Bug fix : form validation issues, comment error handling, filters.

[e-esakman]

Issue

• In the forum page, creation of new discussion room shows validation errors but still submitted successfully.
• Comments are successfully posted but UI shows an error.
• Apply filters doesnt exist.
• Delete action was available was not available for users.
• Text appear in white in forum room.

Before

Screen.Recording.2026-01-04.at.1.51.28.PM.mov

After

Untitled.design.1.mp4

Changes made

• website/templates/forum.html added apply button, fix dark-mode and filter logic.
• website/views/core.py validation fix for room-creation & comments, filter-logic.

Summary by CodeRabbit

• New Features

  • Apply button for filters; status and multi-option sort (newest, oldest, most votes, most comments); selections preserved in UI

• Improvements

  • Post deletion limited to owners or superusers; stricter input validation and clearer JSON error responses
  • More consistent modal, voting, and click-handling behavior

• Tests

  • Tests updated to expect a boolean success flag and returned entity IDs on create actions

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[github-actions]

👋 Hi @e-esakman!

This pull request needs a peer review before it can be merged. Please request a review from a team member who is not:

• The PR author
• DonnieBLT
• coderabbitai
• copilot

Once a valid peer review is submitted, this check will pass automatically. Thank you!

[coderabbitai]

Walkthrough

Filter UI now requires an explicit Apply action updating URL query parameters; server view accepts new status and sort query params and applies filtering/sorting. Post/comment creation and deletion endpoints enforce stricter validation and permission checks (owner or superuser) and return explicit JSON success/error payloads.

Changes

Cohort / File(s)	Summary
Frontend: forum UI & filters website/templates/forum.html	Added Apply button and new functions updateFilters(params) and applyFilters() to build/update/delete query params and navigate; filterByCategory() now calls updateFilters({ category }); removed automatic voting init on DOMContentLoaded; adjusted modal close and related event handling.
Frontend: delete-permission UI website/templates/forum.html	Client-side delete-related checks/behavior adjusted to align with server: delete allowed for post owner or superuser; modal and click handlers updated accordingly.
Backend: forum endpoints & validation website/views/core.py	add_forum_post() and add_forum_comment() perform stricter type-casting/validation, return structured 400/404 JSON errors, and include created entity IDs in success responses; delete_forum_post() validates post_id and enforces owner-or-superuser permission before deletion; view_forum() accepts status and sort query params, applies status filtering and multiple sort orders (newest, oldest, most_votes, most_comments), paginates, and passes selected_status/selected_sort to templates.
Tests: API response shape website/tests/test_core.py	Tests updated to expect boolean success and presence of post_id/comment_id in create responses instead of prior "status": "success" string.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant User as User (Browser)
  participant JS as Forum JS
  participant Server as Web Server
  participant DB as Database

  rect rgba(232,246,255,0.9)
    User->>JS: choose filters, click Apply
    JS->>JS: read controls, call applyFilters() -> updateFilters(params)
    JS->>User: navigate to /forum?... (window.location update)
  end

  rect rgba(240,255,240,0.9)
    User->>Server: GET /forum?category=...&status=...&sort=...
    Server->>DB: query ForumPosts with filters & sort (aggregates for votes/comments)
    DB-->>Server: posts + counts
    Server->>Server: paginate, set selected_status/selected_sort
    Server-->>User: render forum HTML with current filters
  end

  rect rgba(255,245,240,0.9)
    User->>Server: DELETE /forum/post/<id>
    Server->>Server: validate post_id, check requester == owner OR superuser
    alt permitted
      Server->>DB: delete post
      DB-->>Server: result
      Server-->>User: JSON { success: true, ... }
    else not permitted
      Server-->>User: JSON { success: false, message: "permission denied" } (HTTP 403/400)
    end
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title describes form validation, comment handling, and filters, which are the main features addressed in the changeset across both template and backend files.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

📊 Monthly Leaderboard

Hi @e-esakman! Here's how you rank for January 2026:

Rank	User	PRs	Reviews	Comments	Total
#6	@mdkaifansari04	0	2	2	12
#7	@e-esakman ✨	1	0	0	10
#8	@Rajgupta36	1	0	0	10

---

Leaderboard based on contributions in January 2026. Keep up the great work! 🚀

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 6acfe73 and 0113a37.

