Skip to content

Insufficient permissions getting users for Microsoft Outlook integration #18408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Insufficient permissions getting users for Microsoft Outlook integration #18408

wants to merge 3 commits into from

Conversation

michelle0927
Copy link
Collaborator

@michelle0927 michelle0927 commented Sep 18, 2025
edited by coderabbitai bot
Loading

Resolves #18375

Summary by CodeRabbit

  • Bug Fixes

    • Improved Microsoft Outlook API error handling: clearer user-facing message for permission (403) errors.

  • Chores

    • Patch/version bumps across Microsoft Outlook actions and event sources; no functional changes.
    • Microsoft Outlook package version updated to 1.7.1.

@vercel Vercel
Copy link

vercel bot commented Sep 18, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments
Project Deployment Preview Comments Updated (UTC)
pipedream-docs Ignored Ignored Sep 18, 2025 7:15pm
pipedream-docs-redirect-do-not-edit Ignored Ignored Sep 18, 2025 7:15pm

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Sep 18, 2025
edited
Loading

Walkthrough

Patch releases across Microsoft Outlook actions and sources and a package version bump. A functional change modifies microsoft_outlook.app.mjs to await axios and catch 403 responses, throwing a specific permission error; other modules only update version metadata.

Changes

Cohort / File(s) Summary of Changes
Core request handling
components/microsoft_outlook/microsoft_outlook.app.mjs		 Switched _makeRequest to await axios in a try/catch; on 403 responses, throws a user-facing permission error; otherwise rethrows the original error.
Actions: version bumps
components/microsoft_outlook/actions/*/add-label-to-email.mjs, .../approve-workflow.mjs, .../create-contact.mjs, .../create-draft-email.mjs, .../download-attachment.mjs, .../find-contacts.mjs, .../find-email.mjs, .../find-shared-folder-email.mjs, .../list-contacts.mjs, .../list-folders.mjs, .../list-labels.mjs, .../move-email-to-folder.mjs, .../remove-label-from-email.mjs, .../reply-to-email.mjs, .../send-email.mjs, .../update-contact.mjs		 Patch-level version increments only; no changes to logic, props, run functions, or behavior.
Sources: version bumps
components/microsoft_outlook/sources/new-attachment-received/new-attachment-received.mjs, components/microsoft_outlook/sources/new-contact/new-contact.mjs, components/microsoft_outlook/sources/new-email-in-shared-folder/new-email-in-shared-folder.mjs, components/microsoft_outlook/sources/new-email/new-email.mjs		 Patch-level version increments only; no logic or API changes.
Package metadata
components/microsoft_outlook/package.json		 Package version bumped from 1.7.0 to 1.7.1.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant U as Component (options loader / caller)
  participant A as Outlook App (_makeRequest)
  participant G as Microsoft Graph API

  U->>A: Request (e.g., GET /v1.0/users)
  A->>G: HTTP request (await axios)
  alt 200 OK
    G-->>A: 200 + data
    A-->>U: return data
  else 403 Forbidden
    G-->>A: 403 Forbidden + error
    A->>A: detect 403 in catch
    Note right of A #lightblue: Throw user-facing permission error
    A-->>U: permission error (Authorization_RequestDenied)
  else other errors
    G-->>A: error
    A->>A: rethrow original error
    A-->>U: error
  end
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested reviewers

  • jcortes

Poem

A hop, a bop, a tiny patching spree,
Versions nudged forward—how tidy they be!
One burrow guarded from a 403 bite,
Permissions now speak clear in the night.
I twitch my whiskers, thump—let’s ship with glee! 🥕🐇

Pre-merge checks and finishing touches

❌ Failed checks (3 warnings)
Check name Status Explanation Resolution
Linked Issues Check ⚠️ Warning The linked issue [#18375] requires that userId options be populated so shared-mailbox access works; this PR adds explicit 403 handling in microsoft_outlook.app.mjs and surfaces a clearer user-facing error for Authorization_RequestDenied. While that improves diagnostics and user feedback, the PR does not change Graph API scopes, app registration, or the logic that fetches users, so it does not restore population of userId options and therefore does not fully satisfy the primary objective. In short, the PR partially addresses the issue by improving error reporting but does not resolve the underlying permission problem required to populate userId options. To fully resolve [#18375], update the integration to request the appropriate Microsoft Graph permission(s) (for example User.Read.All or Directory.Read.All with admin consent) or implement a fallback retrieval approach that works with existing scopes; include automated/manual tests showing userId options populate and document the permission changes and verification steps in the PR description.
Out of Scope Changes Check ⚠️ Warning The PR includes numerous metadata-only version bumps across components/microsoft_outlook/actions/* and sources/* plus a package.json version bump that are unrelated to the linked issue's objective of fixing permission handling. These metadata changes appear to be release/version updates and are out-of-scope for a focused bugfix PR, which increases the review surface and makes it harder to audit the functional change in microsoft_outlook.app.mjs. Either split the metadata/version bumps into a dedicated release PR or add a clear note in this PR explaining they are incidental and intended; prefer keeping this PR focused on the functional bugfix and document any necessary version changes separately.
Description Check ⚠️ Warning The PR description contains only "Resolves #18375" and does not follow the repository's required template which expects a "## WHY" section explaining motivation, root cause, and intended behavior. It lacks details about what was changed (notably the added 403 handling in _makeRequest), testing performed, and expected user-facing behavior, so reviewers cannot fully assess the change. Therefore the description is incomplete relative to the repository template. Update the PR description to follow the repository template by adding a "## WHY" section that summarizes the bug, root cause, the exact code changes (e.g., the 403 handling in microsoft_outlook.app.mjs), testing steps and results, and reference the linked issue #18375.
✅ Passed checks (2 passed)
Check name Status Explanation
Title Check ✅ Passed The title succinctly summarizes the primary issue addressed by the changes: permission errors when retrieving users from the Microsoft Outlook integration. It directly relates to the functional change in components/microsoft_outlook/microsoft_outlook.app.mjs that adds explicit handling for 403 (Authorization_RequestDenied) responses. The phrasing is concise, specific, and clear to reviewers scanning PR history.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
  • 📝 Generate Docstrings
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch issue-18375
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0b8b3f2 and f3d7c6d.

📒 Files selected for processing (1)
  • components/microsoft_outlook/microsoft_outlook.app.mjs (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • components/microsoft_outlook/microsoft_outlook.app.mjs
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: Publish TypeScript components
  • GitHub Check: Verify TypeScript components
  • GitHub Check: pnpm publish
  • GitHub Check: Lint Code Base

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@michelle0927 michelle0927 marked this pull request as ready for review September 18, 2025 19:04
coderabbitai[bot]
coderabbitai bot reviewed Sep 18, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (5)
components/microsoft_outlook/actions/add-label-to-email/add-label-to-email.mjs (1)

35-39: Guard against undefined categories to avoid runtime errors.
If message.categories is undefined, includes and spread will throw.

-    const labels = message?.categories;
+    const labels = Array.isArray(message?.categories) ? message.categories : [];
@@
-    if (labels.includes(this.label)) {
+    if (labels.includes(this.label)) {
       throw new ConfigurationError(`Message already contains label "${this.label}".`);
     }
@@
-      data: {
-        categories: [
-          ...labels,
-          this.label,
-        ],
-      },
+      data: {
+        categories: [
+          ...labels,
+          this.label,
+        ],
+      },

Also applies to: 45-49

components/microsoft_outlook/package.json (1)

15-20: Upgrade axios in components/microsoft_outlook/package.json (lines 15–20): ^0.21.1 → a patched 1.x (recommended ^1.11.0 — latest stable as of Sep 18, 2025; minimum safe >=1.8.3).

0.21.1 is affected by multiple known vulnerabilities (ReDoS, CSRF, SSRF — including CVE‑2025‑27152); update dependency and run install/audit.

components/microsoft_outlook/actions/move-email-to-folder/move-email-to-folder.mjs (1)

18-25: Fix propDefinition mismatch: 'folderIds' (string[]) vs action 'folderId' (string).

microsoft_outlook.app.mjs defines propDefinition "folderIds" as type "string[]", but components/microsoft_outlook/actions/move-email-to-folder/move-email-to-folder.mjs uses it while declaring a single-string prop "folderId". Either add a single "folderId" propDefinition in microsoft_outlook.app.mjs (type: "string", options same as folderIds) and reference that, or change the action to accept a "string[]" and handle multiple IDs.
Files: components/microsoft_outlook/microsoft_outlook.app.mjs (prop: folderIds), components/microsoft_outlook/actions/move-email-to-folder/move-email-to-folder.mjs (prop: folderId).

components/microsoft_outlook/actions/find-email/find-email.mjs (1)

46-53: Add ConsistencyLevel header when using $search

find-email passes "$search" but components/microsoft_outlook/microsoft_outlook.app.mjs::_getHeaders (lines ~261–277) does not set "ConsistencyLevel: eventual". Add logic (in _makeRequest or the paginate wrapper) to merge ConsistencyLevel: "eventual" into request headers whenever params include $search; set params["$count"]=true when a count is required. Files to update: components/microsoft_outlook/microsoft_outlook.app.mjs (≈lines 261–277) and/or the paginate wrapper; call site: components/microsoft_outlook/actions/find-email/find-email.mjs (lines 46–53).

components/microsoft_outlook/microsoft_outlook.app.mjs (1)

261-267: Allow caller-specified headers (merge, don’t overwrite).

_headers ignores the incoming headers object; advanced Graph queries often need extra headers.

Apply this diff:

-    _getHeaders() {
-      return {
+    _getHeaders(extra = {}) {
+      return {
         "Authorization": `Bearer ${this.$auth.oauth_access_token}`,
         "accept": "application/json",
         "Content-Type": "application/json",
-      };
+        ...extra,
+      };
     },
🧹 Nitpick comments (16)
components/microsoft_outlook/sources/new-email/new-email.mjs (1)

74-76: Log error details in catch to aid debugging (status/code/message).

-          } catch {
-            console.log(`Could not fetch message with ID: ${resourceId}`);
+          } catch (err) {
+            console.log(`Could not fetch message with ID: ${resourceId}`, {
+              status: err?.response?.status,
+              code: err?.response?.data?.error?.code,
+              message: err?.message,
+            });
           }
components/microsoft_outlook/actions/list-folders/list-folders.mjs (1)

32-34: Use strict equality in pluralization (nit).

-    $.export("$summary", `Successfully retrieved ${folders.length} folder${folders.length != 1
+    $.export("$summary", `Successfully retrieved ${folders.length} folder${folders.length !== 1
       ? "s"
       : ""}.`);
components/microsoft_outlook/sources/new-email-in-shared-folder/new-email-in-shared-folder.mjs (2)

70-73: Use message ID for dedupe and a numeric timestamp.
conversationId can collide across multiple messages; ts should be a number.

-            id: item.conversationId,
-            summary: `A new email with id: "${item.conversationId}" was received!`,
-            ts: item.createdDateTime,
+            id: item.id,
+            summary: `A new email with id: "${item.id}" was received!`,
+            ts: Date.parse(item.createdDateTime),

21-35: Clarify/verify required Graph permissions for userId options.
Populate of userId typically needs delegated User.Read.All or Directory.Read.All with admin consent; otherwise 403s occur. Ensure the app scopes and consent flow reflect this and update the prop description in the app to inform users.

components/microsoft_outlook/actions/list-labels/list-labels.mjs (1)

13-19: Default value to an empty array to avoid .length on undefined.

-    const { value } = await this.microsoftOutlook.listLabels({
+    const { value = [] } = await this.microsoftOutlook.listLabels({
       $,
     });
-    $.export("$summary", `Successfully retrieved ${value.length} label${value.length != 1
+    $.export("$summary", `Successfully retrieved ${value.length} label${value.length !== 1
       ? "s"
       : ""}.`);
components/microsoft_outlook/sources/new-attachment-received/new-attachment-received.mjs (3)

73-80: Avoid unnecessary base64 round‑trip; use Buffer directly.

-      const messageAttachment =  await this.microsoftOutlook.getAttachment({
+      const messageAttachment = await this.microsoftOutlook.getAttachment({
         messageId: item.messageId,
         attachmentId: item.id,
         responseType: "arraybuffer",
       });
-      const rawcontent = messageAttachment.toString("base64");
-      const buffer = Buffer.from(rawcontent, "base64");
+      const buffer = Buffer.isBuffer(messageAttachment)
+        ? messageAttachment
+        : Buffer.from(messageAttachment);

100-105: Stable dedupe key for attachments; fall back when contentId is missing.
Some attachments lack contentId. Prefer id, then contentId, then a composite.

-      return {
-        id: item.contentId,
-        summary: `New attachment ${item.name}`,
-        ts: Date.parse(item.messageReceivedDateTime),
-      };
+      return {
+        id: item.id ?? item.contentId ?? `${item.messageId}:${item.name}`,
+        summary: `New attachment ${item.name}`,
+        ts: Date.parse(item.messageReceivedDateTime),
+      };

130-132: Log error details in catch to aid debugging (status/code/message).

-          } catch {
-            console.log(`Could not fetch message with ID: ${resourceId}`);
+          } catch (err) {
+            console.log(`Could not fetch message with ID: ${resourceId}`, {
+              status: err?.response?.status,
+              code: err?.response?.data?.error?.code,
+              message: err?.message,
+            });
           }
components/microsoft_outlook/actions/update-contact/update-contact.mjs (1)

8-8: Update deprecated docs.microsoft.com URL.

Prefer learn.microsoft.com to avoid redirects.

- description: "Update an existing contact, [See the docs](https://docs.microsoft.com/en-us/graph/api/user-post-contacts)",
+ description: "Update an existing contact, [See the docs](https://learn.microsoft.com/graph/api/user-post-contacts)",
components/microsoft_outlook/actions/download-attachment/download-attachment.mjs (1)

41-53: Use the provided syncDir and avoid base64 round‑trip.

Write directly to the selected dir and avoid unnecessary encode/decode.

-    const response = await this.microsoftOutlook.getAttachment({
+    const data = await this.microsoftOutlook.getAttachment({
       $,
       messageId: this.messageId,
       attachmentId: this.attachmentId,
       responseType: "arraybuffer",
     });
-
-    const rawcontent = response.toString("base64");
-    const buffer = Buffer.from(rawcontent, "base64");
-    const downloadedFilepath = `/tmp/${this.filename}`;
-    fs.writeFileSync(downloadedFilepath, buffer);
+    const downloadedFilepath = `${this.syncDir}/${this.filename}`;
+    fs.writeFileSync(downloadedFilepath, Buffer.from(data));

Please confirm getAttachment returns the raw body (Buffer/ArrayBuffer) and not an Axios response object. If it returns { data }, adjust accordingly.

components/microsoft_outlook/actions/approve-workflow/approve-workflow.mjs (1)

31-35: Avoid spreading this into message options.

Limit fields to intended props to prevent leaking internal fields.

-    const opts = {
-      content: `Click here to approve the workflow: ${resume_url}, \nand cancel here: ${cancel_url}`,
-      ccRecipients: [],
-      bccRecipients: [],
-      ...this,
-    };
+    const opts = {
+      content: `Click here to approve the workflow: ${resume_url}, \nand cancel here: ${cancel_url}`,
+      ccRecipients: [],
+      bccRecipients: [],
+      recipients: this.recipients,
+      subject: this.subject,
+    };
components/microsoft_outlook/actions/create-contact/create-contact.mjs (1)

49-55: Guard against undefined emailAddresses.

Current code throws if emailAddresses is not provided.

-        emailAddresses: this.emailAddresses.map((a, i) => ({
+        emailAddresses: (this.emailAddresses || []).map((a, i) => ({
           address: a,
           name: `Email #${i + 1}`,
         })),
components/microsoft_outlook/actions/find-contacts/find-contacts.mjs (1)

31-46: Make matching case‑insensitive and use strict equality.

Improves UX for searches.

-      if (
-        contact?.displayName?.includes(this.searchString) ||
-        contact?.givenName?.includes(this.searchString) ||
-        contact?.surname?.includes(this.searchString) ||
-        contact?.emailAddresses?.find(
-          (e) => e?.address == this.searchString || e?.name?.includes(this.searchString),
-        )
-      ) {
+      const q = (this.searchString || "").toLowerCase();
+      const match =
+        contact?.displayName?.toLowerCase?.().includes(q) ||
+        contact?.givenName?.toLowerCase?.().includes(q) ||
+        contact?.surname?.toLowerCase?.().includes(q) ||
+        contact?.emailAddresses?.some((e) =>
+          e?.address?.toLowerCase?.() === q || e?.name?.toLowerCase?.().includes(q),
+        );
+      if (match) {
components/microsoft_outlook/actions/remove-label-from-email/remove-label-from-email.mjs (1)

34-39: Guard against missing categories to avoid runtime error.

labels can be undefined; labels.indexOf will throw.

Apply this diff:

-    let labels = message?.categories;
-
-    const index = labels.indexOf(this.label);
+    let labels = message?.categories ?? [];
+    if (!Array.isArray(labels)) labels = [];
+    const index = labels.indexOf(this.label);
components/microsoft_outlook/microsoft_outlook.app.mjs (2)

274-279: Auto-add ConsistencyLevel for advanced queries ($search/$count).

Graph requires ConsistencyLevel: eventual for these; set it centrally.

Apply this diff:

       const config = {
         url: this._getUrl(path),
         headers: this._getHeaders(headers),
         ...otherConfig,
       };
+      if (otherConfig?.params?.$search != null || otherConfig?.params?.$count != null) {
+        config.headers["ConsistencyLevel"] = "eventual";
+      }

91-95: Fix typos and labels in prop definitions.

Minor text polish.

Apply this diff:

-    emailAddresses: {
-      label: "Email adresses",
+    emailAddresses: {
+      label: "Email addresses",
       description: "Email addresses",
       type: "string[]",
       optional: true,
     },
-    businessPhones: {
-      label: "Recipients",
+    businessPhones: {
+      label: "Business Phones",
       description: "Array of phone numbers",
       type: "string[]",
       optional: true,
     },
-    search: {
+    search: {
       type: "string",
       label: "Search",
-      description: "Search for an email in Microsoft Outlook. Can search for specific message properties such as `to:example@example.com` or `subject:example`. If the property is excluded, the search targets the default propertes `from`, `subject`, and `body`. For example, `pizza` will search for messages with the word `pizza` in the subject, body, or from address, but `to:example@example.com` will only search for messages to `example@example.com`.",
+      description: "Search for an email in Microsoft Outlook. Can search for specific message properties such as `to:example@example.com` or `subject:example`. If the property is excluded, the search targets the default properties `from`, `subject`, and `body`. For example, `pizza` will search for messages with the word `pizza` in the subject, body, or from address, but `to:example@example.com` will only search for messages to `example@example.com`.",
       optional: true,
     },

Also applies to: 97-101, 239-243

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6a0fa50 and 0b8b3f2.

📒 Files selected for processing (22)
  • components/microsoft_outlook/actions/add-label-to-email/add-label-to-email.mjs (1 hunks)
  • components/microsoft_outlook/actions/approve-workflow/approve-workflow.mjs (1 hunks)
  • components/microsoft_outlook/actions/create-contact/create-contact.mjs (1 hunks)
  • components/microsoft_outlook/actions/create-draft-email/create-draft-email.mjs (1 hunks)
  • components/microsoft_outlook/actions/download-attachment/download-attachment.mjs (1 hunks)
  • components/microsoft_outlook/actions/find-contacts/find-contacts.mjs (1 hunks)
  • components/microsoft_outlook/actions/find-email/find-email.mjs (1 hunks)
  • components/microsoft_outlook/actions/find-shared-folder-email/find-shared-folder-email.mjs (1 hunks)
  • components/microsoft_outlook/actions/list-contacts/list-contacts.mjs (1 hunks)
  • components/microsoft_outlook/actions/list-folders/list-folders.mjs (1 hunks)
  • components/microsoft_outlook/actions/list-labels/list-labels.mjs (1 hunks)
  • components/microsoft_outlook/actions/move-email-to-folder/move-email-to-folder.mjs (1 hunks)
  • components/microsoft_outlook/actions/remove-label-from-email/remove-label-from-email.mjs (1 hunks)
  • components/microsoft_outlook/actions/reply-to-email/reply-to-email.mjs (1 hunks)
  • components/microsoft_outlook/actions/send-email/send-email.mjs (1 hunks)
  • components/microsoft_outlook/actions/update-contact/update-contact.mjs (1 hunks)
  • components/microsoft_outlook/microsoft_outlook.app.mjs (1 hunks)
  • components/microsoft_outlook/package.json (1 hunks)
  • components/microsoft_outlook/sources/new-attachment-received/new-attachment-received.mjs (1 hunks)
  • components/microsoft_outlook/sources/new-contact/new-contact.mjs (1 hunks)
  • components/microsoft_outlook/sources/new-email-in-shared-folder/new-email-in-shared-folder.mjs (1 hunks)
  • components/microsoft_outlook/sources/new-email/new-email.mjs (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Publish TypeScript components
  • GitHub Check: Verify TypeScript components
  • GitHub Check: Lint Code Base
🔇 Additional comments (23)
components/microsoft_outlook/sources/new-email/new-email.mjs (1)

10-10: Version bump only — LGTM.

components/microsoft_outlook/actions/add-label-to-email/add-label-to-email.mjs (1)

8-8: Version bump only — LGTM.

components/microsoft_outlook/actions/list-folders/list-folders.mjs (1)

7-7: Version bump only — LGTM.

components/microsoft_outlook/sources/new-contact/new-contact.mjs (1)

8-8: Version bump only — LGTM.

components/microsoft_outlook/sources/new-email-in-shared-folder/new-email-in-shared-folder.mjs (1)

9-9: Version bump only — LGTM.

components/microsoft_outlook/actions/list-labels/list-labels.mjs (1)

7-7: Version bump only — LGTM.

components/microsoft_outlook/actions/create-draft-email/create-draft-email.mjs (1)

7-7: Version bump only — LGTM.

components/microsoft_outlook/sources/new-attachment-received/new-attachment-received.mjs (1)

9-9: Version bump only — LGTM.

components/microsoft_outlook/actions/update-contact/update-contact.mjs (1)

6-6: Version bump LGTM.

No functional changes in this action.

components/microsoft_outlook/package.json (1)

3-3: Package version bump LGTM.

components/microsoft_outlook/actions/download-attachment/download-attachment.mjs (1)

9-9: Version bump LGTM.

components/microsoft_outlook/actions/approve-workflow/approve-workflow.mjs (1)

7-7: Version bump LGTM.

components/microsoft_outlook/actions/create-contact/create-contact.mjs (1)

6-6: Version bump LGTM.

components/microsoft_outlook/actions/move-email-to-folder/move-email-to-folder.mjs (1)

7-7: Version bump LGTM.

components/microsoft_outlook/actions/find-contacts/find-contacts.mjs (1)

6-6: Version bump LGTM.

components/microsoft_outlook/actions/find-email/find-email.mjs (1)

7-7: Version bump LGTM.

components/microsoft_outlook/actions/list-contacts/list-contacts.mjs (1)

6-6: LGTM — metadata bump only.

components/microsoft_outlook/actions/send-email/send-email.mjs (1)

7-7: LGTM — metadata bump only.

components/microsoft_outlook/actions/find-shared-folder-email/find-shared-folder-email.mjs (1)

7-7: LGTM — metadata bump only.

components/microsoft_outlook/actions/remove-label-from-email/remove-label-from-email.mjs (1)

7-7: LGTM — metadata bump only.

components/microsoft_outlook/actions/reply-to-email/reply-to-email.mjs (1)

7-7: LGTM — metadata bump only.

components/microsoft_outlook/microsoft_outlook.app.mjs (2)

194-207: Harden user label rendering when mail is null; fall back to UPN.

Some users don’t have mail; use userPrincipalName.
[suggest_minor_refactor]
Apply this diff:

-      async options() {
-        const { value: users } = await this.listUsers();
-        return users?.map(({
-          id: value, displayName, mail,
-        }) => ({
-          value,
-          label: `${displayName} (${mail})`,
-        })) || [];
-      },
+      async options() {
+        const { value: users } = await this.listUsers();
+        return users?.map(({
+          id: value, displayName, mail, userPrincipalName,
+        }) => ({
+          value,
+          label: `${displayName || userPrincipalName || value} (${mail || userPrincipalName || "no mailbox"})`,
+        })) || [];
+      },

194-207: Confirm scopes to resolve issue #18375.

The /users endpoint typically requires admin‑granted Graph scopes. After merging the 403 handling, please re‑test the User ID prop options with an account that has User.Read.All (delegated) or appropriate directory-read permissions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@lcaresia lcaresia Awaiting requested review from lcaresia

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] Insufficient permissions getting users for Microsoft Outlook integration
1 participant
@michelle0927