### TL;DR
Added session cleanup logic to handle active organization reassignment when user organizations are deleted.
### What changed?
Enhanced the `cleanupUserOrganizations` method in `AuthService` to reassign active organizations for users whose current active organization is being deleted. The method now:
- Identifies users who are members of organizations being deleted
- Finds alternative organizations for each affected user
- Updates their sessions to use a fallback organization or null if no alternatives exist
- Wraps the entire operation in a database transaction for consistency
### How to test?
Run the new test suite:
```bash
bun test app/server/modules/auth/__tests__/auth.cleanup-user-organizations.test.ts
```
The test verifies that when a user's organization is deleted, other members' sessions are properly updated to use their remaining organization memberships as the active organization.
### Why make this change?
Prevents orphaned session references when organizations are deleted. Without this change, users could have sessions pointing to non-existent organizations as their active workspace, leading to potential application errors or inconsistent state.
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
## Release Notes
* **Bug Fixes**
* Improved organization deletion handling. When an organization is deleted, user sessions are now automatically reassigned to a valid fallback organization, ensuring session state consistency and preventing invalid organization references.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
test: use better-auth built-in test plugin
refactor: map auth errors server side
refactor: native trusted providers callback usage
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Enhanced SSO authentication error messaging with specific guidance for different failure scenarios (account linking required, email verification needed, banned accounts, invite-only access).
* **Chores**
* Updated authentication dependencies to version 1.5.0.
* **Tests**
* Extended test coverage for SSO error code handling and authentication scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes#590
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
* **Tests**
* Enhanced test coverage for backup pattern handling and anchoring
* Added end-to-end scenarios validating include patterns, exclusion patterns, and exclude-if-present functionality
* **Refactor**
* Updated pattern processing logic to improve relative path resolution for backup patterns
* Improved asynchronous handling in backup initialization workflow
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Allows users to pass arbitrary restic flags via a new advanced section in the create/edit schedule form. Includes DB migration, schema update, DTO, service, and restic command changes.
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
* **Tests**
* Improved test infrastructure and organization across backup, repository, volume, and utility modules with streamlined mock setup and cleaner test patterns.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
refactor(restic): split each command into its own file
refactor: add missing await before promise expects
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
## Release Notes
* **Tests**
* Improved async assertion handling across test suites for enhanced test reliability
* Expanded test coverage for backup, restore, and other core operations
* **Refactor**
* Reorganized internal utility structure for improved code maintainability
* **Chores**
* Updated linting configuration and TypeScript dependencies
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes#562
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Improved repository setup with context-aware descriptions for new vs. existing repositories
* Enhanced path handling: unique identifiers automatically appended for new repositories, exact paths preserved when importing existing ones
* **Chores**
* Updated documentation and build configuration
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
When a selected subfolder had the exact same name as its parent volume
mount, the `path.relative` check falsely identified the subfolder path
as an absolute path already inside the volume. This caused the entire
volume root to be backed up instead of the intended subfolder.
Closes#250
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved handling of backup patterns when folder names match volume names.
* Enhanced error handling for snapshot deletion operations.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
* **Bug Fixes**
* Enhanced error handling in retention category calculations to gracefully handle missing or invalid repositories, ensuring the system returns safe defaults instead of failing
* Optimized repository cache validation and lookup mechanisms for improved performance
* Strengthened repository validation checks to prevent potential calculation failures
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Closes#519
<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit
* **New Features**
* Notification destinations can now be tested even when disabled, enabling configuration validation before activation
* **Improvements**
* Discord notification formatting parameters optimized for enhanced message delivery
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
* feat: edit repository form
* refactor: local repo path concat as a code migration
* refactor: server constants
* chore: fix lint issue in test file
* refactor: add auth to getServerConstants
* refactor: add nitro bootstrap plugin to ensure app is started before first call
* refactor(bootstrap): avoid duplicate event firing
* refactor: extract common setup in initModule function
* refactor: remove proxy pattern for db and auth
Since we migrated away from rr this is not needed anymore as the bundler
correctly split chunks
* refactor: move migrations to new structure
* refactor: convert all findMany to new structure
* fix(backups-schedule): missing null matching for last backup status
* chore: move root lib to server
* feat(db): add support for multiple users and organizations
* feat: backfill entities with new organization id
* refactor: filter all backend queries to surface only organization specific entities
* refactor: each org has its own restic password
* test: ensure organization is created
* chore: pr feedbacks
* refactor: filter by org id in all places
* refactor: download restic password from stored db password
* refactor(navigation): use volume id in urls instead of name
* feat: disable registrations
* refactor(auth): bubble up auth error to hono
* refactor: use async local storage for cleaner context sharing
* refactor: enable user registration vs disabling it
* test: multi-org isolation
* chore: final cleanup
* feat: display notification when new release is available
* refactor: standalone re-usable cache util
* refactor: clear cache on server startup
* refactor: add timeout to gh release fetch
* fix: run with app version env variable
* feat: add support for SFTP volume backend
* feat: allow more secure SFTP connection with known hosts
* refactor: make default value for skip host key check to false
* refactor: use os.userInfo when setting uid/gid in mount commands
* feat: increase server idle timeout and allow to modify it via env
* chore(app): move auth middleware to individual controller
To clean up de main app.ts file
* chore: remove console.log
* fix: prepend mount path location in exclude patterns
* test(backups): add tests suite for backend include & exclude patterns
* test: fix leaking global module mock
* test: backups service
* refactor: create hono app in a separate file
To avoid side effects like db migration or startup scripts when testing
test(backups): add security tests to the backups controller
* ci: run typechecks, build and tests on PR
* test: controllers security tests
* chore: update lock file
* refactor: pr feedbacks
* refactor(startup): ensure entities always use the latest configuration schema
* refactor: await config updates to avoid race condition on later mount
Ensures schedule reordering requests are valid by checking for duplicate and non-existent IDs.
Improves performance by using a transaction for batch updates.
Adds drag-and-drop functionality to reorder backup schedules
Introduces a sort order field to the database schema and implements API endpoints to update the schedule order.
This allows users to visually prioritize their backup jobs.
* feat: add custom restore target directory
Adds the ability to restore snapshots to a custom directory instead of
only the original path. Closes#12.
Changes:
- Add target parameter to restore API endpoint
- Add directory picker UI in file browser restore dialog
- Add target input field in snapshot restore form
- Create reusable PathSelector component
Note: Run `bun run gen:api-client` after merging to regenerate types.
* refactor: path selector design
* refactor: unify restore snapshot dialogs
* refactor: restore snapshot as a page
* chore: fix liniting issues
* chore(create-notification): remove un-used prop
---------
Co-authored-by: Deepseek1 <Deepseek1@users.noreply.github.com>