Fix nullable org_id handling in public share handlers

go_cloud/internal/http/routes.go

@@ -2819,7 +2819,7 @@ func createFileShareLinkHandler(w http.ResponseWriter, r *http.Request, db *data
 		return
 	}
 
-	link, err := db.CreateFileShareLink(r.Context(), token, fileUUID, orgID, userID)
+	link, err := db.CreateFileShareLink(r.Context(), token, fileUUID, &orgID, userID)
 	if err != nil {
 		errors.LogError(r, err, "Failed to create share link")
 		errors.WriteError(w, errors.CodeInternal, "Server error", http.StatusInternalServerError)
@@ -2911,7 +2911,11 @@ func publicFileShareHandler(w http.ResponseWriter, r *http.Request, db *database
 	}
 
 	// Generate a short-lived token for download (1 hour)
-	viewerToken, err := jwtManager.GenerateWithDuration("", []string{link.OrgID.String()}, "", time.Hour)
+	var orgIDs []string
+	if link.OrgID != nil {
+		orgIDs = []string{link.OrgID.String()}
+	}
+	viewerToken, err := jwtManager.GenerateWithDuration("", orgIDs, "", time.Hour)
 	if err != nil {
 		errors.LogError(r, err, "Failed to generate viewer token")
 		errors.WriteError(w, errors.CodeInternal, "Server error", http.StatusInternalServerError)
@@ -2974,24 +2978,6 @@ func publicFileDownloadHandler(w http.ResponseWriter, r *http.Request, db *datab
 		return
 	}
 
-	// Verify viewer token (contains org ID)
-	claims, err := jwtManager.Validate(viewerToken)
-	if err != nil {
-		errors.LogError(r, err, "Invalid viewer token")
-		errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
-		return
-	}
-
-	if len(claims.OrgIDs) == 0 {
-		errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
-		return
-	}
-	orgID, err := uuid.Parse(claims.OrgIDs[0])
-	if err != nil {
-		errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
-		return
-	}
-
 	link, err := db.GetFileShareLinkByToken(r.Context(), token)
 	if err != nil {
 		if err == sql.ErrNoRows {
@@ -3003,11 +2989,35 @@ func publicFileDownloadHandler(w http.ResponseWriter, r *http.Request, db *datab
 		return
 	}
 
-	if link.OrgID != orgID {
+	// Verify viewer token (contains org ID for org files, empty for personal)
+	claims, err := jwtManager.Validate(viewerToken)
+	if err != nil {
+		errors.LogError(r, err, "Invalid viewer token")
 		errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
 		return
 	}
 
+	if link.OrgID == nil {
+		if len(claims.OrgIDs) != 0 {
+			errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
+			return
+		}
+	} else {
+		if len(claims.OrgIDs) == 0 {
+			errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
+			return
+		}
+		orgID, err := uuid.Parse(claims.OrgIDs[0])
+		if err != nil {
+			errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
+			return
+		}
+		if *link.OrgID != orgID {
+			errors.WriteError(w, errors.CodeUnauthenticated, "Invalid token", http.StatusUnauthorized)
+			return
+		}
+	}
+
 	// Get file metadata
 	file, err := db.GetFileByID(r.Context(), link.FileID)
 	if err != nil {