Fix duplicate tenant display in account selector#660
Merged
Conversation
…mail access When a user has access to a tenant via both authorized_domains and authorized_emails, the tenant was appearing twice in the account selector. Root cause: In google_callback(), the code was adding tenants from both domain_tenant and email_tenants without checking for duplicates. Fix: Use a dictionary keyed by tenant_id to deduplicate tenants before converting to a list for the session. Changes: - Modified google_callback() to use tenant_dict for deduplication - Added explicit check to skip email_tenants already in domain_tenant - Added comprehensive test for duplicate prevention Fixes AccuWeather user seeing duplicate account selection.
EmmaLouise2018
pushed a commit
that referenced
this pull request
Oct 29, 2025
…mail access (#660) When a user has access to a tenant via both authorized_domains and authorized_emails, the tenant was appearing twice in the account selector. Root cause: In google_callback(), the code was adding tenants from both domain_tenant and email_tenants without checking for duplicates. Fix: Use a dictionary keyed by tenant_id to deduplicate tenants before converting to a list for the session. Changes: - Modified google_callback() to use tenant_dict for deduplication - Added explicit check to skip email_tenants already in domain_tenant - Added comprehensive test for duplicate prevention Fixes AccuWeather user seeing duplicate account selection.
danf-newton
pushed a commit
to Newton-Research-Inc/salesagent
that referenced
this pull request
Nov 24, 2025
…mail access (prebid#660) When a user has access to a tenant via both authorized_domains and authorized_emails, the tenant was appearing twice in the account selector. Root cause: In google_callback(), the code was adding tenants from both domain_tenant and email_tenants without checking for duplicates. Fix: Use a dictionary keyed by tenant_id to deduplicate tenants before converting to a list for the session. Changes: - Modified google_callback() to use tenant_dict for deduplication - Added explicit check to skip email_tenants already in domain_tenant - Added comprehensive test for duplicate prevention Fixes AccuWeather user seeing duplicate account selection.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixed a bug where users with access to a tenant via both domain-based authorization and email-based authorization would see the tenant twice in the account selector.
Problem
When a user had access to a tenant through both
authorized_domainsandauthorized_emails, the tenant appeared twice in the tenant selection screen during login.Root Cause
In the
google_callback()function, tenants were being added to theavailable_tenantslist without checking for duplicates. The code would add:domain_tenant(domain-based access)email_tenants(email-based access)Solution
Refactored the tenant collection logic to use a dictionary keyed by
tenant_idfor deduplication:Testing
Added comprehensive unit test
test_tenant_not_duplicated_when_in_both_domain_and_email_liststhat verifies:Changes
src/admin/blueprints/auth.py:268-307to use deduplication logicsrc/admin/tests/unit/test_auth.py:295-363Impact