📒 Files selected for processing (2)

• website/templates/forum.html
• website/views/core.py

🧰 Additional context used

🧬 Code graph analysis (1)

website/views/core.py (1)

website/models.py (6)

• ForumCategory (1282-1291)
• Repo (1904-1981)
• Project (1366-1435)
• Organization (181-289)
• ForumPost (1294-1322)
• ForumComment (1336-1348)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Run Tests
• GitHub Check: Run pre-commit
• GitHub Check: docker-test

🔇 Additional comments (7)

website/templates/forum.html (4)

80-83: LGTM! Apply button implementation is clean.

The new Apply button correctly triggers the applyFilters() function and addresses the PR objective of adding filter application functionality.

---

632-634: LGTM! Clean refactoring to use shared filter logic.

The filterByCategory function now correctly delegates to updateFilters, reducing code duplication.

---

637-649: LGTM! URL parameter handling is correct.

The updateFilters function properly constructs URLs with query parameters and handles both setting and deleting parameters based on their values.

---

651-661: LGTM! Filter application logic is straightforward and correct.

The applyFilters function properly reads all filter values and applies them via updateFilters. This implements the missing "Apply filters" functionality mentioned in the PR objectives.

website/views/core.py (3)

1033-1097: LGTM! Validation and error handling improvements are solid.

The refactored add_forum_post function includes several improvements:

1. Explicit foreign key validation (lines 1050-1070): Each foreign key is validated for existence before creation, preventing integrity errors.
2. Clear error responses (lines 1083-1086): Returns 404 for missing references vs 400 for validation errors.
3. Direct model creation (lines 1072-1080): Using explicit field assignments is clearer than the previous dict-based approach.
4. Added post_id to response (line 1082): Useful for client-side operations.

These changes address the PR objective of fixing validation issues where posts were created despite validation errors.

---

1099-1126: LGTM! Type safety and response improvements.

The changes improve robustness:

1. Explicit type casting (line 1110): int(post_id) prevents potential type mismatches from JSON data.
2. Enhanced response (line 1113): Returning comment_id allows clients to reference the newly created comment.

These changes align with the PR objective of fixing comment error handling where comments were posted successfully but the UI displayed errors.

---

1160-1227: LGTM! Filtering and sorting implementation is clean and correct.

The view_forum enhancements properly implement the filter logic:

1. Status filtering (lines 1185-1186): Correctly filters posts by status when provided.
2. Multi-option sorting (lines 1189-1196): Supports newest, oldest, most votes, and most comments sorting with correct default behavior.
3. Template context (lines 1219-1220): Passes selected values back to maintain UI state.

These changes work in conjunction with the template modifications to provide the complete filtering functionality mentioned in the PR objectives.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

website/views/core.py (1)

1050-1070: Consider more specific error messages for type conversion failures.

If int(category), int(repo_id), int(project_id), or int(organization_id) fails (e.g., non-numeric string), the generic ValueError handler at line 1089 catches it with "Invalid data provided". For better user experience, consider wrapping each conversion in a try/except to provide field-specific feedback:

Example improvement

try:
    category = int(category)
except (ValueError, TypeError):
    return JsonResponse(
        {"success": False, "error": "Invalid category ID format"},
        status=400,
    )

ForumCategory.objects.get(id=category)

This helps users identify which field has invalid data.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 0113a37 and 5029d5f.

📒 Files selected for processing (2)

• website/templates/forum.html
• website/views/core.py

🚧 Files skipped from review as they are similar to previous changes (1)

• website/templates/forum.html

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Run Tests
• GitHub Check: Analyze (python)
• GitHub Check: docker-test

🔇 Additional comments (2)

website/views/core.py (2)

1145-1146: LGTM! Permission check correctly implemented.

The permission logic correctly allows deletion by either the post owner or a superuser, which aligns with the PR objectives. The condition properly enforces access control.

---

1184-1195: LGTM! Filtering and sorting implementation is solid.

The filtering and sorting logic correctly implements the "Apply filters" functionality mentioned in the PR objectives:

• Status filtering applies when provided
• Sorting handles multiple options (oldest, most_votes, most_comments) with a sensible default to newest
• The use of annotated comment_count for sorting is efficient

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

website/views/core.py (1)

1144-1156: Permission check is correct, but error responses lack HTTP status codes.

The owner/superuser permission logic at lines 1145-1146 is correctly implemented. However, error responses at lines 1151, 1153, and 1156 return HTTP 200 (default) instead of appropriate error status codes, which is inconsistent with the error handling at lines 1136 and 1141.

🔎 Suggested fix for consistent error status codes

     except ForumPost.DoesNotExist:
-        return JsonResponse({"status": "error", "message": "Post not found"})
+        return JsonResponse({"status": "error", "message": "Post not found"}, status=404)
     except json.JSONDecodeError:
-        return JsonResponse({"status": "error", "message": "Invalid JSON data"})
+        return JsonResponse({"status": "error", "message": "Invalid JSON data"}, status=400)
     except Exception as e:
         logging.exception("Unexpected error deleting forum post")
-        return JsonResponse({"status": "error", "message": "Server error occurred"})
+        return JsonResponse({"status": "error", "message": "Server error occurred"}, status=500)

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 5029d5f and 623984e.

📒 Files selected for processing (1)

• website/views/core.py

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Run Tests
• GitHub Check: docker-test

🔇 Additional comments (5)

website/views/core.py (5)

1044-1048: Validation improvement addresses the previous review concern.

The explicit is None checks correctly handle the edge case where category=0 would be incorrectly rejected by the previous all([...]) approach.

One minor consideration: empty strings (title="") will pass this check. If blank titles/descriptions are invalid, you may want to add .strip() and check for truthiness as well.

🔎 Optional enhancement for empty string validation

-            if title is None or description is None or category is None:
+            if not title or not description or category is None:

Or more explicitly:

if not (title and title.strip()) or not (description and description.strip()) or category is None:

---

1053-1070: LGTM!

The optional foreign key validation is clean and consistent. Converting to int and validating existence before creating the post prevents invalid references.

---

1110-1113: LGTM!

Explicit int conversion for post_id and returning comment_id in the success response are good improvements for robustness and client-side usability.

---

1184-1195: Filter and sort implementation looks good.

The sorting logic with fallback to newest (default) is a reasonable design. The status filtering will naturally return empty results for invalid status values, which is acceptable behavior.

Consider adding validation for selected_sort values if you want to explicitly reject invalid options, but the current fallback behavior is fine for usability.

---

1218-1219: LGTM!

Propagating selected_status and selected_sort to the template context correctly maintains the filter state for the UI.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 623984e and e341ca5.

📒 Files selected for processing (1)

• website/views/core.py

🧰 Additional context used

🧬 Code graph analysis (1)

website/views/core.py (1)

website/models.py (5)

• ForumCategory (1282-1291)
• Repo (1904-1981)
• Project (1366-1435)
• Organization (181-289)
• ForumPost (1294-1322)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Run Tests
• GitHub Check: docker-test

🔇 Additional comments (4)

website/views/core.py (4)

1058-1094: LGTM! Robust foreign key validation.

The foreign key validation pattern is well-implemented:

• Category is properly cast to int and validated for existence
• Optional foreign keys (repo, project, organization) are validated only when provided
• Specific exception handlers return appropriate 404 responses for missing entities
• Explicit None assignments make the logic clear

This effectively addresses the validation concerns raised in previous reviews.

---

1118-1118: Good addition of explicit type casting.

The explicit int(post_id) cast improves type safety and prevents potential type confusion issues. The ValueError exception is properly handled at line 1126.

---

1136-1164: LGTM! Permission logic and status codes corrected.

The changes properly address previous review concerns:

• Permission check (line 1153) now correctly allows either the post owner or a superuser to delete posts
• All error responses include explicit HTTP status codes (400, 403, 404, 500)
• Input validation is thorough with clear error messages

This resolves the critical issue flagged by the Sentry bot regarding missing status codes.

---

1172-1203: LGTM! Clean filtering and sorting implementation.

The status filtering and sorting logic is well-implemented:

• Status filter is applied conditionally based on query parameters
• Sorting supports multiple options (newest, oldest, most_votes, most_comments) with sensible default
• No SQL injection risk as Django ORM handles parameter sanitization
• The existing comment_count annotation (line 1185) is properly reused for sorting

The implementation aligns with Django best practices and PR objectives.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

website/views/core.py (3)

1053-1054: Type casting error could provide more specific feedback.

If category cannot be cast to an integer (e.g., user sends "abc"), the ValueError is caught by the generic handler at line 1092, returning "Invalid data provided". Consider catching the conversion error explicitly to return a clearer message like "Invalid category ID format".

🔎 Proposed improvement

+            try:
+                category = int(category)
+            except (ValueError, TypeError):
+                return JsonResponse({"success": False, "error": "Invalid category ID format"}, status=400)
+
-            category = int(category)
             ForumCategory.objects.get(id=category)

---

1057-1073: Consider extracting repetitive foreign key validation.

The pattern for validating optional foreign keys (repo, project, organization) is repeated three times. While clear, this violates DRY principles. Consider extracting to a helper function if this pattern appears elsewhere or if more optional foreign keys are added in the future.

🔎 Example helper function

def validate_optional_foreign_key(value, model_class, field_name):
    """Validate and return foreign key ID or None."""
    if value:
        try:
            fk_id = int(value)
            model_class.objects.get(id=fk_id)
            return fk_id
        except (ValueError, TypeError):
            raise ValueError(f"Invalid {field_name} ID format")
        except model_class.DoesNotExist:
            raise ValueError(f"{field_name} not found")
    return None

# Usage:
try:
    repo_id = validate_optional_foreign_key(repo_id, Repo, "repo")
    project_id = validate_optional_foreign_key(project_id, Project, "project")
    organization_id = validate_optional_foreign_key(organization_id, Organization, "organization")
except ValueError as e:
    return JsonResponse({"success": False, "error": str(e)}, status=404)

---

1187-1198: Consider validating status parameter against model choices.

The status filter accepts any value without validation. While Django ORM handles this safely (invalid values return no results), validating against ForumPost.STATUS_CHOICES would provide better user feedback for invalid status values.

🔎 Optional validation example

+    # Get valid status choices
+    valid_statuses = [choice[0] for choice in ForumPost.STATUS_CHOICES]
+
     if selected_status:
+        if selected_status not in valid_statuses:
+            messages.warning(request, f"Invalid status filter: {selected_status}")
+            selected_status = None
+        else:
             posts = posts.filter(status=selected_status)

This provides user feedback when an invalid status is provided rather than silently returning an empty result set.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between e341ca5 and 94fd322.

📒 Files selected for processing (1)

• website/views/core.py

🧰 Additional context used

🧬 Code graph analysis (1)

website/views/core.py (1)

website/models.py (6)

• ForumCategory (1282-1291)
• Repo (1904-1981)
• Project (1366-1435)
• Organization (181-289)
• ForumPost (1294-1322)
• ForumComment (1336-1348)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Run Tests
• GitHub Check: docker-test

🔇 Additional comments (3)

website/views/core.py (3)

1113-1116: LGTM! Type casting improves robustness.

Explicitly casting post_id to an integer before database lookup prevents potential type mismatches and makes the validation more explicit. The error handling correctly catches conversion failures.

---

1138-1159: Excellent fixes! Permission logic and error handling improved.

This addresses the critical issues identified in past reviews:

1. All error responses now include explicit HTTP status codes (400, 403, 404, 500), fixing the Sentry bot's concern about default 200 OK being returned on errors.
2. Permission logic enhanced (lines 1148-1149) - users can now delete their own posts, not just superusers. This improves user experience while maintaining security.
3. Error messages are clear and specific, improving API usability.

---

1190-1198: LGTM! Sorting implementation is clean and efficient.

The sorting logic correctly handles all cases with appropriate sort directions and uses the efficiently annotated comment_count field. The default case ensures any unexpected sort parameter falls back to newest first.

[e-esakman]

@coderabbitai why did the tests failed?

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash

# Get the PR check runs to see which tests failed
echo "=== PR Check Runs ==="
gh pr checks 5392 --repo OWASP-BLT/BLT

echo -e "\n=== Detailed Check Run Logs ==="
# Get more detailed information about failed checks
gh pr view 5392 --repo OWASP-BLT/BLT --json statusCheckRollup --jq '.statusCheckRollup[] | select(.status == "COMPLETED" and .conclusion != "SUCCESS") | {name: .name, conclusion: .conclusion, detailsUrl: .detailsUrl}'

Length of output: 2676

---

🏁 Script executed:

#!/bin/bash

# Get the logs from the failed test run
echo "=== Fetching Test Run Logs ==="
gh run view 20689388960 --repo OWASP-BLT/BLT --log-failed

Length of output: 4722

---

🏁 Script executed:

#!/bin/bash

# Get the full logs from the test run to see actual test failures
echo "=== Fetching Full Test Run Logs ==="
gh run view 20689388960 --repo OWASP-BLT/BLT --log | grep -A 500 "Run Tests" | grep -E "(FAILED|ERROR|test_|AssertionError|Traceback|File)" | head -100

Length of output: 13379

---

🏁 Script executed:

#!/bin/bash

# Get the raw logs and look for test failures more broadly
echo "=== Looking for test execution output ==="
gh run view 20689388960 --repo OWASP-BLT/BLT --log | grep -i "run tests" -A 2000 | grep -E "(FAIL|PASS|ERROR|===|---)" | grep -v "##\[debug\]" | head -150

Length of output: 3670

---

🏁 Script executed:

#!/bin/bash

# Look for test summary and specific failed test names
echo "=== Looking for test summary and failed tests ==="
gh run view 20689388960 --repo OWASP-BLT/BLT --log | grep -i "run tests" -A 3000 | grep -E "(test.*FAILED|FAILED.*test|Ran [0-9]+ test|failures=|errors=|[0-9]+ failed|::test_)" | head -80

Length of output: 49

---

🏁 Script executed:

#!/bin/bash

# Get broader context around the test execution
echo "=== Looking for test command and output ==="
gh run view 20689388960 --repo OWASP-BLT/BLT --log 2>&1 | grep -E "Run tests" -A 50 | grep -E "(poetry run|python|pytest|manage.py|test)" | head -30

echo -e "\n=== Looking for end of test execution ==="
gh run view 20689388960 --repo OWASP-BLT/BLT --log 2>&1 | grep -E "Run tests" -A 5000 | tail -200 | grep -v "##\[debug\]" | head -80

Length of output: 8451

---

🏁 Script executed:

#!/bin/bash

# Get the test execution output with more context
echo "=== Test execution details ==="
gh run view 20689388960 --repo OWASP-BLT/BLT --log 2>&1 | awk '/Run tests.*poetry run xvfb-run/,/Finishing: Run tests/' | grep -v "##\[debug\]" | tail -100

Length of output: 11709

---

🏁 Script executed:

#!/bin/bash

# Read the failing test to understand what it expects
echo "=== Failing test code ==="
cat website/tests/test_core.py | grep -A 30 "def test_create_and_view_forum_post"

echo -e "\n=== Check add_forum_post view response format ==="
cat website/views/core.py | grep -A 20 "def add_forum_post" | head -40

Length of output: 2141

---

🏁 Script executed:

#!/bin/bash

# Get the full add_forum_post function to see the success response
echo "=== Complete add_forum_post function ==="
ast-grep --pattern $'def add_forum_post($$$) {
  $$$
}'

echo -e "\n=== Searching for JsonResponse in add_forum_post ==="
rg -A 2 "JsonResponse" website/views/core.py | grep -A 2 "add_forum_post" | head -30

Length of output: 451

---

🏁 Script executed:

#!/bin/bash

# Get line numbers for add_forum_post function
echo "=== Finding add_forum_post function location ==="
rg -n "^def add_forum_post" website/views/core.py

echo -e "\n=== Reading add_forum_post function (lines around the definition) ==="
sed -n '560,650p' website/views/core.py

Length of output: 3622

---

🏁 Script executed:

#!/bin/bash

# Get the complete add_forum_post function
echo "=== Complete add_forum_post function ==="
sed -n '1033,1120p' website/views/core.py

Length of output: 3655

---

@e-esakman: The tests failed because of a breaking change in the API response format that wasn't reflected in the test suite. Here's what happened:

Root Cause

The test test_create_and_view_forum_post in website/tests/test_core.py (line 28) is failing with a KeyError: 'status'.

The test expects:

self.assertEqual(response.json()["status"], "success")

But your new code returns:

return JsonResponse({"success": True, "post_id": post.id})

The Issue

Your PR changed the response format for add_forum_post:

• Old format: {"status": "success", ...}
• New format: {"success": True, "post_id": post.id}

The test is still looking for the "status" key, but your new code uses "success" instead, causing the KeyError.

Solution

You need to update the test to match your new API response format. Change line 28-29 in website/tests/test_core.py from:

self.assertEqual(response.status_code, 200)
self.assertEqual(response.json()["status"], "success")

to:

self.assertEqual(response.status_code, 200)
response_data = response.json()
self.assertEqual(response_data["success"], True)
self.assertIn("post_id", response_data)

Since you're using the --failfast flag, the test suite stopped at this first failure. There might be other tests that need similar updates for the comment functionality as well.

[Nachiket-Roy]

LGTM!

[Jayant2908]

Nice Work!! LGTM!

[Shhazzz]

Looks good overall. solid fixes.

[S3DFX-CYBER]

great work , seems legit to me , LGTM