Skip to content

Comments

Merge test to main#172

Merged
sweetmantech merged 1 commit intomainfrom
test
Jan 29, 2026
Merged

Merge test to main#172
sweetmantech merged 1 commit intomainfrom
test

Conversation

@sweetmantech
Copy link
Contributor

@sweetmantech sweetmantech commented Jan 29, 2026

Merge test branch into main after PR #171

Summary by CodeRabbit

Release Notes

  • Tests

    • Comprehensive test coverage added for chat request validation, parameter building, and multi-account filtering scenarios
  • New Features

    • Enhanced authorization flows supporting personal keys, organization member access, and admin privileges
    • Improved chat filtering with support for multiple account IDs
  • Refactor

    • Streamlined request validation logic for chat retrieval endpoints
    • Updated chat query parameter handling for better maintainability

✏️ Tip: You can customize this high-level summary in your review settings.

* feat: restrict account_id in GET /api/chats to ORG/RECOUP keys

- Make account_id query parameter optional in /api/chats
- Personal API keys can no longer specify account_id (403 error)
- Org keys can only filter by account_id for org members
- Recoup admin keys can filter by any account_id
- Personal keys: Returns only their own chats
- Org keys: Returns all org member chats
- Recoup admin: Returns all chats

Uses snake_case naming (account_id, artist_id, org_id) to match API docs.

This matches the authorization pattern used in /api/pulses.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* fix: org key without account_id now returns all org member chats

The rooms table has no FK from account_id to accounts, so the join
approach was silently returning empty results. Changed to fetch org
member account IDs via getAccountOrganizations first, then filter rooms.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
@vercel
Copy link
Contributor

vercel bot commented Jan 29, 2026

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
recoup-api Building Building Preview Jan 29, 2026 3:42pm

@sweetmantech sweetmantech merged commit 9082f6d into main Jan 29, 2026
4 of 6 checks passed
@coderabbitai
Copy link

coderabbitai bot commented Jan 29, 2026

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

This PR refactors chat retrieval request handling by introducing comprehensive request validation and authorization logic supporting three key types (personal, organization, and Recoup admin). It replaces direct query validation with a layered approach that validates authentication, checks organizational membership, and builds appropriate database query parameters using an updated selectRooms interface that supports multiple account IDs.

Changes

Cohort / File(s) Summary
New Request Validation & Authorization
lib/chats/validateGetChatsRequest.ts, lib/chats/buildGetChatsParams.ts
Introduces request validation that authenticates users, handles three key types (personal/org/admin), validates artist_account_id, enforces access control (403 for unauthorized filtering), and delegates parameter construction to buildGetChatsParams for database queries.
Updated Chat Handler
lib/chats/getChatsHandler.ts
Replaces separate validateAuthContext and validateGetChatsQuery calls with unified validateGetChatsRequest call, simplifying parameter handling and error flow.
Removed Legacy Validation
lib/chats/validateGetChatsQuery.ts
Deletes deprecated query-only validation module previously handling account_id and artist_account_id parsing.
Updated Database Interface
lib/supabase/rooms/selectRooms.ts
Exports SelectRoomsParams interface with account_ids (array) and artist_id fields; implements filtering by multiple account IDs using in-query for flexibility and edge-case handling (empty array returns early).
Test Coverage for Validation
lib/chats/__tests__/validateGetChatsRequest.test.ts, lib/chats/__tests__/buildGetChatsParams.test.ts
Comprehensive test suites covering authentication failures, personal/org/admin key flows, member access validation, cross-account filtering restrictions (403 for personal keys), and org-based membership checks.
Updated Handler & Selection Tests
lib/chats/__tests__/getChatsHandler.test.ts, lib/supabase/rooms/__tests__/selectRooms.test.ts
Handler tests refactored to cover unified validation; selectRooms tests updated to use account_ids array with in-filtering, empty array handling, and artist_id consistency.
Deleted Legacy Test
lib/chats/__tests__/validateGetChatsQuery.test.ts
Removes tests for deprecated validateGetChatsQuery function covering account_id/artist_account_id validation and error response format.
Minor Test Fixes
lib/chats/__tests__/validateCreateChatBody.test.ts, lib/chats/__tests__/generateChatTitle.test.ts, lib/supabase/rooms/__tests__/upsertRoom.test.ts
Formatting consistency, import reorganization, and line collapsing without functional changes.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant Handler as getChatsHandler
    participant ValidateReq as validateGetChatsRequest
    participant BuildParams as buildGetChatsParams
    participant Auth as validateAuthContext
    participant OrgService as getAccountOrganizations
    participant DB as selectRooms

    Client->>Handler: GET /api/chats?account_id=...
    Handler->>ValidateReq: validateGetChatsRequest(request)
    ValidateReq->>Auth: validateAuthContext(request)
    Auth-->>ValidateReq: {account_id, org_id, ...}
    
    alt Personal Key (no org_id)
        ValidateReq->>BuildParams: buildGetChatsParams({account_id, org_id: null, target_account_id})
        BuildParams-->>ValidateReq: {params: {account_ids: [account_id]}, error: null}
    else Organization Key
        ValidateReq->>BuildParams: buildGetChatsParams({account_id, org_id, target_account_id})
        BuildParams->>OrgService: getAccountOrganizations(org_id)
        OrgService-->>BuildParams: [member_ids...]
        BuildParams-->>ValidateReq: {params: {account_ids: [members]}, error: null}
    else Recoup Admin Key
        ValidateReq->>BuildParams: buildGetChatsParams({account_id, org_id: RECOUP_ORG_ID})
        BuildParams-->>ValidateReq: {params: {artist_id}, error: null}
    end
    
    ValidateReq-->>Handler: SelectRoomsParams | NextResponse
    Handler->>DB: selectRooms(params)
    DB-->>Handler: Room[] | null
    Handler-->>Client: JSON response
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

Poem

🐰 Through three paths of keys, we now validate clear,
Personal, org, and admin, each path sincere,
With account_ids gathered from members so true,
The chats flow securely—authorization complete! ✨

✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link

github-actions bot commented Jan 29, 2026

Braintrust eval report

Catalog Opportunity Analysis Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
Catalog_availability 48.9% (+37pp) 3 🟢 1 🔴
Llm_calls 0 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 42.79s (+3.8s) 2 🟢 3 🔴

Catalog Songs Count Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
AnswerCorrectness 19.4% (+0pp) 2 🟢 1 🔴
Factuality 33.3% (+0pp) 1 🟢 1 🔴
Llm_calls 4 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Completion_accepted_prediction_tokens 0tok (+0tok) - -
Completion_rejected_prediction_tokens 0tok (+0tok) - -
Completion_audio_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 17.97s (+0.43s) 2 🟢 1 🔴

First Week Album Sales Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
Factuality 65% (+40pp) 3 🟢 -
Llm_calls 1 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Completion_accepted_prediction_tokens 0tok (+0tok) - -
Completion_rejected_prediction_tokens 0tok (+0tok) - -
Completion_audio_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 15.4s (-0.84s) 3 🟢 1 🔴

Memory & Storage Tools Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
Tools_called 0% (+0pp) - -
Llm_calls 0 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 19.23s (+3.61s) - 1 🔴

Monthly Listeners Tracking Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
AnswerSimilarity 78.5% (+2pp) 3 🟢 2 🔴
Llm_calls 2 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 12.16s (-3.3s) 4 🟢 1 🔴

Search Web Tool Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
AnswerCorrectness 24.6% (-3pp) 3 🟢 8 🔴
Llm_calls 3 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Completion_accepted_prediction_tokens 0tok (+0tok) - -
Completion_rejected_prediction_tokens 0tok (+0tok) - -
Completion_audio_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 24.03s (-6.07s) 8 🟢 3 🔴

Social Scraping Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
Tools_called 0% (+0pp) - -
Llm_calls 0 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 24.2s (-0.46s) 3 🟢 3 🔴

Spotify Followers Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
AnswerCorrectness 20.5% (0pp) 1 🟢 4 🔴
Llm_calls 3 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Completion_accepted_prediction_tokens 0tok (+0tok) - -
Completion_rejected_prediction_tokens 0tok (+0tok) - -
Completion_audio_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 15.46s (+0.7s) 3 🟢 2 🔴

Spotify Tools Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
Tools_called 0% (+0pp) - -
Llm_calls 0 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 34.21s (-2.35s) 2 🟢 -

TikTok Analytics Questions Evaluation (HEAD-1769701381)

Score Average Improvements Regressions
Question_answered 0% (+0pp) - -
Llm_calls 0 (+0) - -
Tool_calls 0 (+0) - -
Errors 0 (+0) - -
Llm_errors 0 (+0) - -
Tool_errors 0 (+0) - -
Prompt_tokens 0tok (+0tok) - -
Prompt_cached_tokens 0tok (+0tok) - -
Prompt_cache_creation_tokens 0tok (+0tok) - -
Completion_tokens 0tok (+0tok) - -
Completion_reasoning_tokens 0tok (+0tok) - -
Total_tokens 0tok (+0tok) - -
Duration 15.74s (+2.07s) - 2 🔴

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant