feat: add GET /api/admins/agent-signups endpoint#428
feat: add GET /api/admins/agent-signups endpoint#428recoup-coding-agent wants to merge 1 commit intotestfrom
Conversation
New admin endpoint that returns API key sign-up records created by AI agents, identified by the agent+ email prefix. Supports period filtering (all, daily, weekly, monthly) for time-series analysis. Includes handler, validation, Supabase query, and tests. Co-Authored-By: Paperclip <noreply@paperclip.ing>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 29 minutes and 54 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (5)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
2 issues found across 6 files
Confidence score: 3/5
- There is some merge risk because
lib/supabase/account_api_keys/getAgentSignups.tshas a concrete behavior mismatch (returning[]instead ofnullon error) with high confidence, which can hide database failures as valid empty results. - The test maintainability note in
lib/admins/agent-signups/__tests__/getAgentSignupsHandler.test.tsis lower severity and non-blocking, but it adds minor cleanup debt rather than runtime risk. - Pay close attention to
lib/supabase/account_api_keys/getAgentSignups.tsandlib/admins/agent-signups/__tests__/getAgentSignupsHandler.test.ts- align error-return semantics with the project pattern and consider splitting the oversized test file.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="lib/admins/agent-signups/__tests__/getAgentSignupsHandler.test.ts">
<violation number="1" location="lib/admins/agent-signups/__tests__/getAgentSignupsHandler.test.ts:1">
P2: Custom agent: **Enforce Clear Code Style and Maintainability Practices**
Split this test file into smaller specs; it exceeds the 100-line file limit.</violation>
</file>
<file name="lib/supabase/account_api_keys/getAgentSignups.ts">
<violation number="1" location="lib/supabase/account_api_keys/getAgentSignups.ts:32">
P2: Function returns `[]` on error, deviating from the project's documented Supabase query pattern which returns `null` on error. This prevents callers from distinguishing a database failure from an empty result set — an admin monitoring endpoint should surface errors, not hide them.</violation>
</file>
Architecture diagram
sequenceDiagram
participant Client as Admin Client
participant Route as Next.js API Route
participant Auth as Admin Auth Service
participant Logic as Request Handler
participant DB as Supabase Client
Note over Client, DB: NEW: Agent Signup Tracking Flow
Client->>Route: GET /api/admins/agent-signups?period=daily
Route->>Logic: getAgentSignupsHandler(request)
Logic->>Auth: NEW: validateAdminAuth(request)
alt Unauthorized or Not Admin
Auth-->>Client: 401 / 403 Error
else Authorized Admin
Auth-->>Logic: Auth Context
Logic->>Logic: NEW: validateGetAgentSignupsQuery()
opt Invalid period param
Logic-->>Client: 400 Bad Request
end
Logic->>Logic: NEW: getCutoffDate(period)
Note right of Logic: Calculates UTC midnight boundaries
Logic->>DB: NEW: getAgentSignups(cutoffDate)
DB->>DB: Build Query
Note right of DB: JOIN account_api_keys -> accounts -> account_emails<br/>FILTER email LIKE 'agent+%'
alt Database Success
DB-->>Logic: AgentSignupRow[]
Logic-->>Client: 200 OK + JSON { status, total, signups }
else Database/Server Error
DB-->>Logic: Error
Logic-->>Client: 500 Internal Server Error
end
end
Note over Client, Route: OPTIONS request returns CORS headers via getCorsHeaders()
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.
| @@ -0,0 +1,153 @@ | |||
| import { describe, it, expect, vi, beforeEach } from "vitest"; | |||
There was a problem hiding this comment.
P2: Custom agent: Enforce Clear Code Style and Maintainability Practices
Split this test file into smaller specs; it exceeds the 100-line file limit.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At lib/admins/agent-signups/__tests__/getAgentSignupsHandler.test.ts, line 1:
<comment>Split this test file into smaller specs; it exceeds the 100-line file limit.</comment>
<file context>
@@ -0,0 +1,153 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { NextRequest } from "next/server";
+
</file context>
|
|
||
| if (error) { | ||
| console.error("Error fetching agent signups:", error); | ||
| return []; |
There was a problem hiding this comment.
P2: Function returns [] on error, deviating from the project's documented Supabase query pattern which returns null on error. This prevents callers from distinguishing a database failure from an empty result set — an admin monitoring endpoint should surface errors, not hide them.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At lib/supabase/account_api_keys/getAgentSignups.ts, line 32:
<comment>Function returns `[]` on error, deviating from the project's documented Supabase query pattern which returns `null` on error. This prevents callers from distinguishing a database failure from an empty result set — an admin monitoring endpoint should surface errors, not hide them.</comment>
<file context>
@@ -0,0 +1,47 @@
+
+ if (error) {
+ console.error("Error fetching agent signups:", error);
+ return [];
+ }
+
</file context>
1 participant
Summary
GET /api/admins/agent-signupsendpoint for tracking agent API key signupsaccount_api_keysjoined withaccount_emailsfiltering byagent+email prefixTest plan
🤖 Generated with Claude Code
Summary by cubic
Adds an admin endpoint to list agent-created API key signups, with period filtering to analyze trends. Helps admins track agent adoption and enforce access control.
GET /api/admins/agent-signups: returns{ status, total, signups }.?period=all|daily|weekly|monthly(UTC midnight cutoffs).OPTIONSwith CORS headers included.agent+%.Written for commit 767ee81. Summary will update on new commits.