fix(api): use authenticated user ID for organizations Electric sync

[saddlepaddle]

Summary

• Fixed bug where Electric proxy used a random member from the active org to determine which organizations to sync
• Now correctly uses the authenticated user's ID to query their actual memberships
• This was causing users in shared orgs to see incorrect organization lists

Test plan

• Lint passes
• Typecheck passes
• Tests pass (1114 pass, 0 fail)
• Verified fix with Kiet's account - he can now see both orgs

Summary by CodeRabbit

• Bug Fixes
  • Enhanced data filtering to ensure proper user access scoping
• Chores
  • Optimized user membership lookup and retrieval process

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The buildWhereClause function signature is updated to accept a userId parameter, enabling user-scoped filtering. The function call in the route handler passes the authenticated user's ID, and the utils implementation simplifies the membership lookup logic to compute organization IDs directly from user memberships.

Changes

Cohort / File(s)	Summary
Function Signature Update apps/api/src/app/api/electric/[...path]/route.ts, apps/api/src/app/api/electric/[...path]/utils.ts	Added userId: string parameter to buildWhereClause function. Route handler passes sessionData.user.id; utils implementation simplified to compute orgIds directly from user memberships instead of performing redundant lookups.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A whisker-thin change, yet clever and neat,
User IDs now flowing, making queries complete,
Memberships streamlined with a hop and a bound,
Filtering by identity—authentication found! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: using the authenticated user ID instead of a random member for Electric sync in organizations.
Description check	✅ Passed	The description covers the bug fix, its impact, and verification steps, but lacks formal sections matching the template structure (Related Issues, Type of Change, Testing sections are not explicitly labeled).

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🧹 Preview Cleanup Complete

The following preview resources have been cleaned up:

• ⚠️ Neon database branch
• ✅ Electric Fly.io app

Thank you for your contribution! 🎉