Skip to content

Hotfixes #110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gitnasr merged 2 commits into from
Jun 29, 2025
Merged

Hotfixes #110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7eb0b66
Refactor QAService and update QAController access
gitnasr Jun 29, 2025
73165b0
Add null check for answer retrieval in UpdateAnswerAsync
gitnasr Jun 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 3 additions & 5 deletions Dentizone.Application/Services/QAService.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,17 +102,15 @@ public async Task<IEnumerable<QuestionViewDto>> GetQuestionsForPostAsync(string
var questions = await questionRepository.FindAllBy(
q => q.PostId == postId && !q.IsDeleted,
includes);
if (questions == null || !questions.Any())
{
return [];
}


return mapper.Map<IEnumerable<QuestionViewDto>>(questions);
}

public async Task UpdateAnswerAsync(string answerId, UpdateAnswerDto dto)
{
var answer = await answerRepository.GetByIdAsync(answerId);
var answer = await answerRepository.GetByIdAsync(answerId) ??
throw new NotFoundException("No Answer with this ID");
Copy link
Copy Markdown

@korbit-ai korbit-ai bot Jun 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inconsistent error message format category Documentation

Tell me more
What is the issue?

The exception message is inconsistent with similar error messages in the file.

Why this matters

Inconsistent error messages make logs harder to parse and debug patterns harder to establish.

Suggested change ∙ Feature Preview

throw new NotFoundException("Answer not found");

Provide feedback to improve future suggestions

Nice Catch Incorrect Not in Scope Not in coding standard Other

💬 Looking for more details? Reply to this comment to chat with Korbit.

answer.Text = dto.Text;
await answerRepository.UpdateAsync(answer);
}
Expand Down
1 change: 1 addition & 0 deletions Dentizone.Presentaion/Controllers/QAController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ public async Task<IActionResult> AskQuestion([FromBody] CreateQuestionDto dto)
}

[HttpGet("questions/{postId}")]
[AllowAnonymous]
public async Task<IActionResult> GetQuestionsForPost(string postId)
Comment on lines +24 to 25
Copy link
Copy Markdown

@korbit-ai korbit-ai bot Jun 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing post visibility check for anonymous access category Security

Tell me more
What is the issue?

Making GetQuestionsForPost endpoint publicly accessible without validation could expose sensitive question data if the post itself is not meant to be public.

Why this matters

Anonymous access to questions without checking post visibility permissions could lead to information disclosure of private or restricted content.

Suggested change ∙ Feature Preview

Add a visibility check before returning questions:

[HttpGet("questions/{postId}")]
[AllowAnonymous]
public async Task<IActionResult> GetQuestionsForPost(string postId)
{
    var post = await postService.GetPostAsync(postId);
    if (!post.IsPublic)
    {
        return NotFound();
    }
    var questions = await qaService.GetQuestionsForPostAsync(postId);
    return Ok(questions);
}
Provide feedback to improve future suggestions

Nice Catch Incorrect Not in Scope Not in coding standard Other

💬 Looking for more details? Reply to this comment to chat with Korbit.

{
var questions = await qaService.GetQuestionsForPostAsync(postId);
Expand Down
Loading