refactor(api): update GET /api/tasks/runs documentation and validation#488
refactor(api): update GET /api/tasks/runs documentation and validation#488pradipthaadhi wants to merge 2 commits intotestfrom
Conversation
- Enhanced the documentation for the GET /api/tasks/runs endpoint to clarify the response structure and query parameters, including optional `runId`, `account_id`, and `limit`. - Updated the validation schema for `account_id` to ensure it is a valid UUID, improving error handling for invalid inputs. - Added tests to validate the new behavior for account ID handling, including checks for valid and invalid UUIDs.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning Rate limit exceeded
To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (1)
📝 WalkthroughWalkthroughThe endpoint documentation for Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@lib/tasks/validateGetTaskRunQuery.ts`:
- Around line 15-19: The account_id Zod chain trims after validation causing
UUIDs with surrounding whitespace to fail; change the schema for account_id to
preprocess/trim the raw value before running .uuid() (e.g. use z.preprocess(val
=> typeof val === "string" ? val.trim() : val, z.string().uuid("account_id must
be a valid UUID")). Update the account_id declaration (the current
.string().uuid(...).transform(...) chain) to use this preprocess approach so
trimming happens prior to UUID validation.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 16afaaf9-8ce5-4a26-b424-5b3f7f04a3ae
⛔ Files ignored due to path filters (1)
lib/tasks/__tests__/validateGetTaskRunQuery.test.tsis excluded by!**/*.test.*,!**/__tests__/**and included bylib/**
📒 Files selected for processing (2)
app/api/tasks/runs/route.tslib/tasks/validateGetTaskRunQuery.ts
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
No issues found across 3 files
Confidence score: 5/5
- Automated review surfaced no issues in the provided summaries.
- No files require special attention.
Requires human review: This PR introduces stricter API validation (requiring account_id to be a UUID), which is a potential breaking change for clients and requires verification of existing identifier formats.
Architecture diagram
sequenceDiagram
participant Client
participant Route as API Route (GET /tasks/runs)
participant Auth as validateAuthContext
participant Val as validateGetTaskRunQuery
participant Access as Access Control
participant DB as Task Service
Note over Client,DB: Request Validation & Auth Flow
Client->>Route: GET /api/tasks/runs?account_id={uuid}&runId={id}&limit=20
Route->>Auth: validateAuthContext()
Auth-->>Route: { accountId, authToken }
Route->>Val: validateGetTaskRunQuery(request)
rect rgb(240, 240, 240)
Note right of Val: NEW: Zod UUID Validation
alt account_id is provided AND is not a valid UUID
Val-->>Route: Return 400 Bad Request
Route-->>Client: 400 "account_id must be a valid UUID"
else account_id is valid UUID or missing
Val->>Access: checkIsAdmin(currentAccountId)
Access-->>Val: isAdmin status
opt NOT Admin AND account_id override provided
Val->>Access: CHANGED: validateAccountIdOverride(target, current)
Access-->>Val: Verified accountId
end
Val-->>Route: Validated Query Params (mode: list | single)
end
end
Note over Route,DB: Data Retrieval Flow
alt mode == "single" (runId provided)
Route->>DB: Fetch specific run
alt Run exists
DB-->>Route: Task Run data
Route-->>Client: 200 OK { status: "success", runs: [...] }
else Run not found
DB-->>Route: null
Route-->>Client: 404 Not Found
end
else mode == "list" (runId omitted)
Route->>DB: Fetch recent runs for account (limit: 1-100)
DB-->>Route: Task Runs list
Route-->>Client: 200 OK { status: "success", runs: [...] }
end
…ng test - Simplified the validation schema for `account_id` by combining the transformation and validation into a single line. - Added a test to ensure that whitespace is trimmed from `account_id` before UUID validation, enhancing input handling for the GET /api/tasks/runs endpoint.
1 participant
runId,account_id, andlimit.account_idto ensure it is a valid UUID, improving error handling for invalid inputs.Summary by CodeRabbit
Documentation
GET /api/tasks/runsendpoint documentation with clarified request parameters and response structure detailsBug Fixes