Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add drizzle/graphql implementation for community #2866

Merged
merged 1 commit into from
Jan 19, 2025
Merged

add drizzle/graphql implementation for community #2866

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions compose.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,20 @@ services:
# https://docs.docker.com/reference/compose-file/services/#environment
environment:
- API_ADMINISTRATOR_USER_EMAIL_ADDRESS=${API_ADMINISTRATOR_USER_EMAIL_ADDRESS:?error}
- API_ADMINISTRATOR_USER_NAME=${API_ADMINISTRATOR_USER_NAME:?error}
- API_ADMINISTRATOR_USER_PASSWORD=${API_ADMINISTRATOR_USER_PASSWORD:?error}
- API_BASE_URL=${API_BASE_URL:?error}
- API_COMMUNITY_FACEBOOK_URL=${API_COMMUNITY_FACEBOOK_URL:?error}
- API_COMMUNITY_GITHUB_URL=${API_COMMUNITY_GITHUB_URL:?error}
- API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=${API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION:?error}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add validation for inactivity timeout.

The inactivity timeout duration should have a default value and validation.

-      - API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=${API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION:?error}
+      - API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=${API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION:-900}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=${API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION:?error}
- API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=${API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION:-900}

- API_COMMUNITY_INSTAGRAM_URL=${API_COMMUNITY_INSTAGRAM_URL:?error}
- API_COMMUNITY_LINKEDIN_URL=${API_COMMUNITY_LINKEDIN_URL:?error}
- API_COMMUNITY_NAME=${API_COMMUNITY_NAME:?error}
- API_COMMUNITY_REDDIT_URL=${API_COMMUNITY_REDDIT_URL:?error}
- API_COMMUNITY_SLACK_URL=${API_COMMUNITY_SLACK_URL:?error}
- API_COMMUNITY_WEBSITE_URL=${API_COMMUNITY_WEBSITE_URL:?error}
- API_COMMUNITY_X_URL=${API_COMMUNITY_X_URL:?error}
- API_COMMUNITY_YOUTUBE_URL=${API_COMMUNITY_YOUTUBE_URL:?error}
Comment on lines +39 to +49
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Consider default values for optional URLs.

Social media URLs should be optional with empty string defaults instead of being required.

-      - API_COMMUNITY_FACEBOOK_URL=${API_COMMUNITY_FACEBOOK_URL:?error}
+      - API_COMMUNITY_FACEBOOK_URL=${API_COMMUNITY_FACEBOOK_URL:-}
-      - API_COMMUNITY_GITHUB_URL=${API_COMMUNITY_GITHUB_URL:?error}
+      - API_COMMUNITY_GITHUB_URL=${API_COMMUNITY_GITHUB_URL:-}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- API_COMMUNITY_FACEBOOK_URL=${API_COMMUNITY_FACEBOOK_URL:?error}
- API_COMMUNITY_GITHUB_URL=${API_COMMUNITY_GITHUB_URL:?error}
- API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=${API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION:?error}
- API_COMMUNITY_INSTAGRAM_URL=${API_COMMUNITY_INSTAGRAM_URL:?error}
- API_COMMUNITY_LINKEDIN_URL=${API_COMMUNITY_LINKEDIN_URL:?error}
- API_COMMUNITY_NAME=${API_COMMUNITY_NAME:?error}
- API_COMMUNITY_REDDIT_URL=${API_COMMUNITY_REDDIT_URL:?error}
- API_COMMUNITY_SLACK_URL=${API_COMMUNITY_SLACK_URL:?error}
- API_COMMUNITY_WEBSITE_URL=${API_COMMUNITY_WEBSITE_URL:?error}
- API_COMMUNITY_X_URL=${API_COMMUNITY_X_URL:?error}
- API_COMMUNITY_YOUTUBE_URL=${API_COMMUNITY_YOUTUBE_URL:?error}
- API_COMMUNITY_FACEBOOK_URL=${API_COMMUNITY_FACEBOOK_URL:-}
- API_COMMUNITY_GITHUB_URL=${API_COMMUNITY_GITHUB_URL:-}
- API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=${API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION:?error}
- API_COMMUNITY_INSTAGRAM_URL=${API_COMMUNITY_INSTAGRAM_URL:-}
- API_COMMUNITY_LINKEDIN_URL=${API_COMMUNITY_LINKEDIN_URL:-}
- API_COMMUNITY_NAME=${API_COMMUNITY_NAME:?error}
- API_COMMUNITY_REDDIT_URL=${API_COMMUNITY_REDDIT_URL:-}
- API_COMMUNITY_SLACK_URL=${API_COMMUNITY_SLACK_URL:-}
- API_COMMUNITY_WEBSITE_URL=${API_COMMUNITY_WEBSITE_URL:-}
- API_COMMUNITY_X_URL=${API_COMMUNITY_X_URL:-}
- API_COMMUNITY_YOUTUBE_URL=${API_COMMUNITY_YOUTUBE_URL:-}

Comment on lines +44 to +49
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Consider client-side configuration.

Based on the PR comments, storing community data in the database may introduce unnecessary complexity. Consider:

  1. Moving these configurations to client-side environment variables
  2. Using a static configuration file
  3. Implementing a caching mechanism to reduce API calls

- API_HOST=${API_HOST:?error}
- API_IS_APPLY_DRIZZLE_MIGRATIONS=${API_IS_APPLY_DRIZZLE_MIGRATIONS:?error}
- API_IS_GRAPHIQL=${API_IS_GRAPHIQL:?error}
Expand Down
48 changes: 48 additions & 0 deletions documentation/environment_variables.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ At runtime, talawa api requires certain environment variables to be defined in i

This environment variable is used to configure the email address for the administrator user that talawa-api will make sure exists in the database at the time of server startup.

## API_ADMINISTRATOR_USER_NAME

This environment variable is used to configure the name for the administrator user that talawa-api will make sure exists in the database at the time of server startup.

## API_ADMINISTRATOR_USER_PASSWORD

This environment variable is used to configure the password for the administrator user that talawa-api will make sure exists in the database at the time of server startup.
Expand All @@ -22,6 +26,50 @@ This environment variable is used to configure the password for the administrato

This environment variable is used to configure the base url of the talawa api at runtime that clients making requests to the talawa api will make use of.

## API_COMMUNITY_FACEBOOK_URL

This environment variable is used to configure the url to the [facebook](https://facebook.com) account of the community.

## API_COMMUNITY_GITHUB_URL

This environment variable is used to configure the url to the [github](https://github.com) account of the community.

## API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION

This environment variable is used to configure the duration in seconds it should take for inactive clients to get timed out of their authenticated session within client-side talawa applications.

Comment on lines +37 to +40
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Specify timeout duration constraints and security implications.

The documentation for API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION should include:

  1. Minimum and maximum allowed values
  2. Default value if not specified
  3. Security implications of very short/long timeouts
  4. Unit of measurement (seconds)

## API_COMMUNITY_INSTAGRAM_URL

This environment variable is used to configure the url to the [instagram](https://instagram.com) account of the community.

## API_COMMUNITY_LINKEDIN_URL

This environment variable is used to configure the url to the [linkedin](https://linkedin.com) account of the community.

## API_COMMUNITY_NAME

This environment variable is used to configure the name of the community.

Comment on lines +49 to +52
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Document community name constraints.

The documentation for API_COMMUNITY_NAME should specify:

  1. Maximum/minimum length requirements
  2. Allowed characters and format
  3. Whether this is a required field
  4. Impact on existing data if changed

## API_COMMUNITY_REDDIT_URL

This environment variable is used to configure the url to the [reddit](https://reddit.com) account of the community.

## API_COMMUNITY_SLACK_URL

This environment variable is used to configure the url to the [slack](https://slack.com) account of the community.

## API_COMMUNITY_WEBSITE_URL

This environment variable is used to configure the url to the website of the community.

## API_COMMUNITY_X_URL

This environment variable is used to configure the url to the [x](https://x.com) account of the community.

