Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Develop#259

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
ucswift merged 4 commits intomasterfromdevelop
Oct 23, 2025
Merged

Develop#259

ucswift merged 4 commits intomasterfromdevelop
Oct 23, 2025

Conversation

@ucswift
Copy link
Member

@ucswiftucswift commentedOct 23, 2025
edited by coderabbitaibot
Loading

Summary by CodeRabbit

  • Bug Fixes

    • Subscription service now returns an empty plan-count object instead of null for missing billing data, reducing runtime null errors.

  • Refactor

    • Mapping features now pull enriched user, group, and role information to improve personnel accuracy.

  • Chores

    • Added automated workflow to sync merged PRs to the changelog service.
    • Minor code cleanup and maintenance.

@request-info
Copy link

Thanks for opening this, but we'd appreciate a little more information. Could you update it with more details?

@coderabbitai
Copy link
Contributor

coderabbitaibot commentedOct 23, 2025
edited
Loading

Walkthrough

Adds a GitHub Actions workflow to post merged PRs to Changerawr, changes SubscriptionsService to return an empty DepartmentPlanCount instead of null on missing billing data, removes an unused using from MongoRepository, and changes MappingController to fetch personnel via a new users-service method.

Changes

Cohort / File(s)Summary
GitHub Actions Workflow
.github/workflows/changerawr-sync.yml		New workflow triggered onpull_request closed events formaster (runs only when merged); usesactions/github-script to assemble PR details (notes and metadata) and POST them to the Changerawr changelog endpoint using secrets for API key and project ID; logs success or fails on non-OK responses and may comment on the PR.
Service Logic Updates
Core/Resgrid.Services/SubscriptionsService.cs		GetPlanCountsForDepartmentAsync now returns a new emptyDepartmentPlanCount when the Billing API returnsNotFound orresponse.Data is null, instead of returningnull.
Repository Cleanup
Repositories/Resgrid.Repositories.NoSqlRepository/MongoRepository.cs		Removed unusedusing System.Runtime.CompilerServices; directive.
Controller Data Source Update
Web/Resgrid.Web.Services/Controllers/v4/MappingController.cs		Replaced call toGetAllPersonnelNamesForDepartmentAsync withGetUserGroupAndRolesByDepartmentIdAsync(...) and updated iteration/condition checks to use the returnedpeople collection; implies addition ofGetUserGroupAndRolesByDepartmentIdAsync to the users service API.

Sequence Diagram(s)

sequenceDiagram    participant GH as GitHub    participant Runner as Actions Runner    participant Script as github-script    participant Ch as Changerawr API    rect rgb(235,245,255)    Note over GH,Runner: PR closed (master) & merged    end    GH->>Runner: trigger workflow (pull_request.closed)    Runner->>Script: run script (extract PR data)    Script->>Script: build payload (notes, metadata)        rect rgb(240,255,240)    Note over Script,Ch: POST changelog entry    end    Script->>Ch: POST /api/projects/{id}/changelog (payload, API key header)    alt 2xx Success        Ch-->>Script: 2xx response        Script->>Runner: log success        Script->>GH: optionally post comment on PR    else Non-OK / Error        Ch-->>Script: non-OK / error        Script->>Runner: log error & fail job    end
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped a PR across the green,
Pushed notes where changelogs are seen.
Empty counts no longer hide,
Old imports brushed aside.
New people paths made mappings keen. ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)
Check nameStatusExplanationResolution
Docstring Coverage⚠️ WarningDocstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.You can run@coderabbitai generate docstrings to improve docstring coverage.
Title Check❓ InconclusiveThe pull request title is "Develop," which appears to be the source branch name rather than a descriptive summary of the changes. The changeset includes multiple unrelated modifications across different files: adding a GitHub Actions workflow for Changerawr sync, modifying null-handling logic in SubscriptionsService, removing a using directive from MongoRepository, and updating MappingController to use a different data source. The title "Develop" is too vague and generic to convey meaningful information about what the PR actually accomplishes, making it impossible for a reviewer scanning the history to understand the primary change.The title should be revised to clearly describe the primary objective or the most significant change in the PR. Consider using a descriptive title that highlights the main purpose, such as "Add Changerawr sync workflow and update null handling in subscription and mapping services" or breaking these changes into separate PRs if they represent distinct features or bug fixes.
✅ Passed checks (1 passed)
Check nameStatusExplanation
Description Check✅ PassedCheck skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branchdevelop
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between1aed9bf and402f17b.

📒 Files selected for processing (1)
  • .github/workflows/changerawr-sync.yml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: Analyze (csharp)
  • GitHub Check: Analyze (javascript-typescript)
  • GitHub Check: Analyze (csharp)
  • GitHub Check: Analyze (javascript-typescript)
🔇 Additional comments (3)
.github/workflows/changerawr-sync.yml (3)

2-4:Permissions block properly secured.

The workflow now includes explicit permissions with least-privilege access. The use ofissues: write (rather thanpull-requests: write from the earlier suggestion) is technically correct—the GitHub REST API for creating comments on PRs uses the Issues endpoint, which requiresissues: write.

40-40:Null guards and defensive programming in place.

Line 40 correctly guards against a nullmerged_by field using optional chaining with a fallback (?.login || 'unknown'). The PR comment creation at lines 66–71 appropriately leverages the guardedprNumber, and error handling at lines 73–75 ensures workflow failures are logged clearly.

Also applies to: 66-71

44-76:Strong error handling and API integration.

The fetch call properly structures headers with Bearer token authentication, the error path captures response status and body for debugging, andcore.setFailed() correctly marks the workflow as failed on exception. The confirm-comment on the PR provides good user feedback on success.

Thanks for usingCodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment@coderabbitai help to get the list of available commands and usage tips.

Copy link
Contributor

@coderabbitaicoderabbitaibot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Actionable comments posted: 3

🧹 Nitpick comments (1)
.github/workflows/changerawr-sync.yml (1)

41-57:Consider validating required environment variables.

The workflow usesCHANGERAWR_API_KEY andCHANGERAWR_PROJECT_ID from secrets but doesn't validate they exist before making the API call. While the API call will fail anyway, early validation would provide clearer error messages.

Add validation before the fetch call:

           try {+            if (!process.env.CHANGERAWR_API_KEY || !process.env.CHANGERAWR_PROJECT_ID) {+              throw new Error('Required secrets CHANGERAWR_API_KEY and CHANGERAWR_PROJECT_ID must be configured');+            }+             const response = await fetch(
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between713677c and1aed9bf.

📒 Files selected for processing (4)
  • .github/workflows/changerawr-sync.yml (1 hunks)
  • Core/Resgrid.Services/SubscriptionsService.cs (1 hunks)
  • Repositories/Resgrid.Repositories.NoSqlRepository/MongoRepository.cs (0 hunks)
  • Web/Resgrid.Web.Services/Controllers/v4/MappingController.cs (2 hunks)
💤 Files with no reviewable changes (1)
  • Repositories/Resgrid.Repositories.NoSqlRepository/MongoRepository.cs
🧰 Additional context used
📓 Path-based instructions (1)
**/*.cs

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

**/*.cs: Prefer functional patterns and immutable data where appropriate in C#
Use modern C# features appropriately
Use meaningful, descriptive names for types, methods, and parameters; avoid unclear abbreviations
Separate state from behavior (e.g., use records for state and place operations in separate static classes)
Prefer pure methods over methods with side effects
Use extension methods appropriately for domain-specific operations
Design for testability; avoid hidden dependencies inside methods and prefer explicit, pure functions
Minimize constructor injection; keep the number of injected dependencies small
Prefer composition with interfaces to extend behavior

Files:

  • Core/Resgrid.Services/SubscriptionsService.cs
  • Web/Resgrid.Web.Services/Controllers/v4/MappingController.cs
🧬 Code graph analysis (1)
Core/Resgrid.Services/SubscriptionsService.cs (1)
Core/Resgrid.Model/DepartmentPlanCount.cs (1)
  • DepartmentPlanCount (3-23)
🪛 GitHub Check: CodeQL
.github/workflows/changerawr-sync.yml

[warning] 13-73: Workflow does not contain permissions
Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)
  • GitHub Check: build
  • GitHub Check: Analyze (csharp)
  • GitHub Check: Analyze (javascript-typescript)
  • GitHub Check: Analyze (javascript-typescript)
  • GitHub Check: Analyze (csharp)
🔇 Additional comments (2)
Core/Resgrid.Services/SubscriptionsService.cs (1)

101-105:LGTM: Improved null safety.

