Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PLA-1936] fix metadata fetching #153

Merged
merged 2 commits into from
Aug 12, 2024
Merged

[PLA-1936] fix metadata fetching #153

merged 2 commits into from
Aug 12, 2024

Conversation

zlayine
Copy link
Contributor

@zlayine zlayine commented Aug 12, 2024
edited by github-actions bot
Loading

PR Type

Bug fix, Enhancement

Description

  • Simplified JSON parsing logic in the fetchUri function within Collections.vue by directly checking the name property on the response object.
  • Made the mode parameter optional in the request method of ApiService and adjusted CSRF token handling based on the mode.
  • Standardized headers initialization in the request method.
  • Ensured mode is set to 'cors' for GraphQL requests in ApiService.

Changes walkthrough 📝

Relevant files
Enhancement
Collections.vue
Simplify JSON parsing in fetchUri function                             

resources/js/components/pages/Collections.vue

  • Simplified JSON parsing logic in fetchUri function.
  • Directly checked the name property on the response object.
    		•  +2/-3     
    Bug fix
    index.ts
    Improve request handling and CSRF token logic                       

    resources/js/api/index.ts

  • Made mode parameter optional in request method.
  • Adjusted CSRF token handling based on mode.
  • Standardized headers initialization.
  • Ensured mode is set to 'cors' for GraphQL requests.
    		•  +15/-10 

    💡 PR-Agent usage:
    Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

    @zlayine zlayine self-assigned this Aug 12, 2024
    @github-actions GitHub Actions
    Copy link

    PR Reviewer Guide 🔍

    ⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ Key issues to review

    Simplification Impact
    The simplification in JSON parsing by directly accessing the 'name' property might lead to issues if the response format changes or is not as expected. Consider adding error handling or checks to ensure 'res' is the expected object format.

    CSRF Token Handling
    The conditional CSRF token handling based on the 'mode' might introduce security risks or logic errors if not properly tested across all use cases. Ensure comprehensive testing, especially in multi-tenant environments.

    Header Initialization
    The re-initialization of headers within the conditional block could potentially overwrite necessary headers set earlier in the method. This might lead to unexpected behavior or bugs.

    @github-actions GitHub Actions
    Copy link

    github-actions bot commented Aug 12, 2024
    edited
    Loading

    PR Code Suggestions ✨

    CategorySuggestion                                                                                                                                    Score
    Possible bug
    Ensure proper handling of JSON responses

    Ensure that the response from ApiService.fetchUrl is properly handled as JSON if
    necessary. The removal of JSON.parse might lead to issues if the response is not an
    object as expected.

    resources/js/components/pages/Collections.vue [360-362]

     const res = await ApiService.fetchUrl(uri);
-if (res.name) {
-    return res.name;
+const data = typeof res === 'string' ? JSON.parse(res) : res;
+if (data.name) {
+    return data.name;
 }
    Suggestion importance[1-10]: 10

    Why: The suggestion addresses a potential bug where the response might not be parsed correctly if it is a JSON string. This ensures that the response is properly handled as JSON if necessary, preventing runtime errors.

    		10
    Security
    Ensure safe default request mode

    Avoid potential security risks by ensuring that the mode parameter is always defined
    when making requests, to prevent unintended cross-origin requests.

    resources/js/api/index.ts [28]

    -mode,
+mode = 'cors',
    Suggestion importance[1-10]: 9

    Why: Setting a default mode of 'cors' helps prevent unintended cross-origin requests, which is a significant security improvement.

    		9
    Performance
    Optimize header manipulation to avoid overriding

    Ensure that the headers object is not unnecessarily recreated, which could lead to
    performance issues and bugs by overriding existing header values.

    resources/js/api/index.ts [55-58]

    -headers = {
-    'Content-Type': 'application/json',
-    Accept: 'application/json',
-    ...headers,
-};
+headers['Content-Type'] = headers['Content-Type'] || 'application/json';
+headers.Accept = headers.Accept || 'application/json';
    Suggestion importance[1-10]: 8

    Why: This suggestion improves performance and prevents potential bugs by ensuring that existing header values are not overridden unnecessarily.

    		8
    Maintainability
    Simplify header setting logic

    Refactor the conditional logic for setting headers to make it more readable and
    maintainable.

    resources/js/api/index.ts [47-53]

     if (mode) {
-    if (!useAppStore().isMultiTenant) {
-        headers.Authorization = useAppStore().config.authorization_token;
-    } else if (mode) {
+    const store = useAppStore();
+    if (!store.isMultiTenant) {
+        headers.Authorization = store.config.authorization_token;
+    } else {
         headers['X-CSRF-TOKEN'] = csrf;
     }
 }
    Suggestion importance[1-10]: 7

    Why: The refactoring makes the code more readable and maintainable by reducing redundancy and improving clarity, although it does not fix a critical issue.

    		7

    @zlayine zlayine merged commit a243bd1 into master Aug 12, 2024
    3 checks passed
    @zlayine zlayine deleted the bugfix/PLA-1936/remove-csrf-metadata-request branch August 12, 2024 17:20
    leonardocustodio pushed a commit that referenced this pull request Aug 13, 2024
    @zlayine @leonardocustodio
    [PLA-1936] fix metadata fetching (#153)
    bd98e89
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers

    @v16Studios v16Studios v16Studios approved these changes

    @enjinabner enjinabner Awaiting requested review from enjinabner

    Assignees

    @zlayine zlayine

    Labels
    Bug fix enhancement New feature or request Review effort [1-5]: 2
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.
    2 participants
    @zlayine @v16Studios