@jskit-ai/users-core 0.1.41 → 0.1.43

package/package.descriptor.mjs

@@ -1,7 +1,7 @@
 export default Object.freeze({
   packageVersion: 1,
   packageId: "@jskit-ai/users-core",
-  version: "0.1.41",
+  version: "0.1.43",
   kind: "runtime",
   description: "Users/account runtime plus HTTP routes for account and console features.",
   dependsOn: [
@@ -138,11 +138,11 @@ export default Object.freeze({
   mutations: {
     dependencies: {
       runtime: {
-        "@jskit-ai/auth-core": "0.1.30",
-        "@jskit-ai/database-runtime": "0.1.31",
-        "@jskit-ai/http-runtime": "0.1.30",
-        "@jskit-ai/kernel": "0.1.31",
-        "@jskit-ai/uploads-runtime": "0.1.9",
+        "@jskit-ai/auth-core": "0.1.32",
+        "@jskit-ai/database-runtime": "0.1.33",
+        "@jskit-ai/http-runtime": "0.1.32",
+        "@jskit-ai/kernel": "0.1.33",
+        "@jskit-ai/uploads-runtime": "0.1.11",
         "@fastify/type-provider-typebox": "^6.1.0",
         typebox: "^1.0.81"
       },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jskit-ai/users-core",
-  "version": "0.1.41",
+  "version": "0.1.43",
   "type": "module",
   "scripts": {
     "test": "node --test"
@@ -24,11 +24,11 @@
     "./shared/resources/consoleSettingsFields": "./src/shared/resources/consoleSettingsFields.js"
   },
   "dependencies": {
-    "@jskit-ai/auth-core": "0.1.30",
-    "@jskit-ai/database-runtime": "0.1.31",
-    "@jskit-ai/http-runtime": "0.1.30",
-    "@jskit-ai/kernel": "0.1.31",
-    "@jskit-ai/uploads-runtime": "0.1.9",
+    "@jskit-ai/auth-core": "0.1.32",
+    "@jskit-ai/database-runtime": "0.1.33",
+    "@jskit-ai/http-runtime": "0.1.32",
+    "@jskit-ai/kernel": "0.1.33",
+    "@jskit-ai/uploads-runtime": "0.1.11",
     "@fastify/type-provider-typebox": "^6.1.0",
     "typebox": "^1.0.81"
   }

package/src/server/accountProfile/avatarStorageService.js

@@ -1,4 +1,4 @@
-import { parsePositiveInteger } from "@jskit-ai/kernel/server/runtime";
+import { normalizeRecordId } from "@jskit-ai/kernel/shared/support/normalize";
 import {
   createUploadStorageService,
   detectCommonMimeTypeFromBuffer
@@ -7,9 +7,9 @@ import {
 const AVATAR_STORAGE_PREFIX = "users/avatars";
 
 function buildAvatarStorageKey(userId) {
-  const normalizedUserId = parsePositiveInteger(userId);
+  const normalizedUserId = normalizeRecordId(userId, { fallback: null });
   if (!normalizedUserId) {
-    throw new TypeError("Avatar storage requires a positive integer user id.");
+    throw new TypeError("Avatar storage requires a valid user id.");
   }
 
   return `${AVATAR_STORAGE_PREFIX}/${normalizedUserId}/avatar`;

package/src/server/common/contributors/workspaceRouteVisibilityResolver.js

@@ -1,18 +1,17 @@
-import { normalizeOpaqueId, normalizeText } from "@jskit-ai/kernel/shared/support/normalize";
-import { parsePositiveInteger } from "@jskit-ai/kernel/server/runtime";
+import { normalizeOpaqueId, normalizeRecordId, normalizeText } from "@jskit-ai/kernel/shared/support/normalize";
 
-function buildVisibilityContribution({ visibility, scopeOwnerId = 0, userOwnerId = null } = {}) {
+function buildVisibilityContribution({ visibility, scopeOwnerId = null, userId = null } = {}) {
   const requiresActorScope = visibility === "workspace_user";
   const contribution = {
     scopeKind: requiresActorScope ? "workspace_user" : "workspace",
     requiresActorScope
   };
 
-  if (scopeOwnerId > 0) {
+  if (scopeOwnerId) {
     contribution.scopeOwnerId = scopeOwnerId;
   }
-  if (requiresActorScope && userOwnerId != null) {
-    contribution.userOwnerId = userOwnerId;
+  if (requiresActorScope && userId != null) {
+    contribution.userId = userId;
   }
 
   return contribution;
@@ -31,10 +30,10 @@ function createWorkspaceRouteVisibilityResolver({ workspaceService } = {}) {
       }
 
       const actor = context?.actor || request?.user || null;
-      const userOwnerId = normalizeOpaqueId(actor?.id);
+      const userId = normalizeOpaqueId(actor?.id);
       const workspace =
         context?.workspace || context?.requestMeta?.resolvedWorkspaceContext?.workspace || request?.workspace || null;
-      const scopeOwnerId = parsePositiveInteger(workspace?.id);
+      const scopeOwnerId = normalizeRecordId(workspace?.id, { fallback: null });
       if (!scopeOwnerId) {
         const workspaceSlug = normalizeText(input?.workspaceSlug).toLowerCase();
 
@@ -42,7 +41,7 @@ function createWorkspaceRouteVisibilityResolver({ workspaceService } = {}) {
           return visibility === "workspace_user"
             ? buildVisibilityContribution({
                 visibility,
-                userOwnerId
+                userId
               })
             : {};
         }
@@ -50,12 +49,12 @@ function createWorkspaceRouteVisibilityResolver({ workspaceService } = {}) {
         const resolvedWorkspaceContext = await workspaceService.resolveWorkspaceContextForUserBySlug(actor, workspaceSlug, {
           request
         });
-        const resolvedWorkspaceOwnerId = parsePositiveInteger(resolvedWorkspaceContext?.workspace?.id);
+        const resolvedWorkspaceOwnerId = normalizeRecordId(resolvedWorkspaceContext?.workspace?.id, { fallback: null });
         if (!resolvedWorkspaceOwnerId) {
           return visibility === "workspace_user"
             ? buildVisibilityContribution({
                 visibility,
-                userOwnerId
+                userId
               })
             : {};
         }
@@ -63,14 +62,14 @@ function createWorkspaceRouteVisibilityResolver({ workspaceService } = {}) {
         return buildVisibilityContribution({
           visibility,
           scopeOwnerId: resolvedWorkspaceOwnerId,
-          userOwnerId
+          userId
         });
       }
 
       return buildVisibilityContribution({
         visibility,
         scopeOwnerId,
-        userOwnerId
+        userId
       });
     }
   });

package/src/server/common/formatters/workspaceFormatter.js

@@ -1,9 +1,10 @@
 import { resolveWorkspaceThemePalettes } from "../../../shared/settings.js";
 import { normalizeLowerText, normalizeText } from "@jskit-ai/kernel/shared/actions/textNormalization";
+import { normalizeRecordId } from "@jskit-ai/kernel/shared/support/normalize";
 
 function mapWorkspaceSummary(workspace, membership) {
   return {
-    id: Number(workspace.id),
+    id: normalizeRecordId(workspace.id, { fallback: "" }),
     slug: normalizeText(workspace.slug),
     name: normalizeText(workspace.name),
     avatarUrl: normalizeText(workspace.avatarUrl),
@@ -39,7 +40,7 @@ function mapMembershipSummary(membership, workspace) {
   }
 
   return {
-    workspaceId: Number(workspace?.id || membership.workspaceId),
+    workspaceId: normalizeRecordId(workspace?.id || membership.workspaceId, { fallback: "" }),
     roleSid: normalizeLowerText(membership.roleSid || "member") || "member",
     status: normalizeLowerText(membership.status || "active") || "active"
   };

package/src/server/common/repositories/repositoryUtils.js

@@ -1,6 +1,12 @@
-import { toInsertDateTime, toNullableDateTime, toIsoString } from "@jskit-ai/database-runtime/shared";
+import {
+  normalizeDbRecordId,
+  toInsertDateTime,
+  toNullableDateTime,
+  toIsoString,
+  createWithTransaction
+} from "@jskit-ai/database-runtime/shared";
 import { isDuplicateEntryError } from "@jskit-ai/database-runtime/shared/duplicateEntry";
-import { normalizeText, normalizeLowerText } from "@jskit-ai/kernel/shared/support/normalize";
+import { normalizeLowerText, normalizeRecordId, normalizeText } from "@jskit-ai/kernel/shared/support/normalize";
 
 function nowDb() {
   return toInsertDateTime();
@@ -42,9 +48,12 @@ export {
   isDuplicateEntryError,
   normalizeText,
   normalizeLowerText,
+  normalizeRecordId,
+  normalizeDbRecordId,
   nowDb,
   toNullableIso,
   uniqueSorted,
   parseJson,
-  toDbJson
+  toDbJson,
+  createWithTransaction
 };

package/src/server/common/repositories/userSettingsRepository.js

@@ -1,7 +1,10 @@
 import {
+  normalizeDbRecordId,
+  normalizeRecordId,
   toIsoString,
   nowDb,
-  isDuplicateEntryError
+  isDuplicateEntryError,
+  createWithTransaction
 } from "./repositoryUtils.js";
 import { DEFAULT_USER_SETTINGS } from "../../../shared/settings.js";
 import {
@@ -14,7 +17,7 @@ function mapRow(row) {
   }
 
   const mapped = {
-    userId: Number(row.user_id),
+    userId: normalizeDbRecordId(row.user_id, { fallback: "" }),
     passwordSignInEnabled: row.password_sign_in_enabled == null ? true : Boolean(row.password_sign_in_enabled),
     passwordSetupRequired: row.password_setup_required == null ? false : Boolean(row.password_setup_required),
     createdAt: toIsoString(row.created_at),
@@ -45,8 +48,13 @@ function normalizeBoolean(value, fallback = false) {
 }
 
 function createInsertPayload(userId) {
+  const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+  if (!normalizedUserId) {
+    throw new TypeError("userSettingsRepository requires a valid user id.");
+  }
+
   const payload = {
-    user_id: Number(userId),
+    user_id: normalizedUserId,
     password_sign_in_enabled: DEFAULT_USER_SETTINGS.passwordSignInEnabled,
     password_setup_required: DEFAULT_USER_SETTINGS.passwordSetupRequired,
     created_at: nowDb(),
@@ -74,35 +82,50 @@ function createRepository(knex) {
   if (typeof knex !== "function") {
     throw new TypeError("userSettingsRepository requires knex.");
   }
+  const withTransaction = createWithTransaction(knex);
 
   async function findByUserId(userId, options = {}) {
     const client = options?.trx || knex;
-    const row = await client("user_settings").where({ user_id: Number(userId) }).first();
+    const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+    if (!normalizedUserId) {
+      return null;
+    }
+
+    const row = await client("user_settings").where({ user_id: normalizedUserId }).first();
     return mapRow(row);
   }
 
   async function ensureForUserId(userId, options = {}) {
     const client = options?.trx || knex;
-    const numericUserId = Number(userId);
-    const existing = await findByUserId(numericUserId, { trx: client });
+    const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+    if (!normalizedUserId) {
+      throw new TypeError("userSettingsRepository.ensureForUserId requires a valid user id.");
+    }
+
+    const existing = await findByUserId(normalizedUserId, { trx: client });
     if (existing) {
       return existing;
     }
 
     try {
-      await client("user_settings").insert(createInsertPayload(numericUserId));
+      await client("user_settings").insert(createInsertPayload(normalizedUserId));
     } catch (error) {
       if (!isDuplicateEntryError(error)) {
         throw error;
       }
     }
 
-    return findByUserId(numericUserId, { trx: client });
+    return findByUserId(normalizedUserId, { trx: client });
   }
 
   async function patchUserSettings(userId, patch = {}, options = {}) {
     const client = options?.trx || knex;
-    const ensured = await ensureForUserId(userId, { trx: client });
+    const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+    if (!normalizedUserId) {
+      throw new TypeError("userSettingsRepository.patchUserSettings requires a valid user id.");
+    }
+
+    const ensured = await ensureForUserId(normalizedUserId, { trx: client });
     const source = patch && typeof patch === "object" ? patch : {};
 
     const dbPatch = {
@@ -125,8 +148,8 @@ function createRepository(knex) {
     if (Object.hasOwn(source, "passwordSetupRequired")) {
       dbPatch.password_setup_required = normalizeBoolean(source.passwordSetupRequired, ensured.passwordSetupRequired);
     }
-    await client("user_settings").where({ user_id: Number(userId) }).update(dbPatch);
-    return findByUserId(userId, { trx: client });
+    await client("user_settings").where({ user_id: normalizedUserId }).update(dbPatch);
+    return findByUserId(normalizedUserId, { trx: client });
   }
 
   async function updatePreferences(userId, patch = {}, options = {}) {
@@ -155,6 +178,7 @@ function createRepository(knex) {
   }
 
   return Object.freeze({
+    withTransaction,
     findByUserId,
     ensureForUserId,
     patchUserSettings,

package/src/server/common/repositories/usersRepository.js

@@ -1,11 +1,14 @@
 import {
   isDuplicateEntryError,
   normalizeLowerText,
+  normalizeDbRecordId,
+  normalizeRecordId,
   normalizeText,
   toIsoString,
   toNullableDateTime,
   toNullableIso,
-  nowDb
+  nowDb,
+  createWithTransaction
 } from "./repositoryUtils.js";
 
 const USERNAME_MAX_LENGTH = 120;
@@ -55,7 +58,7 @@ function mapProfileRow(row) {
     return null;
   }
   return {
-    id: Number(row.id),
+    id: normalizeDbRecordId(row.id, { fallback: "" }),
     authProvider: normalizeLowerText(row.auth_provider),
     authProviderUserSid: normalizeText(row.auth_provider_user_sid),
     email: normalizeLowerText(row.email),
@@ -90,11 +93,13 @@ function createDuplicateEmailConflictError() {
   return error;
 }
 
-async function resolveUniqueUsername(client, baseUsername, { excludeUserId = 0 } = {}) {
+async function resolveUniqueUsername(client, baseUsername, { excludeUserId = null } = {}) {
+  const normalizedExcludeUserId = normalizeDbRecordId(excludeUserId, { fallback: null });
   for (let suffix = 0; suffix < 1000; suffix += 1) {
     const candidate = buildUsernameCandidate(baseUsername, suffix);
     const existing = await client("users").where({ username: candidate }).first();
-    if (!existing || Number(existing.id) === Number(excludeUserId || 0)) {
+    const existingId = normalizeDbRecordId(existing?.id, { fallback: null });
+    if (!existing || existingId === normalizedExcludeUserId) {
       return candidate;
     }
   }
@@ -106,10 +111,16 @@ function createRepository(knex) {
   if (typeof knex !== "function") {
     throw new TypeError("usersRepository requires knex.");
   }
+  const withTransaction = createWithTransaction(knex);
 
   async function findById(userId, options = {}) {
+    const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+    if (!normalizedUserId) {
+      return null;
+    }
+
     const client = options?.trx || knex;
-    const row = await client("users").where({ id: userId }).first();
+    const row = await client("users").where({ id: normalizedUserId }).first();
     return mapProfileRow(row);
   }
 
@@ -130,42 +141,56 @@ function createRepository(knex) {
   }
 
   async function updateDisplayNameById(userId, displayName, options = {}) {
+    const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+    if (!normalizedUserId) {
+      return null;
+    }
+
     const client = options?.trx || knex;
     await client("users")
-      .where({ id: userId })
+      .where({ id: normalizedUserId })
       .update({
         display_name: normalizeText(displayName)
       });
-    return findById(userId, { trx: client });
+    return findById(normalizedUserId, { trx: client });
   }
 
   async function updateAvatarById(userId, avatar = {}, options = {}) {
+    const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+    if (!normalizedUserId) {
+      return null;
+    }
+
     const client = options?.trx || knex;
     await client("users")
-      .where({ id: userId })
+      .where({ id: normalizedUserId })
       .update({
         avatar_storage_key: avatar.avatarStorageKey || null,
         avatar_version: avatar.avatarVersion == null ? null : String(avatar.avatarVersion),
         avatar_updated_at: toNullableDateTime(avatar.avatarUpdatedAt) || nowDb()
       });
 
-    return findById(userId, { trx: client });
+    return findById(normalizedUserId, { trx: client });
   }
 
   async function clearAvatarById(userId, options = {}) {
+    const normalizedUserId = normalizeRecordId(userId, { fallback: null });
+    if (!normalizedUserId) {
+      return null;
+    }
+
     const client = options?.trx || knex;
     await client("users")
-      .where({ id: userId })
+      .where({ id: normalizedUserId })
       .update({
         avatar_storage_key: null,
         avatar_version: null,
         avatar_updated_at: null
       });
-    return findById(userId, { trx: client });
+    return findById(normalizedUserId, { trx: client });
   }
 
   async function upsert(profileLike = {}, options = {}) {
-    const client = options?.trx || knex;
     const identity = normalizeIdentity(profileLike);
     if (!identity) {
       throw new TypeError("upsert requires provider/authProvider and providerUserId/authProviderUserSid.");
@@ -191,7 +216,7 @@ function createRepository(knex) {
           const username = existingUsername || (await resolveUniqueUsername(trx, requestedUsername || usernameBaseFromEmail(email), {
             excludeUserId: existing.id
           }));
-          await trx("users").where({ id: existing.id }).update({
+          await trx("users").where({ id: normalizeDbRecordId(existing.id, { fallback: null }) }).update({
             email,
             display_name: displayName,
             username
@@ -218,34 +243,26 @@ function createRepository(knex) {
         }
       }
 
-      const reloaded = await trx("users").where(where).first();
-      return mapProfileRow(reloaded);
+      const resolved = await trx("users").where(where).first();
+      return mapProfileRow(resolved);
     };
 
     if (options?.trx) {
-      return executeUpsert(client);
+      return executeUpsert(options.trx);
     }
 
     return knex.transaction(executeUpsert);
   }
 
-  async function withTransaction(work) {
-    if (typeof work !== "function") {
-      throw new TypeError("withTransaction requires a callback.");
-    }
-
-    return knex.transaction((trx) => work(trx));
-  }
-
   return Object.freeze({
+    withTransaction,
     findById,
     findByIdentity,
     updateDisplayNameById,
     updateAvatarById,
     clearAvatarById,
-    upsert,
-    withTransaction
+    upsert
   });
 }
 
-export { createRepository, normalizeIdentity, mapProfileRow };
+export { createRepository, mapProfileRow, normalizeIdentity };

package/src/server/common/repositories/workspaceInvitesRepository.js

@@ -1,11 +1,15 @@
+import { resolveInsertedRecordId } from "@jskit-ai/database-runtime/shared";
 import {
   normalizeLowerText,
+  normalizeDbRecordId,
+  normalizeRecordId,
   normalizeText,
   toIsoString,
   toNullableIso,
   toNullableDateTime,
   nowDb,
-  isDuplicateEntryError
+  isDuplicateEntryError,
+  createWithTransaction
 } from "./repositoryUtils.js";
 
 function mapRow(row) {
@@ -14,13 +18,13 @@ function mapRow(row) {
   }
 
   return {
-    id: Number(row.id),
-    workspaceId: Number(row.workspace_id),
+    id: normalizeDbRecordId(row.id, { fallback: "" }),
+    workspaceId: normalizeDbRecordId(row.workspace_id, { fallback: "" }),
     email: normalizeLowerText(row.email),
     roleSid: normalizeLowerText(row.role_sid || "member") || "member",
     status: normalizeLowerText(row.status || "pending") || "pending",
     tokenHash: normalizeText(row.token_hash),
-    invitedByUserId: row.invited_by_user_id == null ? null : Number(row.invited_by_user_id),
+    invitedByUserId: row.invited_by_user_id == null ? null : normalizeDbRecordId(row.invited_by_user_id, { fallback: null }),
     expiresAt: toNullableIso(row.expires_at),
     acceptedAt: toNullableIso(row.accepted_at),
     revokedAt: toNullableIso(row.revoked_at),
@@ -43,6 +47,7 @@ function createRepository(knex) {
   if (typeof knex !== "function") {
     throw new TypeError("workspaceInvitesRepository requires knex.");
   }
+  const withTransaction = createWithTransaction(knex);
 
   async function findPendingByTokenHash(tokenHash, options = {}) {
     const client = options?.trx || knex;
@@ -69,10 +74,15 @@ function createRepository(knex) {
   }
 
   async function listPendingByWorkspaceIdWithWorkspace(workspaceId, options = {}) {
+    const normalizedWorkspaceId = normalizeRecordId(workspaceId, { fallback: null });
+    if (!normalizedWorkspaceId) {
+      return [];
+    }
+
     const client = options?.trx || knex;
     const rows = await client("workspace_invites as wi")
       .join("workspaces as w", "w.id", "wi.workspace_id")
-      .where({ "wi.workspace_id": Number(workspaceId), "wi.status": "pending" })
+      .where({ "wi.workspace_id": normalizedWorkspaceId, "wi.status": "pending" })
       .orderBy("wi.created_at", "desc")
       .select(WORKSPACE_INVITE_WITH_WORKSPACE_SELECT);
 
@@ -82,14 +92,18 @@ function createRepository(knex) {
   async function insert(payload = {}, options = {}) {
     const client = options?.trx || knex;
     const source = payload && typeof payload === "object" ? payload : {};
+    const workspaceId = normalizeRecordId(source.workspaceId, { fallback: null });
+    if (!workspaceId) {
+      throw new TypeError("workspaceInvitesRepository.insert requires workspaceId.");
+    }
 
     const insertPayload = {
-      workspace_id: Number(source.workspaceId),
+      workspace_id: workspaceId,
       email: normalizeLowerText(source.email),
       role_sid: normalizeLowerText(source.roleSid || "member") || "member",
       status: normalizeLowerText(source.status || "pending") || "pending",
       token_hash: normalizeText(source.tokenHash),
-      invited_by_user_id: source.invitedByUserId == null ? null : Number(source.invitedByUserId),
+      invited_by_user_id: source.invitedByUserId == null ? null : normalizeRecordId(source.invitedByUserId, { fallback: null }),
       expires_at: toNullableDateTime(source.expiresAt),
       accepted_at: null,
       revoked_at: null,
@@ -99,8 +113,8 @@ function createRepository(knex) {
 
     try {
       const result = await client("workspace_invites").insert(insertPayload);
-      const insertedId = Array.isArray(result) ? Number(result[0]) : Number(result);
-      if (Number.isInteger(insertedId) && insertedId > 0) {
+      const insertedId = resolveInsertedRecordId(result, { fallback: null });
+      if (insertedId) {
         const row = await client("workspace_invites").where({ id: insertedId }).first();
         return mapRow(row);
       }
@@ -118,9 +132,14 @@ function createRepository(knex) {
   }
 
   async function expirePendingByWorkspaceIdAndEmail(workspaceId, email, options = {}) {
+    const normalizedWorkspaceId = normalizeRecordId(workspaceId, { fallback: null });
+    if (!normalizedWorkspaceId) {
+      return;
+    }
+
     const client = options?.trx || knex;
     await client("workspace_invites")
-      .where({ workspace_id: Number(workspaceId), email: normalizeLowerText(email), status: "pending" })
+      .where({ workspace_id: normalizedWorkspaceId, email: normalizeLowerText(email), status: "pending" })
       .update({
         status: "expired",
         updated_at: nowDb()
@@ -128,9 +147,14 @@ function createRepository(knex) {
   }
 
   async function markAcceptedById(inviteId, options = {}) {
+    const normalizedInviteId = normalizeRecordId(inviteId, { fallback: null });
+    if (!normalizedInviteId) {
+      return;
+    }
+
     const client = options?.trx || knex;
     await client("workspace_invites")
-      .where({ id: Number(inviteId) })
+      .where({ id: normalizedInviteId })
       .update({
         status: "accepted",
         accepted_at: nowDb(),
@@ -139,9 +163,14 @@ function createRepository(knex) {
   }
 
   async function revokeById(inviteId, options = {}) {
+    const normalizedInviteId = normalizeRecordId(inviteId, { fallback: null });
+    if (!normalizedInviteId) {
+      return;
+    }
+
     const client = options?.trx || knex;
     await client("workspace_invites")
-      .where({ id: Number(inviteId) })
+      .where({ id: normalizedInviteId })
       .update({
         status: "revoked",
         revoked_at: nowDb(),
@@ -150,14 +179,21 @@ function createRepository(knex) {
   }
 
   async function findPendingByIdForWorkspace(inviteId, workspaceId, options = {}) {
+    const normalizedInviteId = normalizeRecordId(inviteId, { fallback: null });
+    const normalizedWorkspaceId = normalizeRecordId(workspaceId, { fallback: null });
+    if (!normalizedInviteId || !normalizedWorkspaceId) {
+      return null;
+    }
+
     const client = options?.trx || knex;
     const row = await client("workspace_invites")
-      .where({ id: Number(inviteId), workspace_id: Number(workspaceId), status: "pending" })
+      .where({ id: normalizedInviteId, workspace_id: normalizedWorkspaceId, status: "pending" })
       .first();
     return mapRow(row);
   }
 
   return Object.freeze({
+    withTransaction,
     findPendingByTokenHash,
     listPendingByEmail,
     listPendingByWorkspaceIdWithWorkspace,