Returning an emptyDepartmentPlanCount object instead of null is a good defensive programming practice that prevents null reference exceptions in calling code. This aligns with the existing fallback behavior at line 110 and provides consistent semantics (zero counts when plan data is unavailable).

Web/Resgrid.Web.Services/Controllers/v4/MappingController.cs (1)

106-106:LGTM: Clean refactoring to users service.

The change fromGetAllPersonnelNamesForDepartmentAsync toGetUserGroupAndRolesByDepartmentIdAsync appears to consolidate personnel data retrieval into the users service. The newpeople collection provides the necessaryUserId andName properties used throughout the mapping logic, and the refactoring maintains the same functionality while improving the API design.

Also applies to: 377-379

Comment on lines +10 to +15
jobs:
post-to-changerawr:
# Only run if the PR was merged (not just closed)
if:github.event.pull_request.merged == true
runs-on:ubuntu-latest

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

⚠️ Potential issue |🟠 Major

Add explicit permissions block for security.

The workflow should define explicit permissions for the GITHUB_TOKEN to follow the principle of least privilege. This prevents potential security issues if the workflow is modified in the future.

Apply this diff to add a minimal permissions block:

 jobs:   post-to-changerawr:     # Only run if the PR was merged (not just closed)     if: github.event.pull_request.merged == true     runs-on: ubuntu-latest+    permissions:+      pull-requests: write+      contents: read          steps:

Based on static analysis hints.

🤖 Prompt for AI Agents
.github/workflows/changerawr-sync.yml lines 10-15: the workflow lacks anexplicit permissions block for GITHUB_TOKEN; add a top-level permissions section(placed before jobs:) that explicitly grants only the minimal scopes this jobneeds (e.g., contents: read and any specific scopes like pull-requests: write oractions: read only if required by the post-to-changerawr job); ensure you scopepermissions to the least privilege necessary and do not rely on defaultpermissions.

Comment on lines +105 to +106
//var personnelNames = await _departmentsService.GetAllPersonnelNamesForDepartmentAsync(DepartmentId);
varpeople=await_usersService.GetUserGroupAndRolesByDepartmentIdAsync(DepartmentId,false,false,false);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

🛠️ Refactor suggestion |🟠 Major

Remove commented-out code.

The commented-out line should be deleted rather than left in the codebase. Version control preserves the history if needed.

Apply this diff:

-//var personnelNames = await _departmentsService.GetAllPersonnelNamesForDepartmentAsync(DepartmentId); var people = await _usersService.GetUserGroupAndRolesByDepartmentIdAsync(DepartmentId, false, false, false); var personnelLocations = await _usersService.GetLatestLocationsForDepartmentPersonnelAsync(DepartmentId);

As per coding guidelines (avoid commented-out code).

📝 Committable suggestion

‼️IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
//var personnelNames = await _departmentsService.GetAllPersonnelNamesForDepartmentAsync(DepartmentId);
varpeople=await_usersService.GetUserGroupAndRolesByDepartmentIdAsync(DepartmentId,false,false,false);
varpeople=await_usersService.GetUserGroupAndRolesByDepartmentIdAsync(DepartmentId,false,false,false);
🤖 Prompt for AI Agents
In Web/Resgrid.Web.Services/Controllers/v4/MappingController.cs around lines 105to 106, remove the commented-out line "//var personnelNames = await_departmentsService.GetAllPersonnelNamesForDepartmentAsync(DepartmentId);" soonly the active call to _usersService remains; commit the deletion (no codechanges beyond removing the commented line) to keep the codebase clean and relyon version control for history.

ucswiftand others added2 commitsOctober 23, 2025 13:38
…ain permissionsCo-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
@ucswift
Copy link
MemberAuthor

Approve

Copy link

@github-actionsgithub-actionsbot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

This PR is approved.

@ucswiftucswift merged commit0f606fe intomasterOct 23, 2025
15 of 17 checks passed
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@coderabbitaicoderabbitai[bot]coderabbitai[bot] left review comments

@github-actionsgithub-actions[bot]github-actions[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ucswift
[8]ページ先頭
©2009-2025 Movatter.jp