Release 1.0.0 #110

Sourav-Tekdi · 2024-12-05T12:50:57Z

Summary by CodeRabbit

Here are the release notes for this update:

Release Notes

New Features
- Added Academic Years management functionality
- Introduced Cohort Academic Year tracking
- Enhanced user authentication with OTP and password reset capabilities
- Added custom field management for cohorts
Improvements
- Streamlined cohort search and filtering
- Improved error handling across services
- Updated authentication and authorization mechanisms
- Enhanced user and tenant management
Breaking Changes
- Removed Hasura-related modules and services
- Discontinued attendance tracking functionality
- Refactored service adapters to focus on PostgreSQL
Bug Fixes
- Corrected import paths and module dependencies
- Fixed validation and error response handling
- Improved data consistency across services

added key for missing APIID

PS-1914 - forgot_password_API

ERROR: 500 Internal Server Error on Create User API Endpoint

Global Master Data Fetch

…ch privileges

PS-2038: added changes for reset api and integrate email after reset successfully

…to tenantApi

…rvice into release-1.0.0

Changes regarding 'Add tenantId column in “RolePrivilegesMapping” table'

Create user without token

…to main

Search support for mutiple mail ids

…to main

PS-2441 feat : Changes in backend for inconsistent attendance

Cohort member update api issue

PS-3252: Introduce Status field on program management

…rvice into main

PS-3323: Adding New Fields from the backend

Added route config file for interface

sonarqubecloud · 2025-01-17T06:50:15Z

Quality Gate failed

Failed conditions
1 Security Hotspot
C Reliability Rating on New Code (required ≥ A)
C Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

coderabbitai

Actionable comments posted: 44

🔭 Outside diff range comments (5)

src/cohort/cohortadapter.ts (1)
Line range hint 11-15: Add default case and error handling to switch statement.

The switch statement lacks a default case and error handling for invalid adapter sources, which could lead to returning undefined.

Consider this improvement:
     switch (process.env.ADAPTERSOURCE) {
       case "postgres":
         adapter = this.postgresProvider;
         break;
+      default:
+        throw new Error(`Invalid adapter source: ${process.env.ADAPTERSOURCE}`);
     }
src/adapters/cohortMembersservicelocator.ts (1)
Line range hint 6-13: Improve type safety in method signatures.

The method uses any type for parameters which reduces type safety.
   createCohortMembers(
-    loginUser: any,
+    loginUser: User,
-    response: any,
+    response: Response,
     tenantId: string,
     deviceId: string,
     academicyearid: string
-  );
+  ): Promise<void>;
src/auth/auth.service.ts (1)
Line range hint 99-121: Enhance token refresh security.

The refreshToken method should validate the refresh token's expiration before attempting to refresh.
 async refreshToken(
   refreshToken: string,
   response: Response
 ): Promise<LoginResponse> {
   const apiId = APIID.REFRESH;
+  try {
+    const decoded: any = jwt_decode(refreshToken);
+    if (decoded.exp * 1000 < Date.now()) {
+      return APIResponse.error(
+        response,
+        apiId,
+        "Token Expired",
+        "Refresh token has expired",
+        HttpStatus.UNAUTHORIZED
+      );
+    }
+  } catch (error) {
+    return APIResponse.error(
+      response,
+      apiId,
+      "Invalid Token",
+      "Invalid refresh token format",
+      HttpStatus.UNAUTHORIZED
+    );
+  }
   const { access_token, expires_in, refresh_token, refresh_expires_in } =
.github/workflows/dev-pratham-eks-deployment.yaml (2)
Line range hint 48-52: Remove duplicate AWS credentials configuration.

The AWS credentials configuration step is duplicated. Remove the second occurrence as it's redundant.

🧰 Tools

🪛 yamllint (1.35.1)

[warning] 33-33: wrong indentation: expected 8 but found 7

(indentation)

[error] 34-34: trailing spaces

(trailing-spaces)

[error] 36-36: trailing spaces

(trailing-spaces)

Line range hint 77-89: Add deployment validation and rollback mechanism.

The current deployment process aggressively deletes resources without validation or rollback capability.
        kubectl delete deployment backend
        kubectl delete service backend
        kubectl delete cm backend-service-config
        kubectl apply -f manifest/backend-updated.yaml
        kubectl apply -f manifest/configmap.yaml
+       # Wait for deployment to complete
+       if ! kubectl rollout status deployment/backend --timeout=300s; then
+         echo "Deployment failed! Rolling back..."
+         kubectl rollout undo deployment/backend
+         exit 1
+       fi
        sleep 10

♻️ Duplicate comments (1)

manifest/backend.yaml (1)
31-39: ⚠️ Potential issue

Define resource limits for the cloudwatch-logs-agent container.

Resource limits are essential for container stability and cluster resource management. Add memory and CPU limits.
        resources: {}
+        resources:
+          limits:
+            memory: "256Mi"
+            cpu: "200m"
+          requests:
+            memory: "128Mi"
+            cpu: "100m"
🧰 Tools

🪛 GitHub Check: SonarCloud

[warning] 31-31: Memory limits should be enforced
Specify a memory limit for this container.
See more on SonarQube Cloud

🧹 Nitpick comments (50)

src/authRbac/authRbac.module.ts (1)

Line range hint 1-40: Architectural changes align with PostgreSQL migration.

The removal of HasuraModule and the focus on PostgreSQL-native functionality through TypeORM is a good architectural decision. This simplifies the stack and reduces complexity by eliminating an additional layer of abstraction.

Consider documenting the following aspects to ensure smooth maintenance:

The JWT configuration strategy

The role-based access control flow

The relationship between Role, UserRoleMapping, and RolePrivilegeMapping entities
src/auth/auth.controller.ts (2)
69-75: Use consistent camelCase naming convention.

The destructuring uses snake_case (refresh_token) while TypeScript/NestJS convention is camelCase.
-    const { refresh_token: refreshToken } = body;
+    const { refreshToken } = body;
Also update the DTO to use camelCase:
export class RefreshTokenRequestBody {
  @ApiProperty()
  refreshToken: string;
}
86-86: LGTM! Proper async/await usage.

The async handling is correct, but consider the same camelCase naming convention suggestion as mentioned for the refreshToken method.
src/academicyears/academicyears.controller.ts (4)
49-62: Refactor to remove direct usage of @Res()

Directly using @Res() and manipulating the response object bypasses NestJS's automated response handling. It's recommended to return values or throw exceptions, allowing NestJS to handle the HTTP response status and formatting.

Refactor the method to return the result directly:
 async createAcademicYears(
     @Body() academicYearDto: AcademicYearDto,
-    @Res() response: Response,
     @Headers() headers
 ) {
     const tenantId = headers["tenantid"];
     if (!tenantId || !isUUID(tenantId)) {
         throw new BadRequestException(API_RESPONSES.TENANTID_VALIDATION);
     }
     const result = await this.academicYearAdapter
-        .buildAcademicYears()
         .createAcademicYear(academicYearDto, tenantId);
-    return response.status(result.statusCode).json(result);
+    return result;
 }
Ensure that createAcademicYear returns the appropriate data or throws exceptions as needed.

54-57: Extract tenant ID validation into a custom guard

Validating the tenantid header in each method leads to repetitive code. Consider creating a custom guard to handle tenant ID extraction and validation, promoting code reuse and adhering to DRY principles.

Example of a custom guard:
import { CanActivate, ExecutionContext, Injectable, BadRequestException } from '@nestjs/common';
import { isUUID } from 'class-validator';

@Injectable()
export class TenantGuard implements CanActivate {
  canActivate(context: ExecutionContext): boolean {
    const request = context.switchToHttp().getRequest();
    const tenantId = request.headers['tenantid'];
    if (!tenantId || !isUUID(tenantId)) {
      throw new BadRequestException(API_RESPONSES.TENANTID_VALIDATION);
    }
    request.tenantId = tenantId;
    return true;
  }
}
Apply the guard to the controller:
 import { JwtAuthGuard } from "src/common/guards/keycloak.guard";
+import { TenantGuard } from "src/common/guards/tenant.guard";

 @UseGuards(JwtAuthGuard, TenantGuard)
 export class AcademicyearsController {
Then, access tenantId from the request in your methods:
async createAcademicYear(@Body() dto: AcademicYearDto, @Request() req) {
  const tenantId = req.tenantId;
  // ...
}
58-60: Simplify adapter method chaining

The use of .buildAcademicYears() may be unnecessary if it simply returns the adapter instance. Consider removing it to simplify the method call.

Update the method call:
 const result = await this.academicYearAdapter
-    .buildAcademicYears()
     .createAcademicYear(academicYearDto, tenantId);
25-35: Organize import statements

Rearrange the import statements to group them logically and alphabetically, separating external modules, third-party libraries, and local imports for improved readability.
src/adapters/postgres/cohortAcademicYear-adapter.ts (6)
16-17: Adjust class declaration formatting

The class declaration doesn't adhere to the project's formatting guidelines. Place the implements keyword on a new line and ensure the opening brace { is correctly positioned.

Apply this diff:
 @Injectable()
-export class CohortAcademicYearService implements IServiceLocatorCohortAcademicYear {
+export class CohortAcademicYearService
+  implements IServiceLocatorCohortAcademicYear
+{
🧰 Tools

🪛 eslint

[error] 16-17: Replace ·implements·IServiceLocatorCohortAcademicYear·{⏎ with ⏎··implements·IServiceLocatorCohortAcademicYear⏎{

(prettier/prettier)

23-24: Remove unnecessary comma and whitespace

There's an extraneous comma and whitespace after the constructor parameters. Clean up to adhere to formatting standards.

Apply this diff:
     @InjectRepository(CohortAcademicYear)
     private readonly cohortAcademicYearRepository: Repository<CohortAcademicYear>,
-  ) { }
+  ) {}
🧰 Tools

🪛 eslint

[error] 23-23: Delete ,

(prettier/prettier)

[error] 24-24: Delete ·

(prettier/prettier)

26-28: Format method parameters for readability

The method signature is lengthy and can be formatted across multiple lines to enhance readability.

Apply this diff:
-  async createCohortAcademicYear(tenantId: string, request: Request, cohortAcademicYearDto: CohortAcademicYearDto, response: Response) {
+  async createCohortAcademicYear(
+    tenantId: string,
+    request: Request,
+    cohortAcademicYearDto: CohortAcademicYearDto,
+    response: Response,
+  ) {
🧰 Tools

🪛 eslint

[error] 26-26: Replace tenantId:·string,·request:·Request,·cohortAcademicYearDto:·CohortAcademicYearDto,·response:·Response with ⏎····tenantId:·string,⏎····request:·Request,⏎····cohortAcademicYearDto:·CohortAcademicYearDto,⏎····response:·Response⏎··

(prettier/prettier)

34-34: Use consistent quotation marks

Replace single quotes with double quotes in string literals to maintain consistency with the project's style guidelines.

Apply this diff:
         where: { cohortId: cohortAcademicYearDto.cohortId, status: 'active' },
+        where: { cohortId: cohortAcademicYearDto.cohortId, status: "active" },
🧰 Tools

🪛 eslint

[error] 34-34: Replace 'active' with "active"

(prettier/prettier)

74-75: Format method call for clarity

Break long method arguments into multiple lines for better readability.

Apply this diff:
-      const createdAcademicYear = await this.insertCohortAcademicYear(cohortAcademicYearDto.cohortId, cohortAcademicYearDto.academicYearId, cohortAcademicYearDto.createdBy, cohortAcademicYearDto.updatedBy);
+      const createdAcademicYear = await this.insertCohortAcademicYear(
+        cohortAcademicYearDto.cohortId,
+        cohortAcademicYearDto.academicYearId,
+        cohortAcademicYearDto.createdBy,
+        cohortAcademicYearDto.updatedBy,
+      );
🧰 Tools

🪛 eslint

[error] 74-74: Replace cohortAcademicYearDto.cohortId,·cohortAcademicYearDto.academicYearId,·cohortAcademicYearDto.createdBy,·cohortAcademicYearDto.updatedBy with ⏎········cohortAcademicYearDto.cohortId,⏎········cohortAcademicYearDto.academicYearId,⏎········cohortAcademicYearDto.createdBy,⏎········cohortAcademicYearDto.updatedBy⏎······

(prettier/prettier)

86-95: Enhance error handling by logging exceptions

Currently, the catch block returns a generic error message. Logging the error can aid in debugging and monitoring.

Add error logging:
   } catch (error) {
+    console.error("Error in createCohortAcademicYear:", error);
     const errorMessage = error.message || "Internal server error";
     return APIResponse.error(
src/adapters/postgres/academicyears-adapter.ts (3)
16-16: Adjust class declaration formatting

Place the opening brace { on a new line to conform to the project's formatting guidelines.

Apply this diff:
 implements IServicelocatorAcademicyear {
+{
🧰 Tools

🪛 eslint

[error] 16-16: Replace · with ⏎

(prettier/prettier)

22-22: Remove trailing whitespace

There's unnecessary whitespace at the end of the line, which should be removed to adhere to style guidelines.

🧰 Tools

🪛 eslint

[error] 22-22: Delete ·

(prettier/prettier)

38-45: Ensure proper error messaging in tenant validation

In the tenant existence check, the error response uses API_RESPONSES.TENANT_NOTFOUND for both the title and message. Verify if this is intentional or if the message should be API_RESPONSES.NOT_FOUND.

Clarify the intended error message and adjust accordingly.

🧰 Tools

🪛 eslint

[error] 38-38: Replace ·where:·{·tenantId:·tenantId·}·}) with ⏎········where:·{·tenantId:·tenantId·},⏎······});

(prettier/prettier)
src/cohort/cohort.controller.ts (1)
127-133: Remove redundant assignment to cohortCreateDto.createdBy

The createdBy field is assigned twice. Remove the redundant assignment to keep the code clean.

Apply this diff:
-    cohortCreateDto.createdBy = userId;
src/adapters/postgres/cohortMembers-adapter.ts (3)
701-701: Use const instead of let for variables that are never reassigned

The variable cohortMembershipToUpdate is never reassigned after its initial assignment. Use const instead of let for better code clarity and to adhere to best practices.

Apply this diff:
-      let cohortMembershipToUpdate = await this.cohortMembersRepository.findOne({
+      const cohortMembershipToUpdate = await this.cohortMembersRepository.findOne({
         where: { cohortMembershipId: cohortMembershipId },
       });
🧰 Tools

🪛 eslint

[error] 701-701: 'cohortMembershipToUpdate' is never reassigned. Use 'const' instead.

(prefer-const)

[error] 701-701: Insert ⏎········

(prettier/prettier)

715-715: Use const for the variable result

The variable result is not reassigned after its initial assignment. Change it to const for consistency and to follow best practices.

Apply this diff:
-      let result = await this.cohortMembersRepository.save(
+      const result = await this.cohortMembersRepository.save(
         cohortMembershipToUpdate
       );
🧰 Tools

🪛 eslint

[error] 715-715: 'result' is never reassigned. Use 'const' instead.

(prefer-const)

725-725: Avoid using the delete operator for better performance

Using the delete operator can negatively impact performance. Consider setting the property to undefined or using object destructuring to exclude the property.

Apply this diff:
-      delete cohortMembersUpdateDto.customFields;
+      cohortMembersUpdateDto.customFields = undefined;
Alternatively, create a new object without the customFields property:
const { customFields, ...updatedDto } = cohortMembersUpdateDto;
🧰 Tools

🪛 Biome (1.9.4)

[error] 725-725: Avoid the delete operator which can impact performance.

Unsafe fix: Use an undefined assignment instead.

(lint/performance/noDelete)
src/adapters/postgres/cohort-adapter.ts (4)
2-2: Remove unused import jwt_decode

The imported jwt_decode module is not used in this file. Removing it will clean up the code and improve maintainability.

Apply this diff:
- import jwt_decode from "jwt-decode";
50-65: Remove commented-out code to enhance readability

The block of code from lines 50 to 65 is commented out. Removing unused code helps keep the codebase clean and easier to maintain.

528-528: Use Object.hasOwn() instead of hasOwnProperty

Directly accessing hasOwnProperty can lead to unexpected behavior if the object has a property with the same name. Use Object.hasOwn() for a safer check.

Apply this diff:
-            if (cohortUpdateDto.hasOwnProperty(key) && cohortUpdateDto[key] !== null) {
+            if (Object.hasOwn(cohortUpdateDto, key) && cohortUpdateDto[key] !== null) {
🧰 Tools

🪛 Biome (1.9.4)

[error] 528-528: Do not access Object.prototype method 'hasOwnProperty' from target object.

It's recommended using Object.hasOwn() instead of using Object.hasOwnProperty().
See MDN web docs for more details.

(lint/suspicious/noPrototypeBuiltins)

284-286: Avoid using the delete operator for better performance

Using the delete operator can affect performance. Instead of deleting properties, set them to undefined or create a new object without the property.

However, note that in this case, the delete operator is not present in these lines. If the delete operator is used elsewhere, consider refactoring as suggested.

🧰 Tools

🪛 eslint

[error] 284-286: Replace ⏎······API_RESPONSES.COHORT_FIELD_DETAILS,⏎····) with API_RESPONSES.COHORT_FIELD_DETAILS);

(prettier/prettier)
src/adapters/postgres/fields-adapter.ts (1)
793-793: Use const instead of let for variables that are never reassigned

The variable tenantCond is assigned but never reassigned. Using const enhances code safety by preventing unintended reassignment.

Apply this diff:
-let tenantCond = tenantId? `"tenantId" = ${tenantId}` :`"tenantId" IS NULL`
+const tenantCond = tenantId ? `"tenantId" = ${tenantId}` : `"tenantId" IS NULL`
🧰 Tools

🪛 eslint

[error] 793-793: 'tenantCond' is never reassigned. Use 'const' instead.

(prefer-const)

[error] 793-793: Replace ?·"tenantId"·=·${tenantId}·:"tenantId"·IS·NULL`` with ⏎········?·"tenantId"·=·${tenantId}`⏎········:·`"tenantId"·IS·NULL`;`

(prettier/prettier)
src/adapters/postgres/user-adapter.ts (3)
1031-1031: Variable resKeycloak is never reassigned; use const instead of let

The variable resKeycloak is declared with let but is never reassigned after its initial assignment.

Apply this diff:
-let resKeycloak;
+const resKeycloak;
🧰 Tools

🪛 eslint

[error] 1031-1032: Delete ⏎

(prettier/prettier)

2015-2016: Variables error and success are never reassigned; use const instead of let

The variables error and success are declared with let but are never reassigned after their initial assignment.

Apply this diff:
-let error = [];
-let success = [];
+const error = [];
+const success = [];
🧰 Tools

🪛 eslint

[error] 2015-2015: 'error' is never reassigned. Use 'const' instead.

(prefer-const)

[error] 2016-2016: 'success' is never reassigned. Use 'const' instead.

(prefer-const)

2126-2129: Improve error handling by checking for undefined errors

When accessing mailSend.result.email.errors, ensure that errors is defined to prevent runtime errors.

Adjust the code to safely access errors:
if (mailSend?.result?.email?.errors && mailSend.result.email.errors.length > 0) {
  const errorMessages = mailSend.result.email.errors.map((error: { error: string }) => error.error);
  const combinedErrorMessage = errorMessages.join(", ");
  throw new Error(`Error: ${combinedErrorMessage}`);
}
🧰 Tools

🪛 eslint

[error] 2126-2126: Replace mailSend?.result?.email?.errors·&&·mailSend.result.email.errors.length·>·0 with ⏎········mailSend?.result?.email?.errors·&&⏎········mailSend.result.email.errors.length·>·0⏎······

(prettier/prettier)

[error] 2127-2127: Replace (error:·{·error:·string;·})·=>·error.error with ⏎··········(error:·{·error:·string·})·=>·error.error⏎········

(prettier/prettier)
src/academicyears/dto/academicyears-search.dto.ts (1)
5-8: Property isActive should use the correct boolean transformation

The IsBoolean decorator checks if the value is a boolean type. However, when receiving data from query parameters, values are often strings. Consider using Transform to convert the input to a boolean.

Apply this change:
import { Transform } from 'class-transformer';

@ApiProperty({ description: "isActive", example: true })
@IsOptional()
@Transform(({ value }) => value === 'true' || value === true)
@IsBoolean()
isActive?: boolean;
src/academicyears/academicyearsadaptor.ts (1)
7-9: Consider using dependency injection tokens.

For better testability and configuration, consider using NestJS dependency injection tokens for the adapter source.

Example implementation:
// academic-year.constants.ts
export const ACADEMIC_YEAR_ADAPTER_SOURCE = 'ACADEMIC_YEAR_ADAPTER_SOURCE';

// academic-year.module.ts
{
  provide: ACADEMIC_YEAR_ADAPTER_SOURCE,
  useValue: process.env.ADAPTERSOURCE
}

// Then inject in constructor
constructor(
  @Inject(ACADEMIC_YEAR_ADAPTER_SOURCE) private readonly adapterSource: string,
  private readonly postgresProviders: PostgresAcademicYearService
)
src/academicyears/academicyears.module.ts (1)
14-14: Fix formatting: Remove trailing space.

Remove the trailing space before the closing curly brace to comply with prettier formatting rules.
-export class AcademicyearsModule { }
+export class AcademicyearsModule {}
🧰 Tools

🪛 eslint

[error] 14-14: Delete ·

(prettier/prettier)
src/adapters/privilegeservicelocator.ts (1)
14-14: Remove duplicate comment.

The comment for updatePrivilege appears twice in the file.
-  // updatePrivilege(privilegeId, request, privilegeDto)
Also applies to: 22-22
src/academicyears/entities/academicyears-entity.ts (2)
9-48: Add indexes for performance optimization.

Consider adding indexes for frequently queried fields like tenantId and isActive to improve query performance.
 @Entity("AcademicYears")
+@Index(["tenantId", "isActive"])
 export class AcademicYear {
   // ... existing code ...
 }
20-21: Add validation for session format.

The session field lacks validation constraints. Consider adding validation decorators to ensure consistent format.
+import { IsNotEmpty, Matches } from "class-validator";

 @Column({ type: "varchar", length: 15, name: "session" })
+@IsNotEmpty()
+@Matches(/^\d{4}-\d{4}$/, { message: "Session must be in YYYY-YYYY format" })
 session: string;
src/academicyears/dto/academicyears-create.dto.ts (1)
20-20: Add API documentation for optional field.

The isActive field lacks Swagger documentation.
+  @ApiProperty({ description: "Active status flag", example: true, default: true })
   isActive?: boolean;
src/adapters/fieldsservicelocator.ts (1)
15-20: Consider using a more specific return type.

The updateFields method and other methods in the interface should specify their return types for better type safety.
- updateFields(fieldId: any, request: any, fieldsUpdateDto: FieldsUpdateDto, response: Response);
+ updateFields(fieldId: string, request: any, fieldsUpdateDto: FieldsUpdateDto, response: Response): Promise<void>;
src/app.module.ts (1)

Line range hint 5-9: Remove commented code.

Consider removing or documenting the commented code blocks. If these modules are truly not in use for Shiksha 2.0, they should be removed rather than commented out.
src/cohort/cohort.module.ts (1)
27-38: Fix formatting issues.

Add a trailing comma after the last item in the TypeOrmModule.forFeature array.
      User,
-     Tenants
+     Tenants,
🧰 Tools

🪛 eslint

[error] 37-37: Insert ,

(prettier/prettier)
src/cohort/dto/cohort-create.dto.ts (2)
69-70: Remove commented code.

Remove the commented-out code to improve code readability.

Apply this diff:
-  // @Expose()
-  // status: string;
103-119: Remove redundant comments and consolidate field declarations.

The redundant //fieldValues comments and commented-out code block can be removed to improve code readability.

Apply this diff:
-  //fieldValues
-  //fieldValues
   @ApiPropertyOptional({
     type: [FieldValuesOptionDto],
     description: "The fieldValues Object",
   })
   @ValidateNested({ each: true })
   @Type(() => FieldValuesOptionDto)
   customFields: FieldValuesOptionDto[];
-  // @ApiPropertyOptional({
-  //   type: String,
-  //   description: "The fieldValues Object",
-  // })
-  // @IsString()
-  // @IsOptional()
-  // @Expose()
-  // fieldValues?: string;
src/adapters/postgres/postgres-module.ts (1)
67-67: Remove extra space in module class declaration.

Remove the extra space between the class declaration and the closing brace.

Apply this diff:
-export class PostgresModule { }
+export class PostgresModule {}
🧰 Tools

🪛 eslint

[error] 67-67: Delete ·

(prettier/prettier)
src/authRbac/authRbac.service.ts (1)
53-58: Standardize error message format.

The error messages should follow a consistent format. Currently, both error responses use "Bad Request" as the error type but have different message formats.

Apply this diff:
       return APIResponse.error(
         response,
         apiId,
         "Bad Request",
-        "User details or tenant not found for user",
+        "User details or tenant not found",
         HttpStatus.BAD_REQUEST
       );
     }

     const userRoles = await this.postgresRoleService.findUserRoleData(
       userData?.userId,
       tenantId
     );

     if (!userRoles?.length) {
       return APIResponse.error(
         response,
         apiId,
         "Bad Request",
-        "Roles not found for user",
+        "No roles assigned to user",
         HttpStatus.BAD_REQUEST
       );
Also applies to: 68-74
src/auth/auth.service.ts (1)
Line range hint 28-66: Add rate limiting for login attempts.

The login endpoint should implement rate limiting to prevent brute force attacks.

Consider using @nestjs/throttler decorator to add rate limiting:
import { Throttle } from '@nestjs/throttler';

@Throttle(5, 60) // 5 attempts per minute
async login(authDto, response: Response) {
  // existing code
}
src/adapters/postgres/rbac/privilegerole.adapter.ts (1)
83-89: Remove unnecessary try-catch block.

The try-catch block that only rethrows the error is redundant and can be removed.
 public async deleteByRoleId(roleId: string) {
-  try {
-    await this.rolePrivilegeMappingRepository.delete({ roleId });
-  } catch (error) {
-    throw error;
-  }
+  await this.rolePrivilegeMappingRepository.delete({ roleId });
 }
🧰 Tools

🪛 Biome (1.9.4)

[error] 87-87: The catch clause that only rethrows the original error is useless.

An unnecessary catch clause can be confusing.
Unsafe fix: Remove the try/catch clause.

(lint/complexity/noUselessCatch)
src/adapters/postgres/rbac/privilege-adapter.ts (1)
291-297: Optimize privilege response mapping.

The mapping of privilege response can be optimized using array methods.
-      const privilegeResponseArray: PrivilegeResponseDto[] = result.map(
-        (item: any) => {
-          const privilegeDto = new PrivilegeDto(item);
-          privilegeDto.title = item.name;
-          return new PrivilegeResponseDto(privilegeDto);
-        }
-      );
+      const privilegeResponseArray: PrivilegeResponseDto[] = result.map((item: any) => 
+        new PrivilegeResponseDto({
+          ...new PrivilegeDto(item),
+          title: item.name
+        })
+      );
src/adapters/postgres/rbac/role-adapter.ts (1)
389-391: Use TypeORM query builder for tenant check.

Replace raw SQL query with TypeORM query builder to maintain consistency and type safety.
 public async checkTenantID(tenantId) {
-  const query = `SELECT "tenantId" FROM public."Tenants"
-      where "tenantId"= $1 `;
-  const response = await this.roleRepository.query(query, [tenantId]);
+  const response = await this.roleRepository
+    .createQueryBuilder('tenant')
+    .select('tenant.tenantId')
+    .from('Tenants', 'tenant')
+    .where('tenant.tenantId = :tenantId', { tenantId })
+    .getRawMany();
   if (response.length > 0) {
     return true;
   }
   return false;
 }
.github/workflows/tekdi-server-deployment.yaml (2)
24-24: Add error handling for .env file creation.

The echo command writing to .env could fail silently. Consider adding error handling.
-               echo '${{ secrets.QA_ENV }}"' > .env
+               if ! echo '${{ secrets.QA_ENV }}"' > .env; then
+                 echo "Failed to create .env file"
+                 exit 1
+               fi
8-9: Add job failure notification.

Consider adding a notification step (e.g., Slack, email) for deployment failures to ensure timely response to issues.

🧰 Tools

🪛 yamllint (1.35.1)

[warning] 8-8: wrong indentation: expected 5 but found 4

(indentation)
manifest/backend.yaml (1)
35-36: Use environment variables for AWS region configuration.

Hard-coding the AWS region reduces flexibility. Consider using environment variables or ConfigMap.
-            value: ap-south-1
+            valueFrom:
+              configMapKeyRef:
+                name: aws-config
+                key: AWS_REGION
package.json (1)
24-31: Align NestJS package versions.

There's inconsistency in NestJS package versions. Some are ^8.0.0 while others are ^8.4.7.

Consider updating all NestJS packages to the same minor version for consistency:
-    "@nestjs/core": "^8.0.0",
+    "@nestjs/core": "^8.4.7",

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7f9c902 and 4e506ab.

⛔ Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (82)

.coderabbit.yaml (1 hunks)
.eslintrc.js (1 hunks)
.github/workflows/dev-pratham-eks-deployment.yaml (3 hunks)
.github/workflows/tekdi-server-deployment.yaml (1 hunks)
manifest/backend.yaml (1 hunks)
package.json (3 hunks)
src/academicyears/academicyears.controller.ts (1 hunks)
src/academicyears/academicyears.module.ts (1 hunks)
src/academicyears/academicyearsadaptor.ts (1 hunks)
src/academicyears/dto/academicyears-create.dto.ts (1 hunks)
src/academicyears/dto/academicyears-search.dto.ts (1 hunks)
src/academicyears/entities/academicyears-entity.ts (1 hunks)
src/adapters/academicyearsservicelocater.ts (1 hunks)
src/adapters/assignprivilegelocater.ts (1 hunks)
src/adapters/assignroleservicelocater.ts (1 hunks)
src/adapters/attendanceservicelocator.ts (0 hunks)
src/adapters/cohortMembersservicelocator.ts (2 hunks)
src/adapters/cohortacademicyearservicelocator.ts (1 hunks)
src/adapters/cohortservicelocator.ts (1 hunks)
src/adapters/configservicelocator.ts (0 hunks)
src/adapters/courseservicelocator.ts (0 hunks)
src/adapters/diksha/dikshaCourse.adapter.ts (0 hunks)
src/adapters/fieldsservicelocator.ts (1 hunks)
src/adapters/hasura/attendance.adapter.ts (0 hunks)
src/adapters/hasura/cohort.adapter.ts (0 hunks)
src/adapters/hasura/cohortMembers.adapter.ts (0 hunks)
src/adapters/hasura/config.adapter.ts (0 hunks)
src/adapters/hasura/courseTracking.adapter.ts (0 hunks)
src/adapters/hasura/fields.adapter.ts (0 hunks)
src/adapters/hasura/hasura.module.ts (0 hunks)
src/adapters/hasura/rbac/assignrole.adapter.ts (0 hunks)
src/adapters/hasura/rbac/privilege.adapter.ts (0 hunks)
src/adapters/hasura/rbac/privilegerole.adapter.ts (0 hunks)
src/adapters/hasura/rbac/role.adapter.ts (0 hunks)
src/adapters/hasura/services/fields.service.ts (0 hunks)
src/adapters/hasura/user.adapter.ts (0 hunks)
src/adapters/hasura/userTenantMapping.adapter.ts (0 hunks)
src/adapters/postgres/academicyears-adapter.ts (1 hunks)
src/adapters/postgres/attendance-adapter.ts (0 hunks)
src/adapters/postgres/cohort-adapter.ts (3 hunks)
src/adapters/postgres/cohortAcademicYear-adapter.ts (1 hunks)
src/adapters/postgres/cohortMembers-adapter.ts (8 hunks)
src/adapters/postgres/fields-adapter.ts (1 hunks)
src/adapters/postgres/postgres-module.ts (1 hunks)
src/adapters/postgres/potsgres-module.ts (0 hunks)
src/adapters/postgres/rbac/assignrole-adapter.ts (9 hunks)
src/adapters/postgres/rbac/privilege-adapter.ts (8 hunks)
src/adapters/postgres/rbac/privilegerole.adapter.ts (1 hunks)
src/adapters/postgres/rbac/role-adapter.ts (9 hunks)
src/adapters/postgres/user-adapter.ts (10 hunks)
src/adapters/postgres/userTenantMapping-adapter.ts (1 hunks)
src/adapters/privilegeservicelocator.ts (1 hunks)
src/adapters/questionservicelocator.ts (0 hunks)
src/adapters/rbacservicelocator.ts (1 hunks)
src/adapters/userservicelocator.ts (2 hunks)
src/adapters/usertenantmappinglocator.ts (1 hunks)
src/app.module.ts (2 hunks)
src/app.service.ts (0 hunks)
src/attendance/attendance.controller.spec.ts (0 hunks)
src/attendance/attendance.controller.ts (0 hunks)
src/attendance/attendance.module.ts (0 hunks)
src/attendance/attendanceadapter.ts (0 hunks)
src/attendance/dto/attendance-date.dto.ts (0 hunks)
src/attendance/dto/attendance-response.dto.ts (0 hunks)
src/attendance/dto/attendance-search.dto.ts (0 hunks)
src/attendance/dto/attendance-stats.dto.ts (0 hunks)
src/attendance/dto/attendance.dto.ts (0 hunks)
src/attendance/entities/attendance.entity.ts (0 hunks)
src/attendance/interfaces/attendance.interface.ts (0 hunks)
src/attendance/utils/file-upload.utils.ts (0 hunks)
src/auth/auth.controller.ts (3 hunks)
src/auth/auth.module.ts (1 hunks)
src/auth/auth.service.ts (4 hunks)
src/authRbac/authRbac.controller.ts (2 hunks)
src/authRbac/authRbac.module.ts (1 hunks)
src/authRbac/authRbac.service.ts (4 hunks)
src/cohort/cohort.controller.ts (6 hunks)
src/cohort/cohort.module.ts (1 hunks)
src/cohort/cohort.service.ts (0 hunks)
src/cohort/cohortadapter.ts (1 hunks)
src/cohort/dto/cohort-create.dto.ts (3 hunks)
src/cohort/dto/cohort-search.dto.ts (5 hunks)

⛔ Files not processed due to max files limit (53)

src/cohort/dto/cohort-update.dto.ts
src/cohort/dto/cohort.dto.ts
src/cohort/dto/query-params.dto.ts
src/cohort/entities/cohort.entity.ts
src/cohort/entities/state.entity.ts
src/cohortAcademicYear/cohortAcademicYear.controller.ts
src/cohortAcademicYear/cohortAcademicYear.module.ts
src/cohortAcademicYear/cohortacademicyearsadaptor.ts
src/cohortAcademicYear/dto/cohort-academicyear.dto.ts
src/cohortAcademicYear/entities/cohortAcademicYear.entity.ts
src/cohortMembers/cohortMembers.controller.ts
src/cohortMembers/cohortMembers.module.ts
src/cohortMembers/cohortMembersadapter.ts
src/cohortMembers/dto/bulkMember-create.dto.ts
src/cohortMembers/dto/cohortMember-update.dto.ts
src/cohortMembers/dto/cohortMembers-search.dto.ts
src/cohortMembers/dto/cohortMembers.dto.ts
src/cohortMembers/entities/cohort-member.entity.ts
src/common-dto/userSegment.dto.ts
src/common/database.module.ts
src/common/decorators/permission.decorator.ts
src/common/filters/exception.filter.ts
src/common/guards/keycloak.guard.ts
src/common/guards/keycloak.strategy.ts
src/common/logger/LoggerUtil.ts
src/common/pipes/date-validation.pipe.ts
src/common/responses/response.ts
src/common/services/upload-file.ts
src/common/utils/api-id.config.ts
src/common/utils/auth-util.ts
src/common/utils/custom-field-validation.ts
src/common/utils/formatTimeConversion.ts
src/common/utils/http-service.ts
src/common/utils/jwt-token.ts
src/common/utils/keycloak.adapter.util.ts
src/common/utils/notification.axios.ts
src/common/utils/response.messages.ts
src/configs/config.controller.spec.ts
src/configs/config.controller.ts
src/configs/configsadapter.ts
src/configs/configuration.module.ts
src/configs/dto/config-search.dto.ts
src/configs/dto/config.dto.ts
src/constants/routeconfig.js
src/course/course.controller.ts
src/course/course.module.ts
src/courseTracking/courseTracking.controller.ts
src/courseTracking/courseTracking.module.ts
src/courseTracking/dto/courseTracking.dto.ts
src/fieldOptions/blocks.json
src/fieldOptions/districts.json
src/fieldOptions/states.json
src/fields/dto/field-values-create.dto.ts

💤 Files with no reviewable changes (35)

src/app.service.ts
src/attendance/dto/attendance-response.dto.ts
src/attendance/interfaces/attendance.interface.ts
src/adapters/postgres/potsgres-module.ts
src/attendance/attendance.controller.spec.ts
src/adapters/hasura/hasura.module.ts
src/adapters/attendanceservicelocator.ts
src/attendance/attendanceadapter.ts
src/adapters/hasura/courseTracking.adapter.ts
src/adapters/courseservicelocator.ts
src/attendance/dto/attendance-date.dto.ts
src/attendance/attendance.module.ts
src/adapters/configservicelocator.ts
src/adapters/hasura/user.adapter.ts
src/adapters/hasura/userTenantMapping.adapter.ts
src/adapters/hasura/config.adapter.ts
src/attendance/entities/attendance.entity.ts
src/adapters/questionservicelocator.ts
src/attendance/attendance.controller.ts
src/adapters/hasura/cohort.adapter.ts
src/adapters/diksha/dikshaCourse.adapter.ts
src/attendance/utils/file-upload.utils.ts
src/adapters/hasura/rbac/assignrole.adapter.ts
src/adapters/postgres/attendance-adapter.ts
src/adapters/hasura/fields.adapter.ts
src/attendance/dto/attendance-search.dto.ts
src/attendance/dto/attendance-stats.dto.ts
src/adapters/hasura/rbac/privilegerole.adapter.ts
src/adapters/hasura/attendance.adapter.ts
src/adapters/hasura/services/fields.service.ts
src/adapters/hasura/rbac/role.adapter.ts
src/adapters/hasura/rbac/privilege.adapter.ts
src/adapters/hasura/cohortMembers.adapter.ts
src/cohort/cohort.service.ts
src/attendance/dto/attendance.dto.ts

✅ Files skipped from review due to trivial changes (7)

.eslintrc.js
src/adapters/rbacservicelocator.ts
src/adapters/usertenantmappinglocator.ts
src/adapters/assignprivilegelocater.ts
src/adapters/postgres/userTenantMapping-adapter.ts
src/adapters/assignroleservicelocater.ts
src/adapters/postgres/rbac/assignrole-adapter.ts

🧰 Additional context used

📓 Path-based instructions (35)

src/academicyears/academicyears.module.ts (1)