From e9517a5a4d9479525b20165b8b0bf35b0f2816dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leon=20B=C3=B6sche?= <leonboesche1999@gmail.com>
Date: Sun, 11 Jan 2026 03:30:31 +0100
Subject: [PATCH] Fix context key type mismatch causing org files 500 error

- Export ContextKey type and context keys from middleware package
- Use exported keys (UserKey, SessionKey, TokenKey, OrgKey) in handlers
- Fixes panic: interface conversion: interface {} is nil, not uuid.UUID
- The middleware was setting context with contextKey type but handlers
  were retrieving with string type, causing nil value lookup failure
---
 go_cloud/internal/http/routes.go           | 20 +++++++--------
 go_cloud/internal/middleware/middleware.go | 30 +++++++++++-----------
 2 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/go_cloud/internal/http/routes.go b/go_cloud/internal/http/routes.go
index d072e3a..d9fa78d 100644
--- a/go_cloud/internal/http/routes.go
+++ b/go_cloud/internal/http/routes.go
@@ -356,7 +356,7 @@ func createOrgHandler(w http.ResponseWriter, r *http.Request, db *database.DB, a
 
 func listFilesHandler(w http.ResponseWriter, r *http.Request, db *database.DB) {
 	// Org ID is provided by middleware.Org
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	// Query params: path, q (search), page, pageSize
 	path := r.URL.Query().Get("path")
 	if path == "" {
@@ -399,7 +399,7 @@ func listFilesHandler(w http.ResponseWriter, r *http.Request, db *database.DB) {
 func viewerHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger) {
 	userIDStr, _ := middleware.GetUserID(r.Context())
 	userID, _ := uuid.Parse(userIDStr)
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	fileId := chi.URLParam(r, "fileId")
 
 	// Get file metadata to determine path and type
@@ -535,7 +535,7 @@ func userViewerHandler(w http.ResponseWriter, r *http.Request, db *database.DB,
 func editorHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger) {
 	userIDStr, _ := middleware.GetUserID(r.Context())
 	userID, _ := uuid.Parse(userIDStr)
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	fileId := chi.URLParam(r, "fileId")
 
 	// Get file metadata to determine path and type
@@ -584,7 +584,7 @@ func editorHandler(w http.ResponseWriter, r *http.Request, db *database.DB, audi
 func annotationsHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger) {
 	userIDStr, _ := middleware.GetUserID(r.Context())
 	userID, _ := uuid.Parse(userIDStr)
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	fileId := chi.URLParam(r, "fileId")
 
 	// Parse payload
@@ -612,7 +612,7 @@ func annotationsHandler(w http.ResponseWriter, r *http.Request, db *database.DB,
 }
 
 func activityHandler(w http.ResponseWriter, r *http.Request, db *database.DB) {
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 
 	activities, err := db.GetOrgActivities(r.Context(), orgID, 50)
 	if err != nil {
@@ -626,7 +626,7 @@ func activityHandler(w http.ResponseWriter, r *http.Request, db *database.DB) {
 }
 
 func listMembersHandler(w http.ResponseWriter, r *http.Request, db *database.DB) {
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 
 	members, err := db.GetOrgMembers(r.Context(), orgID)
 	if err != nil {
@@ -640,7 +640,7 @@ func listMembersHandler(w http.ResponseWriter, r *http.Request, db *database.DB)
 }
 
 func updateMemberRoleHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger) {
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	userIDStr := chi.URLParam(r, "userId")
 	userID, err := uuid.Parse(userIDStr)
 	if err != nil {
@@ -1076,7 +1076,7 @@ func userFilesHandler(w http.ResponseWriter, r *http.Request, db *database.DB) {
 
 // createOrgFileHandler creates a file or folder record for an org workspace.
 func createOrgFileHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger, cfg *config.Config) {
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	userIDStr, _ := middleware.GetUserID(r.Context())
 	userID, _ := uuid.Parse(userIDStr)
 	var f *database.File
@@ -1183,7 +1183,7 @@ func createOrgFileHandler(w http.ResponseWriter, r *http.Request, db *database.D
 
 // deleteOrgFileHandler deletes a file/folder in org workspace by path
 func deleteOrgFileHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger, cfg *config.Config) {
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	userIDStr, _ := middleware.GetUserID(r.Context())
 	userID, _ := uuid.Parse(userIDStr)
 
@@ -1388,7 +1388,7 @@ func deleteUserFileHandler(w http.ResponseWriter, r *http.Request, db *database.
 
