fix(discord-bot): resolve getUserLicenses via dashboard link, not Discord ID as email

VoxHash · VoxHash · commit 0c998518d9d4 · 2026-03-25T07:31:24.000-04:00
diff --git a/src/client/LicenseChainClient.js b/src/client/LicenseChainClient.js
@@ -5,6 +5,7 @@
 const axios = require('axios');
 const crypto = require('crypto');
 const { normalizeAxiosError, normalizeVerifyPayload } = require('./licensechainApiNormalize');
+const { getLinkedUser } = require('./DashboardClient');
 
 class LicenseChainClient {
   constructor(config) {
@@ -79,6 +80,12 @@ class LicenseChainClient {
    */
   async getUserLicenses(userId) {
     try {
+      const linked = await getLinkedUser(userId);
+      const linkedEmail = (linked?.email || '').trim().toLowerCase();
+      if (!linkedEmail) {
+        throw new Error('DISCORD_ACCOUNT_NOT_LINKED');
+      }
+
       // Get all app licenses and filter by user
       const appName = process.env.LICENSECHAIN_APP_NAME;
       if (!appName) {
@@ -98,10 +105,11 @@ class LicenseChainClient {
       const licensesData = await this.getAppLicenses(appId);
       const allLicenses = licensesData?.licenses || licensesData || [];
       
-      // Filter licenses by userId (email or issuedTo matching)
-      // Note: This is a simplified filter - adjust based on your data structure
+      // Scope licenses by linked dashboard email to avoid discord-id/email drift.
       return allLicenses.filter(license => {
-        return license.issuedEmail === userId || license.issuedTo === userId || license.email === userId;
+        const issuedEmail = (license?.issuedEmail || '').trim().toLowerCase();
+        const email = (license?.email || '').trim().toLowerCase();
+        return issuedEmail === linkedEmail || email === linkedEmail;
       });
     } catch (error) {
       throw new Error(`Failed to get user licenses: ${error.response?.data?.message || error.message}`);
diff --git a/src/commands/license.js b/src/commands/license.js
@@ -237,6 +237,15 @@ module.exports = {
             }));
           }
         } catch (apiError) {
+          if (String(apiError.message || '').includes('DISCORD_ACCOUNT_NOT_LINKED')) {
+            const embed = new EmbedBuilder()
+              .setColor('#ffaa00')
+              .setTitle('🔗 Account Link Required')
+              .setDescription('Link your Discord account in the LicenseChain Dashboard, then run `/license list` again.')
+              .setTimestamp();
+            await interaction.editReply({ embeds: [embed] });
+            return;
+          }
           console.warn('Could not fetch licenses from API:', apiError.message);
         }
       }

Original file line number	Diff line number	Diff line change
`@@ -237,6 +237,15 @@ module.exports = {`
`237`	`237`	`}));`
`238`	`238`	`}`
`239`	`239`	`} catch (apiError) {`
	`240`	`+ if (String(apiError.message \|\| '').includes('DISCORD_ACCOUNT_NOT_LINKED')) {`
	`241`	`+ const embed = new EmbedBuilder()`
	`242`	`+ .setColor('#ffaa00')`
	`243`	`+ .setTitle('🔗 Account Link Required')`
	`244`	+ .setDescription('Link your Discord account in the LicenseChain Dashboard, then run `/license list` again.')
	`245`	`+ .setTimestamp();`
	`246`	`+ await interaction.editReply({ embeds: [embed] });`
	`247`	`+ return;`
	`248`	`+ }`
`240`	`249`	`console.warn('Could not fetch licenses from API:', apiError.message);`
`241`	`250`	`}`
`242`	`251`	`}`