## API_COMMUNITY_YOUTUBE_URL

This environment variable is used to configure the url to the [youtube](https://youtube.com) account of the community.
Comment on lines +31 to +71
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Enhance documentation with validation rules.

For URL configurations, the documentation should specify:

  1. URL format validation rules
  2. Required URL protocols (http/https)
  3. Maximum length constraints
  4. Error handling when URLs are invalid


Comment on lines +29 to +72
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add URL validation rules and constraints.

For all URL-related environment variables (Facebook, GitHub, Instagram, etc.), the documentation should specify:

  1. Required URL format and validation rules
  2. Allowed protocols (http/https)
  3. Maximum length constraints
  4. Error handling behavior for invalid URLs

🧹 Nitpick (assertive)

Consider client-side configuration based on PR feedback.

Based on the author's concerns in the PR comments, storing community data in the database might introduce unnecessary complexity. Consider:

  1. Moving these configurations to client-side environment variables
  2. Using a static configuration file
  3. Implementing a caching mechanism to reduce API calls

This aligns with the author's concerns about:

  • Unnecessary database storage
  • Extra API calls for sign-in/sign-up pages
  • Deployment complexity

## API_DEBUGGER_HOST

This environment variable is used to configure the host ip that can access the host port on which talawa api debugger listens to at runtime.
Expand Down
22 changes: 22 additions & 0 deletions .../20250117125402_luxuriant_starjammers.sql → ...migrations/20250118150033_needy_tigra.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,27 @@ CREATE TABLE "comments" (
"updated_at" timestamp (3) with time zone
);
--> statement-breakpoint
CREATE TABLE "communities" (
"created_at" timestamp (3) with time zone DEFAULT now() NOT NULL,
"facebook_url" text,
"github_url" text,
"id" uuid PRIMARY KEY NOT NULL,
"inactivity_timeout_duration" integer,
"instagram_url" text,
"linkedin_url" text,
"logo_mime_type" text,
"logo_name" text,
"name" text NOT NULL,
"reddit_url" text,
"slack_url" text,
"updated_at" timestamp (3) with time zone,
"updater_id" uuid,
"website_url" text,
"x_url" text,
"youtube_url" text,
CONSTRAINT "communities_name_unique" UNIQUE("name")
);
Comment on lines +134 to +153
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Add indexes for frequently queried fields.

Consider adding indexes for fields that will be frequently used in queries, such as inactivity_timeout_duration and social media URLs if they'll be used in searches.

CREATE INDEX "communities_inactivity_timeout_duration_index" ON "communities" USING btree ("inactivity_timeout_duration");
🧰 Tools
🪛 GitHub Actions: Pull request workflow

[error] Unauthorized changes detected in sensitive file. Requires 'ignore-sensitive-files-pr' label to proceed.

--> statement-breakpoint
CREATE TABLE "event_attachments" (
"created_at" timestamp (3) with time zone DEFAULT now() NOT NULL,
"creator_id" uuid,
Expand Down Expand Up @@ -434,6 +455,7 @@ ALTER TABLE "comment_votes" ADD CONSTRAINT "comment_votes_creator_id_users_id_fk
ALTER TABLE "comment_votes" ADD CONSTRAINT "comment_votes_updated_id_users_id_fk" FOREIGN KEY ("updated_id") REFERENCES "public"."users"("id") ON DELETE set null ON UPDATE cascade;--> statement-breakpoint
ALTER TABLE "comments" ADD CONSTRAINT "comments_creator_id_users_id_fk" FOREIGN KEY ("creator_id") REFERENCES "public"."users"("id") ON DELETE set null ON UPDATE cascade;--> statement-breakpoint
ALTER TABLE "comments" ADD CONSTRAINT "comments_post_id_posts_id_fk" FOREIGN KEY ("post_id") REFERENCES "public"."posts"("id") ON DELETE cascade ON UPDATE cascade;--> statement-breakpoint
ALTER TABLE "communities" ADD CONSTRAINT "communities_updater_id_users_id_fk" FOREIGN KEY ("updater_id") REFERENCES "public"."users"("id") ON DELETE set null ON UPDATE cascade;--> statement-breakpoint
ALTER TABLE "event_attachments" ADD CONSTRAINT "event_attachments_creator_id_users_id_fk" FOREIGN KEY ("creator_id") REFERENCES "public"."users"("id") ON DELETE set null ON UPDATE cascade;--> statement-breakpoint
ALTER TABLE "event_attachments" ADD CONSTRAINT "event_attachments_event_id_events_id_fk" FOREIGN KEY ("event_id") REFERENCES "public"."events"("id") ON DELETE cascade ON UPDATE cascade;--> statement-breakpoint
ALTER TABLE "event_attachments" ADD CONSTRAINT "event_attachments_updater_id_users_id_fk" FOREIGN KEY ("updater_id") REFERENCES "public"."users"("id") ON DELETE set null ON UPDATE cascade;--> statement-breakpoint
Expand Down
140 changes: 139 additions & 1 deletion ...rations/meta/20250117125402_snapshot.json → ...rations/meta/20250118150033_snapshot.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"id": "8b540cae-733e-4236-8c28-4e714421d86c",
"id": "32df2a89-a895-4c5d-a4dc-cc8413ee818f",
"prevId": "00000000-0000-0000-0000-000000000000",
"version": "7",
"dialect": "postgresql",
Expand Down Expand Up @@ -2048,6 +2048,144 @@
"checkConstraints": {},
"isRLSEnabled": false
},
"public.communities": {
"name": "communities",
"schema": "",
"columns": {
"created_at": {
"name": "created_at",
"type": "timestamp (3) with time zone",
"primaryKey": false,
"notNull": true,
"default": "now()"
},
"facebook_url": {
"name": "facebook_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"github_url": {
"name": "github_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"id": {
"name": "id",
"type": "uuid",
"primaryKey": true,
"notNull": true
},
"inactivity_timeout_duration": {
"name": "inactivity_timeout_duration",
"type": "integer",
"primaryKey": false,
"notNull": false
},
Comment on lines +2080 to +2085
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add constraints for inactivity_timeout_duration.

The inactivity_timeout_duration field should have:

  1. A CHECK constraint for minimum value (e.g., >= 0)
  2. A CHECK constraint for maximum value to prevent unreasonable timeouts

Apply this diff to add constraints:

      "checkConstraints": {
+        "communities_inactivity_timeout_duration_check": {
+          "name": "communities_inactivity_timeout_duration_check",
+          "expression": "inactivity_timeout_duration >= 0 AND inactivity_timeout_duration <= 86400"
+        }
      },

Committable suggestion skipped: line range outside the PR's diff.

"instagram_url": {
"name": "instagram_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"linkedin_url": {
"name": "linkedin_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"logo_mime_type": {
"name": "logo_mime_type",
"type": "text",
"primaryKey": false,
"notNull": false
},
"logo_name": {
"name": "logo_name",
"type": "text",
"primaryKey": false,
"notNull": false
},
"name": {
"name": "name",
"type": "text",
"primaryKey": false,
"notNull": true
},
"reddit_url": {
"name": "reddit_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"slack_url": {
"name": "slack_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"updated_at": {
"name": "updated_at",
"type": "timestamp (3) with time zone",
"primaryKey": false,
"notNull": false
},
"updater_id": {
"name": "updater_id",
"type": "uuid",
"primaryKey": false,
"notNull": false
},
"website_url": {
"name": "website_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"x_url": {
"name": "x_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"youtube_url": {
"name": "youtube_url",
"type": "text",
"primaryKey": false,
"notNull": false
}
Comment on lines +2062 to +2157
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Add URL field validations.

All URL fields (facebook_url, github_url, etc.) should have:

  1. CHECK constraints for valid URL formats
  2. Maximum length constraints

Apply this diff to add URL validation:

      "checkConstraints": {
+        "communities_facebook_url_check": {
+          "name": "communities_facebook_url_check",
+          "expression": "facebook_url ~ '^https?://([^/]+\\.)?facebook\\.com/.*$'"
+        },
+        "communities_github_url_check": {
+          "name": "communities_github_url_check",
+          "expression": "github_url ~ '^https?://([^/]+\\.)?github\\.com/.*$'"
+        }
      },

Committable suggestion skipped: line range outside the PR's diff.

