resend/digest/all/route.ts (2 hunks)
• apps/web/app/api/resend/summary/all/route.ts (2 hunks)
• apps/web/utils/email/watch-manager.ts (2 hunks)
• apps/web/utils/premium/index.ts (1 hunks)
• apps/web/utils/webhook/process-history-item.ts (1 hunks)
• version.txt (1 hunks)

🧰 Additional context used

📓 Path-based instructions (17)

apps/web/**/*.{ts,tsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

apps/web/**/*.{ts,tsx}: Use TypeScript with strict null checks
Use @/ path aliases for imports from project root
Use proper error handling with try/catch blocks
Format code with Prettier
Follow consistent naming conventions using PascalCase for components
Centralize shared types in dedicated type files

Import specific lodash functions rather than entire lodash library to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/data-fetching.mdc)

**/*.{ts,tsx}: For API GET requests to server, use the swr package
Use result?.serverError with toastError from @/components/Toast for error handling in async operations

**/*.{ts,tsx}: Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls
Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls
Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

**/*.{ts,tsx}: For early access feature flags, create hooks using the naming convention use[FeatureName]Enabled that return a boolean from useFeatureFlagEnabled("flag-key")
For A/B test variant flags, create hooks using the naming convention use[FeatureName]Variant that define variant types, use useFeatureFlagVariantKey() with type casting, and provide a default "control" fallback
Use kebab-case for PostHog feature flag keys (e.g., inbox-cleaner, pricing-options-2)
Always define types for A/B test variant flags (e.g., type PricingVariant = "control" | "variant-a" | "variant-b") and provide type safety through type casting

**/*.{ts,tsx}: Don't use primitive type aliases or misleading types
Don't use empty type parameters in type aliases and interfaces
Don't use this and super in static contexts
Don't use any or unknown as type constraints
Don't use the TypeScript directive @ts-ignore
Don't use TypeScript enums
Don't export imported variables
Don't add type annotations to variables, parameters, and class properties that are initialized with literal expressions
Don't use TypeScript namespaces
Don't use non-null assertions with the ! postfix operator
Don't use parameter properties in class constructors
Don't use user-defined types
Use as const instead of literal types and type annotations
Use either T[] or Array<T> consistently
Initialize each enum member value explicitly
Use export type for types
Use `impo...

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/{server,api,actions,utils}/**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/logging.mdc)

**/{server,api,actions,utils}/**/*.ts: Use createScopedLogger from "@/utils/logger" for logging in backend code
Add the createScopedLogger instantiation at the top of the file with an appropriate scope name
Use .with() method to attach context variables only within specific functions, not on global loggers
For large functions with reused variables, use createScopedLogger().with() to attach context once and reuse the logger without passing variables repeatedly

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (.cursor/rules/prisma-enum-imports.mdc)

Always import Prisma enums from @/generated/prisma/enums instead of @/generated/prisma/client to avoid Next.js bundling errors in client components

Import Prisma using the project's centralized utility: import prisma from '@/utils/prisma'

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

**/*.ts: ALL database queries MUST be scoped to the authenticated user/account by including user/account filtering in WHERE clauses to prevent unauthorized data access
Always validate that resources belong to the authenticated user before performing operations, using ownership checks in WHERE clauses or relationships
Always validate all input parameters for type, format, and length before using them in database queries
Use SafeError for error responses to prevent information disclosure. Generic error messages should not reveal internal IDs, logic, or resource ownership details
Only return necessary fields in API responses using Prisma's select option. Never expose sensitive data such as password hashes, private keys, or system flags
Prevent Insecure Direct Object References (IDOR) by validating resource ownership before operations. All findUnique/findFirst calls MUST include ownership filters
Prevent mass assignment vulnerabilities by explicitly whitelisting allowed fields in update operations instead of accepting all user-provided data
Prevent privilege escalation by never allowing users to modify system fields, ownership fields, or admin-only attributes through user input
All findMany queries MUST be scoped to the user's data by including appropriate WHERE filters to prevent returning data from other users
Use Prisma relationships for access control by leveraging nested where clauses (e.g., emailAccount: { id: emailAccountId }) to validate ownership

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/*.{tsx,ts}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

**/*.{tsx,ts}: Use Shadcn UI and Tailwind for components and styling
Use next/image package for images
For API GET requests to server, use the swr package with hooks like useSWR to fetch data
For text inputs, use the Input component with registerProps for form integration and error handling

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/*.{tsx,ts,css}

📄 CodeRabbit inference engine (.cursor/rules/ui-components.mdc)

Implement responsive design with Tailwind CSS using a mobile-first approach

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/*.{js,jsx,ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

**/*.{js,jsx,ts,tsx}: Don't use accessKey attribute on any HTML element
Don't set aria-hidden="true" on focusable elements
Don't add ARIA roles, states, and properties to elements that don't support them
Don't use distracting elements like <marquee> or <blink>
Only use the scope prop on <th> elements
Don't assign non-interactive ARIA roles to interactive HTML elements
Make sure label elements have text content and are associated with an input
Don't assign interactive ARIA roles to non-interactive HTML elements
Don't assign tabIndex to non-interactive HTML elements
Don't use positive integers for tabIndex property
Don't include "image", "picture", or "photo" in img alt prop
Don't use explicit role property that's the same as the implicit/default role
Make static elements with click handlers use a valid role attribute
Always include a title element for SVG elements
Give all elements requiring alt text meaningful information for screen readers
Make sure anchors have content that's accessible to screen readers
Assign tabIndex to non-interactive HTML elements with aria-activedescendant
Include all required ARIA attributes for elements with ARIA roles
Make sure ARIA properties are valid for the element's supported roles
Always include a type attribute for button elements
Make elements with interactive roles and handlers focusable
Give heading elements content that's accessible to screen readers (not hidden with aria-hidden)
Always include a lang attribute on the html element
Always include a title attribute for iframe elements
Accompany onClick with at least one of: onKeyUp, onKeyDown, or onKeyPress
Accompany onMouseOver/onMouseOut with onFocus/onBlur
Include caption tracks for audio and video elements
Use semantic elements instead of role attributes in JSX
Make sure all anchors are valid and navigable
Ensure all ARIA properties (aria-*) are valid
Use valid, non-abstract ARIA roles for elements with ARIA roles
Use valid AR...

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

!(pages/_document).{jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/ultracite.mdc)

Don't use the next/head module in pages/_document.js on Next.js projects

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts
• version.txt

**/*.{js,ts,jsx,tsx}

📄 CodeRabbit inference engine (.cursor/rules/utilities.mdc)

**/*.{js,ts,jsx,tsx}: Use lodash utilities for common operations (arrays, objects, strings)
Import specific lodash functions to minimize bundle size (e.g., import groupBy from 'lodash/groupBy')

Files:

• apps/web/utils/premium/index.ts
• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

apps/web/app/**/*.{ts,tsx}

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

Follow NextJS app router structure with (app) directory

Files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

apps/web/app/api/**/*.ts

📄 CodeRabbit inference engine (apps/web/CLAUDE.md)

apps/web/app/api/**/*.ts: Wrap GET API routes with withAuth or withEmailAccount middleware for authentication
Export response types from GET API routes using Awaited<ReturnType<>> pattern for type-safe client usage

Files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

apps/web/app/api/**/route.ts

📄 CodeRabbit inference engine (.cursor/rules/fullstack-workflow.mdc)

apps/web/app/api/**/route.ts: Create GET API routes using withAuth or withEmailAccount middleware in apps/web/app/api/*/route.ts, export response types as GetExampleResponse type alias for client-side type safety
Always export response types from GET routes as Get[Feature]Response using type inference from the data fetching function for type-safe client consumption
Do NOT use POST API routes for mutations - always use server actions with next-safe-action instead

Files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/app/**/route.ts

📄 CodeRabbit inference engine (.cursor/rules/get-api-route.mdc)

**/app/**/route.ts: Always wrap GET API route handlers with withAuth or withEmailAccount middleware for consistent error handling and authentication in Next.js App Router
Infer and export response type for GET API routes using Awaited<ReturnType<typeof functionName>> pattern in Next.js
Use Prisma for database queries in GET API routes
Return responses using NextResponse.json() in GET API routes
Do not use try/catch blocks in GET API route handlers when using withAuth or withEmailAccount middleware, as the middleware handles error handling

Files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

apps/web/app/**/[!.]*/route.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/project-structure.mdc)

Use kebab-case for route directories in Next.js App Router (e.g., api/hello-world/route)

Files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

apps/web/app/api/**/*.{ts,tsx}

📄 CodeRabbit inference engine (.cursor/rules/security-audit.mdc)

apps/web/app/api/**/*.{ts,tsx}: API routes must use withAuth, withEmailAccount, or withError middleware for authentication
All database queries must include user scoping with emailAccountId or userId filtering in WHERE clauses
Request parameters must be validated before use; avoid direct parameter usage without type checking
Use generic error messages instead of revealing internal details; throw SafeError instead of exposing user IDs, resource IDs, or system information
API routes should only return necessary fields using select in database queries to prevent unintended information disclosure
Cron endpoints must use hasCronSecret or hasPostCronSecret to validate cron requests and prevent unauthorized access
Request bodies should use Zod schemas for validation to ensure type safety and prevent injection attacks

Files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

**/app/api/**/*.ts

📄 CodeRabbit inference engine (.cursor/rules/security.mdc)

**/app/api/**/*.ts: ALL API routes that handle user data MUST use appropriate middleware: use withEmailAccount for email-scoped operations, use withAuth for user-scoped operations, or use withError with proper validation for public/custom auth endpoints
Use withEmailAccount middleware for operations scoped to a specific email account, including reading/writing emails, rules, schedules, or any operation using emailAccountId
Use withAuth middleware for user-level operations such as user settings, API keys, and referrals that use only userId
Use withError middleware only for public endpoints, custom authentication logic, or cron endpoints. For cron endpoints, MUST use hasCronSecret() or hasPostCronSecret() validation
Cron endpoints without proper authentication can be triggered by anyone. CRITICAL: All cron endpoints MUST validate cron secret using hasCronSecret(request) or hasPostCronSecret(request) and capture unauthorized attempts with captureException()
Always validate request bodies using Zod schemas to ensure type safety and prevent invalid data from reaching database operations
Maintain consistent error response format across all API routes to avoid information disclosure while providing meaningful error feedback

Files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

🧠 Learnings (38)

📚 Learning: 2025-11-25T14:37:11.434Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/get-api-route.mdc:0-0
Timestamp: 2025-11-25T14:37:11.434Z
Learning: Applies to **/app/**/route.ts : Use Prisma for all database queries in GET API routes

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:37:22.822Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/get-api-route.mdc:0-0
Timestamp: 2025-11-25T14:37:22.822Z
Learning: Applies to **/app/**/route.ts : Use Prisma for database queries in GET API routes

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:04.892Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:04.892Z
Learning: Applies to apps/web/app/api/**/route.ts : All related resources in database queries must use proper relationship filtering (not just top-level user/account filtering)

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:37:22.660Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/{pages,routes,components}/**/*.{ts,tsx} : Never call Gmail API directly from routes or components - always use wrapper functions from the utils folder

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:37:22.660Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to apps/web/utils/gmail/**/*.{ts,tsx} : Always use wrapper functions from @/utils/gmail/ for Gmail API operations instead of direct provider API calls

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:08.150Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:08.150Z
Learning: Applies to apps/web/app/api/**/*.{ts,tsx} : All database queries must include user scoping with `emailAccountId` or `userId` filtering in WHERE clauses

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:37:22.660Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail label operations from @/utils/gmail/label.ts instead of direct API calls

