Merged
Conversation
❌ Deploy Preview for roaring-ganache-c7465f failed. Why did it fail? →
|
Contributor
There was a problem hiding this comment.
Pull request overview
This PR combines (a) smart-contract access control hardening in CropChain.sol (role/owner synchronization) with (b) an end-to-end “Smart Planting” crop recommendation feature spanning a new Python ML microservice, a new backend API route, and a new frontend page + navigation.
Changes:
- Harden
CropChain.solownership/role transitions by syncing legacyroles[]with OZAccessControland updating admin checks. - Add a Python Flask ML microservice (training +
/predict+ Dockerization) and wire it into the Node backend via/api/recommend. - Add a new React page + service for crop recommendations and link it into the app route/header.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 15 comments.
Show a summary per file
| File | Description |
|---|---|
contracts/CropChain.sol |
Sync legacy roles[] mapping with OZ AccessControl in setRole / transferOwnership; admin check update in cancelListing; legacy sync in grantStakeholderRole. |
backend/server.js |
Adds POST /api/recommend endpoint (validated + rate-limited) that calls the ML microservice. |
backend/services/cropRecommendationService.js |
Adds an axios client for calling the ML microservice (/predict, /health). |
backend/validations/cropRecommendationSchema.js |
Adds Joi validation for recommendation inputs. |
ml-service/app.py |
New Flask API exposing /health and /predict and loading/training the model. |
ml-service/train.py |
New training script to generate synthetic data and persist model.joblib. |
ml-service/requirements.txt |
Python dependencies for the microservice. |
ml-service/Dockerfile |
Containerizes the ML service and pre-trains the model at build time. |
docker-compose.yml |
Adds the ml-service container and wires backend env/dependencies. |
src/services/cropRecommendationService.ts |
Frontend fetch wrapper for POST /api/recommend. |
src/pages/CropRecommendation.tsx |
New UI page for input sliders and displaying recommendation results. |
src/components/Header.tsx |
Adds nav link to the new crop recommendation page. |
src/App.tsx |
Adds route for /crop-recommendation. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Contributor
Author
|
@vedhapprakashni solved the suggestions arised |
Nitya-003
requested changes
Mar 8, 2026
Owner
Nitya-003
left a comment
Nitya-003
left a comment
There was a problem hiding this comment.
@Aditya8369 Resolve the conflicts please.
Contributor
Author
|
@Nitya-003 resolved |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Completed: Verify fixes with error check (7/7)
No errors. Here's a summary of all four fixes applied to CropChain.sol:
Fix 1 —
transferOwnership: revoke/grantDEFAULT_ADMIN_ROLEatomicallyBefore: Transferred the
ownervariable but leftDEFAULT_ADMIN_ROLEheld by the previous owner forever, giving them permanent backdoor access tograntStakeholderRole,transferOwnership, etc.After:
_revokeRole(DEFAULT_ADMIN_ROLE, previousOwner)+_grantRole(DEFAULT_ADMIN_ROLE, newOwner)are called atomically. The previous owner's legacyroles[]entry is also cleared toNone.Fix 2 —
setRole: keep OZAccessControlin sync with the legacyroles[]mapBefore: Setting
roles[user] = ActorRole.Farmerhad no effect onFARMER_ROLEin OZ AccessControl, so the user would failcreateBatch(onlyRole(FARMER_ROLE)) and all_canUpdateStagechecks.After: Old OZ role is revoked and the new one is granted atomically. Also guards against assigning
ActorRole.Adminthrough this function (must go throughtransferOwnership), and protects the owner's own role.Fix 3 —
cancelListing: replace staleownerreference withhasRole(DEFAULT_ADMIN_ROLE, ...)Before:
msg.sender == owner— after ownership transfer the old privileged account (who keptDEFAULT_ADMIN_ROLE) could no longer cancel listings; the new owner could.After:
hasRole(DEFAULT_ADMIN_ROLE, msg.sender)— consistent with the rest of the admin-guard pattern and always reflects who is actually privileged.Fix 4 —
grantStakeholderRole: sync legacyroles[]mapping when granting OZ rolesBefore: A user granted
MANDI_ROLEvia this function would passonlyRole(MANDI_ROLE)and_canUpdateStage, but would failonlyAuthorized(legacy map check) and thecreateListingMandi check.After: The legacy
roles[]entry is set alongside_grantRole, andRoleUpdatedis emitted for full observability.closes #180