},
"indexes": {},
"foreignKeys": {
"communities_updater_id_users_id_fk": {
"name": "communities_updater_id_users_id_fk",
"tableFrom": "communities",
"tableTo": "users",
"columnsFrom": [
"updater_id"
],
"columnsTo": [
"id"
],
"onDelete": "set null",
"onUpdate": "cascade"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"communities_name_unique": {
"name": "communities_name_unique",
"nullsNotDistinct": false,
"columns": [
"name"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
Comment on lines +2051 to +2188
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add indexes for frequently queried fields.

The communities table lacks indexes on fields that are likely to be frequently queried.

Add indexes for:

  1. created_at - for chronological sorting
  2. updated_at - for change tracking
  3. inactivity_timeout_duration - for timeout queries

Apply this diff to add indexes:

      "indexes": {
+        "communities_created_at_index": {
+          "name": "communities_created_at_index",
+          "columns": [
+            {
+              "expression": "created_at",
+              "isExpression": false,
+              "asc": true,
+              "nulls": "last"
+            }
+          ],
+          "isUnique": false,
+          "concurrently": false,
+          "method": "btree",
+          "with": {}
+        },
+        "communities_updated_at_index": {
+          "name": "communities_updated_at_index",
+          "columns": [
+            {
+              "expression": "updated_at",
+              "isExpression": false,
+              "asc": true,
+              "nulls": "last"
+            }
+          ],
+          "isUnique": false,
+          "concurrently": false,
+          "method": "btree",
+          "with": {}
+        },
+        "communities_inactivity_timeout_duration_index": {
+          "name": "communities_inactivity_timeout_duration_index",
+          "columns": [
+            {
+              "expression": "inactivity_timeout_duration",
+              "isExpression": false,
+              "asc": true,
+              "nulls": "last"
+            }
+          ],
+          "isUnique": false,
+          "concurrently": false,
+          "method": "btree",
+          "with": {}
+        }
      },
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"public.communities": {
"name": "communities",
"schema": "",
"columns": {
"created_at": {
"name": "created_at",
"type": "timestamp (3) with time zone",
"primaryKey": false,
"notNull": true,
"default": "now()"
},
"facebook_url": {
"name": "facebook_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"github_url": {
"name": "github_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"id": {
"name": "id",
"type": "uuid",
"primaryKey": true,
"notNull": true
},
"inactivity_timeout_duration": {
"name": "inactivity_timeout_duration",
"type": "integer",
"primaryKey": false,
"notNull": false
},
"instagram_url": {
"name": "instagram_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"linkedin_url": {
"name": "linkedin_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"logo_mime_type": {
"name": "logo_mime_type",
"type": "text",
"primaryKey": false,
"notNull": false
},
"logo_name": {
"name": "logo_name",
"type": "text",
"primaryKey": false,
"notNull": false
},
"name": {
"name": "name",
"type": "text",
"primaryKey": false,
"notNull": true
},
"reddit_url": {
"name": "reddit_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"slack_url": {
"name": "slack_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"updated_at": {
"name": "updated_at",
"type": "timestamp (3) with time zone",
"primaryKey": false,
"notNull": false
},
"updater_id": {
"name": "updater_id",
"type": "uuid",
"primaryKey": false,
"notNull": false
},
"website_url": {
"name": "website_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"x_url": {
"name": "x_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"youtube_url": {
"name": "youtube_url",
"type": "text",
"primaryKey": false,
"notNull": false
}
},
"indexes": {},
"foreignKeys": {
"communities_updater_id_users_id_fk": {
"name": "communities_updater_id_users_id_fk",
"tableFrom": "communities",
"tableTo": "users",
"columnsFrom": [
"updater_id"
],
"columnsTo": [
"id"
],
"onDelete": "set null",
"onUpdate": "cascade"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"communities_name_unique": {
"name": "communities_name_unique",
"nullsNotDistinct": false,
"columns": [
"name"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.communities": {
"name": "communities",
"schema": "",
"columns": {
"created_at": {
"name": "created_at",
"type": "timestamp (3) with time zone",
"primaryKey": false,
"notNull": true,
"default": "now()"
},
"facebook_url": {
"name": "facebook_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"github_url": {
"name": "github_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"id": {
"name": "id",
"type": "uuid",
"primaryKey": true,
"notNull": true
},
"inactivity_timeout_duration": {
"name": "inactivity_timeout_duration",
"type": "integer",
"primaryKey": false,
"notNull": false
},
"instagram_url": {
"name": "instagram_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"linkedin_url": {
"name": "linkedin_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"logo_mime_type": {
"name": "logo_mime_type",
"type": "text",
"primaryKey": false,
"notNull": false
},
"logo_name": {
"name": "logo_name",
"type": "text",
"primaryKey": false,
"notNull": false
},
"name": {
"name": "name",
"type": "text",
"primaryKey": false,
"notNull": true
},
"reddit_url": {
"name": "reddit_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"slack_url": {
"name": "slack_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"updated_at": {
"name": "updated_at",
"type": "timestamp (3) with time zone",
"primaryKey": false,
"notNull": false
},
"updater_id": {
"name": "updater_id",
"type": "uuid",
"primaryKey": false,
"notNull": false
},
"website_url": {
"name": "website_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"x_url": {
"name": "x_url",
"type": "text",
"primaryKey": false,
"notNull": false
},
"youtube_url": {
"name": "youtube_url",
"type": "text",
"primaryKey": false,
"notNull": false
}
},
"indexes": {
"communities_created_at_index": {
"name": "communities_created_at_index",
"columns": [
{
"expression": "created_at",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
},
"communities_updated_at_index": {
"name": "communities_updated_at_index",
"columns": [
{
"expression": "updated_at",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
},
"communities_inactivity_timeout_duration_index": {
"name": "communities_inactivity_timeout_duration_index",
"columns": [
{
"expression": "inactivity_timeout_duration",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {
"communities_updater_id_users_id_fk": {
"name": "communities_updater_id_users_id_fk",
"tableFrom": "communities",
"tableTo": "users",
"columnsFrom": [
"updater_id"
],
"columnsTo": [
"id"
],
"onDelete": "set null",
"onUpdate": "cascade"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"communities_name_unique": {
"name": "communities_name_unique",
"nullsNotDistinct": false,
"columns": [
"name"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
🧰 Tools
🪛 GitHub Actions: Pull request workflow

[error] Unauthorized changes detected in sensitive file. Requires 'ignore-sensitive-files-pr' label to proceed.

"public.event_attachments": {
"name": "event_attachments",
"schema": "",
Expand Down
4 changes: 2 additions & 2 deletions drizzle_migrations/meta/_journal.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
{
"idx": 0,
"version": "7",
"when": 1737118442781,
"tag": "20250117125402_luxuriant_starjammers",
"when": 1737212433966,
"tag": "20250118150033_needy_tigra",
Comment on lines +8 to +9
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add required label for sensitive file changes.

The pipeline is failing because this file is considered sensitive and requires the 'ignore-sensitive-files-pr' label to proceed.

Please add the 'ignore-sensitive-files-pr' label to the PR to allow changes to sensitive files.

🧰 Tools
🪛 GitHub Actions: Pull request workflow

[error] Unauthorized changes detected in sensitive file. Requires 'ignore-sensitive-files-pr' label to proceed.

"breakpoints": true
}
]
Expand Down
12 changes: 12 additions & 0 deletions envFiles/.env.ci
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,20 @@
########## talawa api ##########

[email protected]
API_ADMINISTRATOR_USER_NAME=administrator
API_ADMINISTRATOR_USER_PASSWORD=password
API_BASE_URL=http://127.0.0.1:4000
API_COMMUNITY_FACEBOOK_URL=https://facebook.com
API_COMMUNITY_GITHUB_URL=https://github.com
API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=900
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Consider documenting the inactivity timeout duration.