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:36:18.416Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: apps/web/CLAUDE.md:0-0
Timestamp: 2025-11-25T14:36:18.416Z
Learning: Applies to apps/web/app/api/**/*.ts : Wrap GET API routes with `withAuth` or `withEmailAccount` middleware for authentication

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:08.150Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:08.150Z
Learning: Applies to apps/web/app/api/**/*.{ts,tsx} : API routes should only return necessary fields using `select` in database queries to prevent unintended information disclosure

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/app/api/**/*.ts : Use `withAuth` middleware for user-level operations such as user settings, API keys, and referrals that use only `userId`

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:39:23.326Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:23.326Z
Learning: Applies to app/api/**/cron/**/*.ts : Cron endpoints MUST use `withError` middleware (not `withAuth` or `withEmailAccount`), validate cron secret using `hasCronSecret()` or `hasPostCronSecret()`, capture unauthorized attempts with `captureException`, and return 401 status for unauthorized requests

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:23.326Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:23.326Z
Learning: Applies to app/api/**/*.ts : Use `withError` middleware only for public endpoints or custom authentication logic - cron endpoints MUST validate with `hasCronSecret(request)` or `hasPostCronSecret(request)` and capture unauthorized attempts with `captureException`

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:08.150Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:08.150Z
Learning: Applies to apps/web/app/api/**/*.{ts,tsx} : Cron endpoints must use `hasCronSecret` or `hasPostCronSecret` to validate cron requests and prevent unauthorized access

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/app/api/**/*.ts : Use `withError` middleware only for public endpoints, custom authentication logic, or cron endpoints. For cron endpoints, MUST use `hasCronSecret()` or `hasPostCronSecret()` validation

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/app/api/**/*.ts : Cron endpoints without proper authentication can be triggered by anyone. CRITICAL: All cron endpoints MUST validate cron secret using `hasCronSecret(request)` or `hasPostCronSecret(request)` and capture unauthorized attempts with `captureException()`

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:04.892Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:04.892Z
Learning: Applies to apps/web/app/api/**/route.ts : Cron endpoints must use `hasCronSecret` or `hasPostCronSecret` middleware to validate cron job authenticity

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:23.326Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:23.326Z
Learning: Applies to app/api/**/*.ts : ALL API routes that handle user data MUST use appropriate middleware: `withEmailAccount` for email-scoped operations, `withAuth` for user-scoped operations, or `withError` with proper validation for public/cron endpoints

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:04.892Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:04.892Z
Learning: No hardcoded secrets in code; all secrets must be stored in environment variables (e.g., CRON_SECRET)

Applied to files:

• apps/web/app/api/google/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:23.326Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:23.326Z
Learning: Applies to app/api/**/*.ts : Use `withEmailAccount` middleware for operations scoped to a specific email account (reading/writing emails, rules, schedules, etc.) - provides `emailAccountId`, `userId`, and `email` in `request.auth`

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/app/api/**/*.ts : Use `withEmailAccount` middleware for operations scoped to a specific email account, including reading/writing emails, rules, schedules, or any operation using `emailAccountId`

Applied to files:

• apps/web/app/api/google/watch/all/route.ts
• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:37:22.660Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail thread operations from @/utils/gmail/thread.ts instead of direct API calls

Applied to files:

• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts

📚 Learning: 2025-11-25T14:37:22.660Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/gmail-api.mdc:0-0
Timestamp: 2025-11-25T14:37:22.660Z
Learning: Applies to **/*.{ts,tsx} : Use wrapper functions for Gmail message operations (get, list, batch, etc.) from @/utils/gmail/message.ts instead of direct API calls

Applied to files:

• apps/web/utils/email/watch-manager.ts
• apps/web/utils/webhook/process-history-item.ts

📚 Learning: 2025-11-25T14:40:00.833Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-11-25T14:40:00.833Z
Learning: Applies to **/*.test.{ts,tsx} : Use test helpers `getEmail`, `getEmailAccount`, and `getRule` from `@/__tests__/helpers` for mocking emails, accounts, and rules

Applied to files:

• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:38:42.022Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/prisma.mdc:0-0
Timestamp: 2025-11-25T14:38:42.022Z
Learning: Applies to **/*.{ts,tsx,js,jsx} : Import Prisma using the project's centralized utility: `import prisma from '@/utils/prisma'`

Applied to files:

• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:38:07.606Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/llm.mdc:0-0
Timestamp: 2025-11-25T14:38:07.606Z
Learning: Applies to apps/web/utils/ai/**/*.ts : LLM feature functions must import from `zod` for schema validation, use `createScopedLogger` from `@/utils/logger`, `chatCompletionObject` and `createGenerateObject` from `@/utils/llms`, and import `EmailAccountWithAI` type from `@/utils/llms/types`

Applied to files:

• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:40:00.833Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/testing.mdc:0-0
Timestamp: 2025-11-25T14:40:00.833Z
Learning: Applies to **/*.test.{ts,tsx} : Mock Prisma using `vi.mock("@/utils/prisma")` and import the mock from `@/utils/__mocks__/prisma`

Applied to files:

• apps/web/utils/email/watch-manager.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/*.ts : Only return necessary fields in API responses using Prisma's `select` option. Never expose sensitive data such as password hashes, private keys, or system flags

Applied to files:

• apps/web/utils/email/watch-manager.ts
• apps/web/app/api/resend/digest/all/route.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/*.ts : Use Prisma relationships for access control by leveraging nested where clauses (e.g., `emailAccount: { id: emailAccountId }`) to validate ownership

Applied to files:

• apps/web/utils/email/watch-manager.ts
• apps/web/app/api/resend/digest/all/route.ts

📚 Learning: 2025-11-25T14:38:07.606Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/llm.mdc:0-0
Timestamp: 2025-11-25T14:38:07.606Z
Learning: Applies to apps/web/utils/ai/**/*.ts : Implement early returns for invalid LLM inputs, use proper error types and logging, implement fallbacks for AI failures, and add retry logic for transient failures using `withRetry`

Applied to files:

• apps/web/utils/webhook/process-history-item.ts

📚 Learning: 2025-11-25T14:36:18.416Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: apps/web/CLAUDE.md:0-0
Timestamp: 2025-11-25T14:36:18.416Z
Learning: Applies to apps/web/**/*.{ts,tsx} : Use proper error handling with try/catch blocks

Applied to files:

• apps/web/utils/webhook/process-history-item.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/app/api/**/*.ts : Maintain consistent error response format across all API routes to avoid information disclosure while providing meaningful error feedback

Applied to files:

• apps/web/utils/webhook/process-history-item.ts

📚 Learning: 2025-11-25T14:42:08.869Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/ultracite.mdc:0-0
Timestamp: 2025-11-25T14:42:08.869Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Make sure to pass a message value when creating a built-in error

Applied to files:

• apps/web/utils/webhook/process-history-item.ts

📚 Learning: 2025-11-25T14:39:08.150Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:08.150Z
Learning: Applies to apps/web/app/api/**/*.{ts,tsx} : Use generic error messages instead of revealing internal details; throw `SafeError` instead of exposing user IDs, resource IDs, or system information

Applied to files:

• apps/web/utils/webhook/process-history-item.ts

📚 Learning: 2025-11-25T14:39:04.892Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:04.892Z
Learning: Applies to apps/web/app/api/**/route.ts : All database queries must include user/account filtering with `emailAccountId` or `userId` in WHERE clauses to prevent IDOR vulnerabilities

Applied to files:

• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:23.326Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:23.326Z
Learning: Applies to **/*.ts : Prevent Insecure Direct Object References (IDOR) by validating resource ownership in all queries - always include ownership filters (e.g., `emailAccount: { id: emailAccountId }`) when accessing user-specific resources

Applied to files:

• apps/web/app/api/resend/summary/all/route.ts

📚 Learning: 2025-11-25T14:39:04.892Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security-audit.mdc:0-0
Timestamp: 2025-11-25T14:39:04.892Z
Learning: Applies to apps/web/app/api/**/route.ts : API responses should use `select` to return only necessary fields and avoid exposing sensitive data

Applied to files:

• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/resend/digest/all/route.ts

📚 Learning: 2025-11-25T14:39:27.909Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:27.909Z
Learning: Applies to **/app/api/**/*.ts : ALL API routes that handle user data MUST use appropriate middleware: use `withEmailAccount` for email-scoped operations, use `withAuth` for user-scoped operations, or use `withError` with proper validation for public/custom auth endpoints

Applied to files:

• apps/web/app/api/resend/summary/all/route.ts
• apps/web/app/api/outlook/watch/all/route.ts

📚 Learning: 2025-11-25T14:39:23.326Z

Learnt from: CR
Repo: elie222/inbox-zero PR: 0
File: .cursor/rules/security.mdc:0-0
Timestamp: 2025-11-25T14:39:23.326Z
Learning: Applies to app/api/**/*.ts : Prevent mass assignment vulnerabilities by explicitly whitelisting allowed fields in updates - never directly assign request body to database update, always validate with schemas and only update specific fields

Applied to files:

• apps/web/app/api/resend/digest/all/route.ts

🧬 Code graph analysis (6)

apps/web/utils/premium/index.ts (1)

apps/web/env.ts (1)

• env (17-244)

apps/web/app/api/google/watch/all/route.ts (1)

apps/web/utils/premium/index.ts (1)

• getPremiumUserFilter (145-158)

apps/web/utils/email/watch-manager.ts (1)

apps/web/utils/premium/index.ts (1)

• getPremiumUserFilter (145-158)

apps/web/app/api/resend/summary/all/route.ts (1)

apps/web/utils/premium/index.ts (1)

• getPremiumUserFilter (145-158)

apps/web/app/api/resend/digest/all/route.ts (1)

apps/web/utils/premium/index.ts (1)

• getPremiumUserFilter (145-158)

apps/web/app/api/outlook/watch/all/route.ts (1)

apps/web/utils/premium/index.ts (1)

• getPremiumUserFilter (145-158)

🔇 Additional comments (7)

apps/web/utils/webhook/process-history-item.ts (1)

199-224: LGTM! Comprehensive Outlook error handling.

The enhanced error handling correctly covers multiple Outlook-specific not-found error patterns (error codes and message strings) while preserving the existing Google error detection. The type assertion is safe with optional chaining, and the early return pattern is appropriate.

version.txt (1)

1-1: LGTM!

Version bump is appropriate for this refactoring and bug fix.

apps/web/app/api/resend/digest/all/route.ts (1)

10-10: LGTM! Clean refactoring to centralized premium filter.

The import and usage of getPremiumUserFilter() correctly replaces the inline premium filtering logic while maintaining all existing query constraints.

Also applies to: 28-28

apps/web/app/api/resend/summary/all/route.ts (1)

15-15: LGTM! Consistent refactoring pattern.

The centralized premium filter is correctly applied, maintaining all existing query logic and constraints.

Also applies to: 31-31

apps/web/app/api/google/watch/all/route.ts (1)

6-6: LGTM! Centralized premium filtering applied correctly.

The refactoring successfully replaces the inline premium filter with the centralized utility while maintaining the runtime hasAiAccess check for each account.

Also applies to: 18-18

apps/web/app/api/outlook/watch/all/route.ts (1)

6-6: LGTM! Outlook route successfully refactored.

The centralized premium filter is correctly applied alongside the Outlook-specific provider filter, maintaining all existing logic.

Also applies to: 21-21

apps/web/utils/email/watch-manager.ts (1)

2-2: LGTM! Watch manager successfully refactored.

The centralized premium filter is correctly applied while preserving the optional userIds filtering logic and runtime hasAiAccess checks.

Also applies to: 35-35

[cubic-dev-ai]

No issues found across 7 files

[cubic-dev-ai]

No issues found across 8 files