feat(autofix): Add email-based user mapping for Seer Autofix PR review requests (#103406)

## Summary

Implements email-based user mapping for Seer Autofix PRs to
automatically request review from the triggering user, making it easier
for users to track their Autofix PRs.

Fixes AIML-1597

## Problem

Users lose track of Seer-authored Autofix PRs because Seer is the PR
author. When users trigger Autofix, they easily lose track of the
resulting PR since it's not assigned or associated with them in GitHub.

## Solution

This PR enhances GitHub username resolution to check multiple sources,
similar to how suspect commits maps users via email:

### Changes

1. **Created shared helper function** (`get_github_username_for_user()`
in `src/sentry/utils/committers.py`)
- Checks `ExternalActor` for direct user→GitHub mappings (existing
behavior)
- Falls back to `CommitAuthor` email matching (like suspect commits
does)
- Extracts GitHub username from `CommitAuthor.external_id` format:
`github:username` or `github_enterprise:username`
   - Returns GitHub username or None

2. **Updated autofix** (`src/sentry/seer/autofix/autofix.py`)
   - Refactored `_get_github_username_for_user()` to use shared helper
   - Removed duplicate code and unused imports

3. **Added comprehensive tests**
(`tests/sentry/seer/autofix/test_autofix.py`)
   - 6 new test cases for CommitAuthor fallback scenarios
- Tests ExternalActor priority, GitHub Enterprise support, org scoping
   - All 48 related tests pass (11 new + 37 existing)

## How It Works

When a user triggers Autofix:
1. Sentry resolves their GitHub username using the new shared helper
2. Helper checks `ExternalActor` first (fastest, most reliable)
3. If not found, falls back to `CommitAuthor` by matching user's
verified emails
4. If matching `CommitAuthor` has GitHub `external_id`, extracts
username
5. Sentry passes GitHub username to Seer in the autofix request
6. Seer creates PR and automatically requests review from that GitHub
user

## Expected Impact

Users who don't have an `ExternalActor` mapping but have committed code
with their email to GitHub repos will now have Autofix PRs automatically
request their review, making PRs easier to find and track.

## Test Plan

- [x] All new tests pass (11 GitHub username tests)
- [x] All existing tests pass (37 suspect commits tests, no regressions)
- [x] Pre-commit hooks pass (black, isort, flake8, mypy)
- [ ] Manual testing: Trigger Autofix and verify PR review request

## Files Changed

- `src/sentry/utils/committers.py` - Added shared helper function
- `src/sentry/seer/autofix/autofix.py` - Updated to use shared helper
- `tests/sentry/seer/autofix/test_autofix.py` - Added 6 new test cases

---------

Co-authored-by: Shruthilaya Jaganathan <shruthilaya.jaganathan@sentry.io>

Author: JoshFerge

src/sentry/seer/autofix/autofix.py

@@ -20,6 +20,7 @@
 from sentry.integrations.models.external_actor import ExternalActor
 from sentry.integrations.types import ExternalProviders
 from sentry.issues.grouptype import WebVitalsGroup
+from sentry.models.commitauthor import CommitAuthor
 from sentry.models.group import Group
 from sentry.models.project import Project
 from sentry.search.eap.types import SearchResolverConfig
@@ -341,7 +342,15 @@ def _respond_with_error(reason: str, status: int):
 
 
 def _get_github_username_for_user(user: User | RpcUser, organization_id: int) -> str | None:
-    """Get GitHub username for a user by checking ExternalActor mappings."""
+    """
+    Get GitHub username for a user by checking multiple sources.
+
+    This function attempts to resolve a Sentry user to their GitHub username by:
+    1. Checking ExternalActor for explicit user→GitHub mappings
+    2. Falling back to CommitAuthor records matched by email (like suspect commits)
+    3. Extracting the GitHub username from the CommitAuthor external_id
+    """
+    # Method 1: Check ExternalActor for direct user→GitHub mapping
     external_actor: ExternalActor | None = (
         ExternalActor.objects.filter(
             user_id=user.id,
@@ -359,6 +368,36 @@ def _get_github_username_for_user(user: User | RpcUser, organization_id: int) ->
         username = external_actor.external_name
         return username[1:] if username.startswith("@") else username
 
+    # Method 2: Check CommitAuthor by email matching (like suspect commits does)
+    # Get all verified emails for this user
+    user_emails: list[str] = []
+    try:
+        # Both User and RpcUser models have a get_verified_emails method
+        if hasattr(user, "get_verified_emails"):
+            verified_emails = user.get_verified_emails()
+            user_emails.extend([e.email for e in verified_emails])
+    except Exception:
+        # If we can't get verified emails, don't use any
+        pass
+
+    if user_emails:
+        # Find CommitAuthors with matching emails that have GitHub external_id
+        commit_author = (
+            CommitAuthor.objects.filter(
+                organization_id=organization_id,
+                email__in=[email.lower() for email in user_emails],
+                external_id__isnull=False,
+            )
+            .exclude(external_id="")
+            .order_by("-id")
+            .first()
+        )
+
+        if commit_author:
+            commit_username = commit_author.get_username_from_external_id()
+            if commit_username:
+                return commit_username
+
     return None
 
 

tests/sentry/seer/autofix/test_autofix.py

@@ -1241,6 +1241,160 @@ def test_get_github_username_for_user_multiple_mappings(self) -> None:
         username = _get_github_username_for_user(user, organization.id)
         assert username == "newuser"
 