The timeout duration of 900 seconds (15 minutes) seems reasonable, but it would be helpful to document why this specific duration was chosen.

API_COMMUNITY_INSTAGRAM_URL=https://instagram.com
API_COMMUNITY_LINKEDIN_URL=https://linkedin.com
API_COMMUNITY_NAME=talawa
API_COMMUNITY_REDDIT_URL=https://reddit.com
API_COMMUNITY_SLACK_URL=https://slack.com
API_COMMUNITY_WEBSITE_URL=https://docs.talawa.com
API_COMMUNITY_X_URL=https://x.com
API_COMMUNITY_YOUTUBE_URL=https://youtube.com
Comment on lines +7 to +17
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Consider using placeholder domains for social media URLs.

Instead of using actual domain names like facebook.com, consider using placeholder domains (e.g., example.com) to avoid any potential trademark issues in test configurations.

-API_COMMUNITY_FACEBOOK_URL=https://facebook.com
-API_COMMUNITY_GITHUB_URL=https://github.com
-API_COMMUNITY_INSTAGRAM_URL=https://instagram.com
-API_COMMUNITY_LINKEDIN_URL=https://linkedin.com
-API_COMMUNITY_REDDIT_URL=https://reddit.com
-API_COMMUNITY_SLACK_URL=https://slack.com
-API_COMMUNITY_X_URL=https://x.com
-API_COMMUNITY_YOUTUBE_URL=https://youtube.com
+API_COMMUNITY_FACEBOOK_URL=https://example.com/facebook
+API_COMMUNITY_GITHUB_URL=https://example.com/github
+API_COMMUNITY_INSTAGRAM_URL=https://example.com/instagram
+API_COMMUNITY_LINKEDIN_URL=https://example.com/linkedin
+API_COMMUNITY_REDDIT_URL=https://example.com/reddit
+API_COMMUNITY_SLACK_URL=https://example.com/slack
+API_COMMUNITY_X_URL=https://example.com/x
+API_COMMUNITY_YOUTUBE_URL=https://example.com/youtube
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
API_COMMUNITY_FACEBOOK_URL=https://facebook.com
API_COMMUNITY_GITHUB_URL=https://github.com
API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=900
API_COMMUNITY_INSTAGRAM_URL=https://instagram.com
API_COMMUNITY_LINKEDIN_URL=https://linkedin.com
API_COMMUNITY_NAME=talawa
API_COMMUNITY_REDDIT_URL=https://reddit.com
API_COMMUNITY_SLACK_URL=https://slack.com
API_COMMUNITY_WEBSITE_URL=https://docs.talawa.com
API_COMMUNITY_X_URL=https://x.com
API_COMMUNITY_YOUTUBE_URL=https://youtube.com
API_COMMUNITY_FACEBOOK_URL=https://example.com/facebook
API_COMMUNITY_GITHUB_URL=https://example.com/github
API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=900
API_COMMUNITY_INSTAGRAM_URL=https://example.com/instagram
API_COMMUNITY_LINKEDIN_URL=https://example.com/linkedin
API_COMMUNITY_NAME=talawa
API_COMMUNITY_REDDIT_URL=https://example.com/reddit
API_COMMUNITY_SLACK_URL=https://example.com/slack
API_COMMUNITY_WEBSITE_URL=https://docs.talawa.com
API_COMMUNITY_X_URL=https://example.com/x
API_COMMUNITY_YOUTUBE_URL=https://example.com/youtube

API_HOST=0.0.0.0
API_IS_APPLY_DRIZZLE_MIGRATIONS=true
API_IS_GRAPHIQL=false
Expand Down
12 changes: 12 additions & 0 deletions envFiles/.env.devcontainer
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,20 @@
########## talawa api ##########

[email protected]
API_ADMINISTRATOR_USER_NAME=administrator
API_ADMINISTRATOR_USER_PASSWORD=password
API_BASE_URL=http://127.0.0.1:4000
API_COMMUNITY_FACEBOOK_URL=https://facebook.com
API_COMMUNITY_GITHUB_URL=https://github.com
API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=900
API_COMMUNITY_INSTAGRAM_URL=https://instagram.com
API_COMMUNITY_LINKEDIN_URL=https://linkedin.com
API_COMMUNITY_NAME=talawa
API_COMMUNITY_REDDIT_URL=https://reddit.com
API_COMMUNITY_SLACK_URL=https://slack.com
API_COMMUNITY_WEBSITE_URL=https://docs.talawa.com
API_COMMUNITY_X_URL=https://x.com
API_COMMUNITY_YOUTUBE_URL=https://youtube.com
API_DEBUGGER_HOST=0.0.0.0
API_DEBUGGER_PORT=9229
API_HOST=0.0.0.0
Expand Down
14 changes: 13 additions & 1 deletion envFiles/.env.production
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,20 @@
########## talawa api ##########

[email protected]
API_ADMINISTRATOR_USER_EMAIL_ADDRESS=
API_ADMINISTRATOR_USER_NAME=
Comment on lines +3 to +4
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Production environment is missing critical security credentials

Empty administrator credentials in .env.production pose a security risk. Additionally, other sensitive credentials (JWT secret, database passwords) are also empty, which could compromise the system's security.

  • Set secure values for API_ADMINISTRATOR_USER_EMAIL_ADDRESS and API_ADMINISTRATOR_USER_NAME
  • Ensure all other sensitive credentials are properly configured in production
🔗 Analysis chain

Validate administrator credentials.

Empty values for administrator credentials in production environment could lead to security issues.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if administrator credentials are properly set in other environment files
rg "API_ADMINISTRATOR_USER_" envFiles/ -A 1

Length of output: 43

Script:

#!/bin/bash
# List all files in envFiles directory
ls -la envFiles/

# Search with a more flexible pattern including hidden files
find envFiles/ -type f -exec grep -l "API_ADMINISTRATOR" {} \;

# Try to get content of any .env files
cat envFiles/.env* 2>/dev/null || true

Length of output: 7916

API_ADMINISTRATOR_USER_PASSWORD=
API_BASE_URL=
API_COMMUNITY_FACEBOOK_URL=
API_COMMUNITY_GITHUB_URL=
API_COMMUNITY_INACTIVITY_TIMEOUT_DURATION=900
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Make timeout duration configurable.

The inactivity timeout duration is hardcoded to 900 seconds (15 minutes). Consider:

  1. Making this value configurable based on deployment needs
  2. Adding validation for minimum/maximum values

API_COMMUNITY_INSTAGRAM_URL=
API_COMMUNITY_LINKEDIN_URL=
API_COMMUNITY_NAME=
API_COMMUNITY_REDDIT_URL=
API_COMMUNITY_SLACK_URL=
API_COMMUNITY_WEBSITE_URL=
API_COMMUNITY_X_URL=
API_COMMUNITY_YOUTUBE_URL=
Comment on lines +7 to +17
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick (assertive)

Consider security implications of community URLs.

The community-related URLs are exposed in environment variables. Consider:

  1. Adding URL format validation
  2. Implementing rate limiting for these endpoints
  3. Adding security headers when redirecting to these URLs

API_HOST=0.0.0.0
API_IS_APPLY_DRIZZLE_MIGRATIONS=true
API_IS_GRAPHIQL=false
Expand Down
4 changes: 2 additions & 2 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
"@swc/cli": "0.6.0",
"@swc/core": "^1.10.7",
"@types/node": "^22.10.7",
"@vitest/coverage-v8": "^3.0.1",
"@vitest/coverage-v8": "^3.0.2",
"drizzle-kit": "^0.30.2",
"drizzle-seed": "^0.3.0",
"gql.tada": "^1.8.10",
Expand All @@ -48,7 +48,7 @@
"tsx": "^4.19.2",
"typescript": "^5.7.3",
"vite-tsconfig-paths": "^5.1.4",
"vitest": "^3.0.1"
"vitest": "^3.0.2"
},
"engines": {
"node": "22.13.0"
Expand Down
Loading
Loading