 // downloadOrgFileHandler downloads a file from org workspace
 func downloadOrgFileHandler(w http.ResponseWriter, r *http.Request, db *database.DB, cfg *config.Config) {
-	orgID := r.Context().Value("org").(uuid.UUID)
+	orgID := r.Context().Value(middleware.OrgKey).(uuid.UUID)
 	userIDStr, _ := middleware.GetUserID(r.Context())
 	userID, _ := uuid.Parse(userIDStr)
 
diff --git a/go_cloud/internal/middleware/middleware.go b/go_cloud/internal/middleware/middleware.go
index dfeb63f..3170577 100644
--- a/go_cloud/internal/middleware/middleware.go
+++ b/go_cloud/internal/middleware/middleware.go
@@ -64,30 +64,30 @@ var RateLimit = func(next http.Handler) http.Handler {
 	})
 }
 
-type contextKey string
+type ContextKey string
 
 const (
-	userKey    contextKey = "user"
-	sessionKey contextKey = "session"
-	tokenKey   contextKey = "token"
-	orgKey     contextKey = "org"
+	UserKey    ContextKey = "user"
+	SessionKey ContextKey = "session"
+	TokenKey   ContextKey = "token"
+	OrgKey     ContextKey = "org"
 )
 
 // GetUserID retrieves the user ID from the request context
 func GetUserID(ctx context.Context) (string, bool) {
-	userID, ok := ctx.Value(userKey).(string)
+	userID, ok := ctx.Value(UserKey).(string)
 	return userID, ok
 }
 
 // GetSession retrieves the session from the request context
 func GetSession(ctx context.Context) (*database.Session, bool) {
-	session, ok := ctx.Value(sessionKey).(*database.Session)
+	session, ok := ctx.Value(SessionKey).(*database.Session)
 	return session, ok
 }
 
 // GetToken retrieves the JWT token from the request context
 func GetToken(ctx context.Context) (string, bool) {
-	token, ok := ctx.Value(tokenKey).(string)
+	token, ok := ctx.Value(TokenKey).(string)
 	return token, ok
 }
 
@@ -108,9 +108,9 @@ func Auth(jwtManager *jwt.Manager, db *database.DB) func(http.Handler) http.Hand
 				return
 			}
 
-			ctx := context.WithValue(r.Context(), userKey, claims.UserID)
-			ctx = context.WithValue(ctx, sessionKey, session)
-			ctx = context.WithValue(ctx, tokenKey, tokenString)
+		ctx := context.WithValue(r.Context(), UserKey, claims.UserID)
+		ctx = context.WithValue(ctx, SessionKey, session)
+		ctx = context.WithValue(ctx, TokenKey, tokenString)
 			next.ServeHTTP(w, r.WithContext(ctx))
 		})
 	}
@@ -120,7 +120,7 @@ func Auth(jwtManager *jwt.Manager, db *database.DB) func(http.Handler) http.Hand
 func Org(db *database.DB, auditLogger *audit.Logger) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			userIDStr := r.Context().Value(userKey).(string)
+			userIDStr := r.Context().Value(UserKey).(string)
 			userID, _ := uuid.Parse(userIDStr)
 
 			orgIDStr := r.Header.Get("X-Org-ID")
@@ -159,7 +159,7 @@ func Org(db *database.DB, auditLogger *audit.Logger) func(http.Handler) http.Han
 				return
 			}
 
-			ctx := context.WithValue(r.Context(), orgKey, orgID)
+			ctx := context.WithValue(r.Context(), OrgKey, orgID)
 			next.ServeHTTP(w, r.WithContext(ctx))
 		})
 	}
@@ -169,9 +169,9 @@ func Org(db *database.DB, auditLogger *audit.Logger) func(http.Handler) http.Han
 func Permission(db *database.DB, auditLogger *audit.Logger, perm permission.Permission) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			userIDStr := r.Context().Value(userKey).(string)
+			userIDStr := r.Context().Value(UserKey).(string)
 			userID, _ := uuid.Parse(userIDStr)
-			orgID := r.Context().Value(orgKey).(uuid.UUID)
+			orgID := r.Context().Value(OrgKey).(uuid.UUID)
 
 			hasPerm, err := permission.HasPermission(r.Context(), db, userID, orgID, perm)
 			if err != nil || !hasPerm {