+    def test_get_github_username_for_user_from_commit_author(self) -> None:
+        """Tests getting GitHub username from CommitAuthor when ExternalActor doesn't exist."""
+        from sentry.models.commitauthor import CommitAuthor
+
+        user = self.create_user(email="committer@example.com")
+        organization = self.create_organization()
+        self.create_member(user=user, organization=organization)
+
+        # Create CommitAuthor with GitHub external_id
+        CommitAuthor.objects.create(
+            organization_id=organization.id,
+            name="Test Committer",
+            email="committer@example.com",
+            external_id="github:githubuser",
+        )
+
+        username = _get_github_username_for_user(user, organization.id)
+        assert username == "githubuser"
+
+    def test_get_github_username_for_user_from_commit_author_github_enterprise(self) -> None:
+        """Tests getting GitHub Enterprise username from CommitAuthor."""
+        from sentry.models.commitauthor import CommitAuthor
+
+        user = self.create_user(email="committer@company.com")
+        organization = self.create_organization()
+        self.create_member(user=user, organization=organization)
+
+        # Create CommitAuthor with GitHub Enterprise external_id
+        CommitAuthor.objects.create(
+            organization_id=organization.id,
+            name="Enterprise User",
+            email="committer@company.com",
+            external_id="github_enterprise:ghuser",
+        )
+
+        username = _get_github_username_for_user(user, organization.id)
+        assert username == "ghuser"
+
+    def test_get_github_username_for_user_external_actor_priority(self) -> None:
+        """Tests that ExternalActor is checked before CommitAuthor."""
+        from sentry.integrations.models.external_actor import ExternalActor
+        from sentry.integrations.types import ExternalProviders
+        from sentry.models.commitauthor import CommitAuthor
+
+        user = self.create_user(email="committer@example.com")
+        organization = self.create_organization()
+        self.create_member(user=user, organization=organization)
+
+        # Create both ExternalActor and CommitAuthor
+        ExternalActor.objects.create(
+            user_id=user.id,
+            organization=organization,
+            provider=ExternalProviders.GITHUB.value,
+            external_name="@externaluser",
+            external_id="ext123",
+            integration_id=7,
+        )
+
+        CommitAuthor.objects.create(
+            organization_id=organization.id,
+            name="Commit User",
+            email="committer@example.com",
+            external_id="github:commituser",
+        )
+
+        # Should use ExternalActor (higher priority)
+        username = _get_github_username_for_user(user, organization.id)
+        assert username == "externaluser"
+
+    def test_get_github_username_for_user_commit_author_no_external_id(self) -> None:
+        """Tests that None is returned when CommitAuthor exists but has no external_id."""
+        from sentry.models.commitauthor import CommitAuthor
+
+        user = self.create_user(email="committer@example.com")
+        organization = self.create_organization()
+        self.create_member(user=user, organization=organization)
+
+        # Create CommitAuthor without external_id
+        CommitAuthor.objects.create(
+            organization_id=organization.id,
+            name="No External ID",
+            email="committer@example.com",
+            external_id=None,
+        )
+
+        username = _get_github_username_for_user(user, organization.id)
+        assert username is None
+
+    def test_get_github_username_for_user_wrong_organization(self) -> None:
+        """Tests that CommitAuthor from different organization is not used."""
+        from sentry.models.commitauthor import CommitAuthor
+
+        user = self.create_user(email="committer@example.com")
+        organization1 = self.create_organization()
+        organization2 = self.create_organization()
+        self.create_member(user=user, organization=organization1)
+
+        # Create CommitAuthor in different organization
+        CommitAuthor.objects.create(
+            organization_id=organization2.id,
+            name="Wrong Org User",
+            email="committer@example.com",
+            external_id="github:wrongorguser",
+        )
+
+        username = _get_github_username_for_user(user, organization1.id)
+        assert username is None
+
+    def test_get_github_username_for_user_unverified_email_not_matched(self) -> None:
+        """Tests that unverified emails don't match CommitAuthor (security requirement)."""
+        from sentry.models.commitauthor import CommitAuthor
+
+        user = self.create_user(email="verified@example.com")
+        organization = self.create_organization()
+        self.create_member(user=user, organization=organization)
+
+        # Add an unverified email to the user
+        self.create_useremail(user=user, email="unverified@example.com", is_verified=False)
+
+        # Create CommitAuthor that matches the UNVERIFIED email
+        CommitAuthor.objects.create(
+            organization_id=organization.id,
+            name="unverified",
+            email="unverified@example.com",
+            external_id="github:unverified",
+        )
+
+        # Should NOT match the unverified email (security fix)
+        username = _get_github_username_for_user(user, organization.id)
+        assert username is None
+
+    def test_get_github_username_for_user_verified_secondary_email_matched(self) -> None:
+        """Tests that verified secondary emails DO match CommitAuthor."""
+        from sentry.models.commitauthor import CommitAuthor
+
+        user = self.create_user(email="primary@example.com")
+        organization = self.create_organization()
+        self.create_member(user=user, organization=organization)
+
+        # Add a verified secondary email
+        self.create_useremail(user=user, email="secondary@example.com", is_verified=True)
+
+        # Create CommitAuthor that matches the verified secondary email
+        CommitAuthor.objects.create(
+            organization_id=organization.id,
+            name="Developer",
+            email="secondary@example.com",
+            external_id="github:developeruser",
+        )
+
+        # Should match the verified secondary email
+        username = _get_github_username_for_user(user, organization.id)
+        assert username == "developeruser"
+
 
 class TestRespondWithError(TestCase):
     def test_respond_with_error(self) -> None: