Skip to content

Backend improvements#1857

Merged
Artuomka merged 3 commits into
mainfrom
backend_improvements
Jul 3, 2026
Merged

Backend improvements#1857
Artuomka merged 3 commits into
mainfrom
backend_improvements

Conversation

@Artuomka

@Artuomka Artuomka commented Jul 3, 2026

Copy link
Copy Markdown
Collaborator

Summary by CodeRabbit

  • New Features

    • Added a new AI data endpoint to fetch sample rows from a table.
    • Responses now include row data, total row count, and a large-dataset indicator.
    • Results respect access permissions and only return columns the user can read.
    • Request limits are capped server-side to keep responses small and consistent.
  • Bug Fixes

    • Improved permission handling so unauthorized or unpermitted requests are rejected correctly.

Copilot AI review requested due to automatic review settings July 3, 2026 13:15
@Artuomka Artuomka enabled auto-merge July 3, 2026 13:16
@coderabbitai

coderabbitai Bot commented Jul 3, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

This PR adds a new AGENTS_GET_AI_SAMPLE_ROWS use case that fetches permission-filtered sample rows via a new controller endpoint, DTOs/data structures, and use-case implementation, along with e2e tests. It also separately updates the rocketadmin-private-microservice docker-compose build context and dockerfile path.

Changes

AI Sample Rows Feature

Layer / File(s) Summary
Data contracts, DTOs, and use-case interface
backend/src/common/data-injection.tokens.ts, backend/src/microservices/agents-microservice/data-structures/agents.ds.ts, backend/src/microservices/agents-microservice/data-structures/agents-responses.ds.ts, backend/src/microservices/agents-microservice/dto/agents-ai-data.dtos.ts, backend/src/microservices/agents-microservice/use-cases/agents-use-cases.interface.ts
Adds AGENTS_GET_AI_SAMPLE_ROWS enum member, GetAiSampleRowsDs, AiSampleRowsRO, GetAiSampleRowsDto (with tableName and clamped optional limit), and IGetAiSampleRows interface.
Use case implementation
backend/src/microservices/agents-microservice/use-cases/get-ai-sample-rows.use.case.ts
Implements GetAiSampleRowsUseCase, checking read permissions, deriving readable columns, clamping limit to AI_SAMPLE_ROWS_MAX_LIMIT (5), fetching rows via DAO, and filtering row fields.
Controller endpoint and module wiring
backend/src/microservices/agents-microservice/agents.controller.ts, backend/src/microservices/agents-microservice/agents.module.ts
Adds POST /ai/data/:connectionId/sample-rows endpoint calling the new use case, and registers the provider in AgentsModule.
End-to-end tests
backend/test/ava-tests/non-saas-tests/non-saas-agents-microservice-sample-rows-e2e.test.ts
Adds e2e coverage for response contract, limit clamping, missing-auth rejection, permission enforcement, and readable-column filtering.

Docker Compose Build Context Update

Layer / File(s) Summary
Build context change
docker-compose.yml
Switches rocketadmin-private-microservice build context to ../sitenova and updates the dockerfile path.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant AgentsController
  participant GetAiSampleRowsUseCase
  participant DAO

  Client->>AgentsController: POST /ai/data/:connectionId/sample-rows
  AgentsController->>GetAiSampleRowsUseCase: execute(connectionId, userId, tableName, limit)
  GetAiSampleRowsUseCase->>GetAiSampleRowsUseCase: verify read permission, derive readable columns
  GetAiSampleRowsUseCase->>DAO: fetch first page (limit clamped to 5)
  DAO-->>GetAiSampleRowsUseCase: rows, rowCount, largeDataset
  GetAiSampleRowsUseCase-->>AgentsController: filtered AiSampleRowsRO
  AgentsController-->>Client: 201 AiSampleRowsRO
Loading

Possibly related PRs

Suggested reviewers: gugu, lyubov-voloshko

Poem

A rabbit hops through rows so neat,
Five at a time, a tidy feat 🐇
Columns filtered, permissions checked,
Sample data, safely inspected!
Hop, hop, hooray — ship it, deploy it!

🚥 Pre-merge checks | ✅ 5 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The title is too generic and does not describe the specific backend change, making it hard to infer the PR's main purpose. Rename it to a specific summary, such as adding the AI sample-rows endpoint and related backend support.
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Security Check ✅ Passed PASS: the new endpoint is microservice-JWT protected, validates input, enforces Cedar table/column read checks, clamps results to 5, and filters returned rows.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch backend_improvements

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot requested review from gugu and lyubov-voloshko July 3, 2026 13:17

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a new internal “AI sample rows” capability to the agents microservice (used for AI/website-generation flows), including end-to-end test coverage, and updates the local docker-compose setup for the private microservice build context.

Changes:

  • Added /internal/agents/ai/data/:connectionId/sample-rows endpoint with DTO/DS/RO wiring and a dedicated use case that enforces table + column-level read permissions.
  • Registered the new use case in DI (token + module provider) and updated the agents use-case interface surface.
  • Added an AVA e2e test validating success, limit clamping, missing microservice JWT (401), unauthorized user (403), and column whitelist filtering behavior.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated no comments.

Show a summary per file
File Description
docker-compose.yml Updates build context/dockerfile/env_file paths for the private microservice to point at the sitenova monorepo layout.
backend/test/ava-tests/non-saas-tests/non-saas-agents-microservice-sample-rows-e2e.test.ts New e2e tests for the internal sample-rows endpoint (auth, clamping, permissions, column filtering).
backend/src/microservices/agents-microservice/use-cases/get-ai-sample-rows.use.case.ts Implements sample row retrieval + Cedar-based column filtering and max-limit clamping.
backend/src/microservices/agents-microservice/use-cases/agents-use-cases.interface.ts Adds the IGetAiSampleRows use case interface and related DS/RO imports.
backend/src/microservices/agents-microservice/dto/agents-ai-data.dtos.ts Adds GetAiSampleRowsDto (tableName + optional limit with validation).
backend/src/microservices/agents-microservice/data-structures/agents.ds.ts Adds GetAiSampleRowsDs.
backend/src/microservices/agents-microservice/data-structures/agents-responses.ds.ts Adds AiSampleRowsRO response model for Swagger/docs.
backend/src/microservices/agents-microservice/agents.module.ts Registers the new use case provider under a new DI token.
backend/src/microservices/agents-microservice/agents.controller.ts Adds the new POST route handler for sample rows.
backend/src/common/data-injection.tokens.ts Introduces UseCaseType.AGENTS_GET_AI_SAMPLE_ROWS.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Artuomka Artuomka merged commit 5f55ed3 into main Jul 3, 2026
15 of 17 checks passed
@Artuomka Artuomka deleted the backend_improvements branch July 3, 2026 13:20

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (3)
docker-compose.yml (1)

107-113: 🩺 Stability & Availability | 🔵 Trivial | ⚡ Quick win

Implicit sibling-repo dependency on ../sitenova.

Build context, dockerfile, and env_file now all resolve outside this repository into a sibling ../sitenova checkout. Any contributor or CI runner without that exact directory layout will fail to build/start rocketadmin-private-microservice. Consider documenting this monorepo-layout requirement (e.g., in README/CONTRIBUTING) or adding a setup script/CI step that ensures ../sitenova is present, so the implicit contract isn't silently broken for new environments.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docker-compose.yml` around lines 107 - 113, The docker-compose service for
rocketadmin-private-microservice now depends on a sibling ../sitenova checkout
for context, Dockerfile, and env_file, so make that contract explicit and
enforced. Update the setup/docs path by referencing the compose service config
and rocketadmin-saas Dockerfile.test usage, and add either README/CONTRIBUTING
guidance or a setup/CI check that verifies ../sitenova exists before
build/start. Keep the monorepo layout requirement discoverable for anyone
running this service outside the current directory structure.
backend/test/ava-tests/non-saas-tests/non-saas-agents-microservice-sample-rows-e2e.test.ts (1)

39-42: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Use arrow functions instead of function declarations.

microserviceAuthHeader, userIdFromCookieToken, createConnectionAndTable, and sampleRowsRequest are all declared with function. As per coding guidelines, "Prefer arrow functions over function declarations" for **/*.{js,ts,jsx,tsx} files.

♻️ Example conversion
-function microserviceAuthHeader(): string {
+const microserviceAuthHeader = (): string => {
 	const secret = appConfig.auth.microserviceJwtSecret as string;
 	return `Bearer ${jwt.sign({ request_id: faker.string.uuid() }, secret, { expiresIn: '1h' })}`;
-}
+};

Also applies to: 44-47, 83-112, 114-121

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@backend/test/ava-tests/non-saas-tests/non-saas-agents-microservice-sample-rows-e2e.test.ts`
around lines 39 - 42, The test file uses function declarations where the code
style requires arrow functions; update microserviceAuthHeader,
userIdFromCookieToken, createConnectionAndTable, and sampleRowsRequest to arrow
function expressions. Keep the existing behavior the same while converting each
named function to an arrow function so the declarations align with the project’s
TypeScript/JavaScript coding guidelines.

Source: Coding guidelines

backend/src/microservices/agents-microservice/dto/agents-ai-data.dtos.ts (1)

42-46: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Add @Max to match documented clamp.

The Swagger description states the limit is "Clamped server-side to 5," but only @Min(1) is enforced — there's no @Max validator, so the documented contract isn't reflected in validation (values like 50 pass DTO validation and rely solely on use-case clamping). Not a functional bug since the use case clamps downstream, but the DTO's validation doesn't match its own documentation.

♻️ Proposed fix
 	`@ApiPropertyOptional`({ description: 'Max sample rows to return. Clamped server-side to 5.' })
 	`@IsOptional`()
 	`@IsInt`()
 	`@Min`(1)
+	`@Max`(5)
 	limit?: number;

Also update the import:

-import { IsInt, IsNotEmpty, IsOptional, IsString, IsUUID, Min } from 'class-validator';
+import { IsInt, IsNotEmpty, IsOptional, IsString, IsUUID, Max, Min } from 'class-validator';
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/src/microservices/agents-microservice/dto/agents-ai-data.dtos.ts`
around lines 42 - 46, The DTO field limit in agents-ai-data.dtos.ts documents a
server-side clamp to 5, but the validation only enforces `@Min`(1), so the DTO
contract doesn’t match the Swagger description. Update the limit property in the
relevant DTO class to add `@Max`(5) alongside `@IsOptional`, `@IsInt`, and `@Min`(1),
and make sure the validator import list includes Max so the validation rules and
documentation stay aligned.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@backend/src/microservices/agents-microservice/dto/agents-ai-data.dtos.ts`:
- Around line 42-46: The DTO field limit in agents-ai-data.dtos.ts documents a
server-side clamp to 5, but the validation only enforces `@Min`(1), so the DTO
contract doesn’t match the Swagger description. Update the limit property in the
relevant DTO class to add `@Max`(5) alongside `@IsOptional`, `@IsInt`, and `@Min`(1),
and make sure the validator import list includes Max so the validation rules and
documentation stay aligned.

In
`@backend/test/ava-tests/non-saas-tests/non-saas-agents-microservice-sample-rows-e2e.test.ts`:
- Around line 39-42: The test file uses function declarations where the code
style requires arrow functions; update microserviceAuthHeader,
userIdFromCookieToken, createConnectionAndTable, and sampleRowsRequest to arrow
function expressions. Keep the existing behavior the same while converting each
named function to an arrow function so the declarations align with the project’s
TypeScript/JavaScript coding guidelines.

In `@docker-compose.yml`:
- Around line 107-113: The docker-compose service for
rocketadmin-private-microservice now depends on a sibling ../sitenova checkout
for context, Dockerfile, and env_file, so make that contract explicit and
enforced. Update the setup/docs path by referencing the compose service config
and rocketadmin-saas Dockerfile.test usage, and add either README/CONTRIBUTING
guidance or a setup/CI check that verifies ../sitenova exists before
build/start. Keep the monorepo layout requirement discoverable for anyone
running this service outside the current directory structure.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 19edc4c7-252e-45fb-b8df-26552547d774

📥 Commits

Reviewing files that changed from the base of the PR and between 73b9ffd and 9ed811e.

📒 Files selected for processing (10)
  • backend/src/common/data-injection.tokens.ts
  • backend/src/microservices/agents-microservice/agents.controller.ts
  • backend/src/microservices/agents-microservice/agents.module.ts
  • backend/src/microservices/agents-microservice/data-structures/agents-responses.ds.ts
  • backend/src/microservices/agents-microservice/data-structures/agents.ds.ts
  • backend/src/microservices/agents-microservice/dto/agents-ai-data.dtos.ts
  • backend/src/microservices/agents-microservice/use-cases/agents-use-cases.interface.ts
  • backend/src/microservices/agents-microservice/use-cases/get-ai-sample-rows.use.case.ts
  • backend/test/ava-tests/non-saas-tests/non-saas-agents-microservice-sample-rows-e2e.test.ts
  • docker-compose.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants