feat: add tag filter to coding agent slack tags endpoint#338
feat: add tag filter to coding agent slack tags endpoint#338sweetmantech wants to merge 1 commit intotestfrom
Conversation
Adds optional `tag` query param to GET /api/admins/coding/slack to filter mentions by user_id, and creates new GET /api/admins/coding-agent/slack-tags endpoint returning distinct Slack users for filter chip population. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
📝 WalkthroughWalkthroughAdded a new endpoint for retrieving distinct Slack users who tagged the Coding Agent bot, including request validation and CORS support. Enhanced the existing Slack tags handler to support filtering by a specific tag via an optional query parameter. Updated corresponding validation schemas. Changes
Sequence Diagram(s)sequenceDiagram
participant Client
participant Route as API Route<br/>(GET Handler)
participant Validator as validateGetSlackTagOptionsQuery
participant Handler as getSlackTagOptionsHandler
participant DB as fetchSlackMentions
Client->>Route: GET /api/admins/coding-agent/slack-tags
Route->>Handler: Delegate request processing
Handler->>Validator: Validate request & auth
Validator->>Validator: Check admin credentials
alt Validation fails
Validator-->>Handler: NextResponse (error)
Handler-->>Route: Return error response
Route-->>Client: 401/403 response
else Validation succeeds
Validator-->>Handler: true
Handler->>DB: fetchSlackMentions("all")
DB-->>Handler: List of mentions
Handler->>Handler: Deduplicate by user_id<br/>& sort by name
Handler-->>Route: JSON response<br/>(status, total, tags)
Route-->>Client: 200 with tag options
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ❌ 1❌ Failed checks (1 warning)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@lib/admins/slack/validateGetSlackTagsQuery.ts`:
- Line 10: The query schema currently allows an empty tag string (tag:
z.string().optional()), which lets "?tag=" pass validation and later be treated
as falsy, causing unintended unfiltered results; in validateGetSlackTagsQuery
change the tag schema to reject empty strings (e.g., use
z.string().min(1).optional() or z.string().refine(s => s.trim().length >
0).optional()) so blank values are invalid (apply same change to the other
occurrences referenced around lines 30-33).
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: c346b622-7067-4771-a60b-6cb1450edd60
⛔ Files ignored due to path filters (1)
lib/admins/coding-agent/__tests__/getSlackTagOptionsHandler.test.tsis excluded by!**/*.test.*,!**/__tests__/**and included bylib/**
📒 Files selected for processing (5)
app/api/admins/coding-agent/slack-tags/route.tslib/admins/coding-agent/getSlackTagOptionsHandler.tslib/admins/coding-agent/validateGetSlackTagOptionsQuery.tslib/admins/slack/getSlackTagsHandler.tslib/admins/slack/validateGetSlackTagsQuery.ts
|
|
||
| export const getSlackTagsQuerySchema = z.object({ | ||
| period: adminPeriodSchema.default("all"), | ||
| tag: z.string().optional(), |
There was a problem hiding this comment.
Reject blank tag values to avoid accidental unfiltered responses
If a client sends ?tag=, Line 32 captures "", it passes validation, and filtering is skipped later because the value is falsy. That returns full results instead of signaling invalid filter input.
💡 Proposed fix
const { searchParams } = new URL(request.url);
+ const rawTag = searchParams.get("tag");
+ if (rawTag !== null && rawTag.trim() === "") {
+ return NextResponse.json(
+ { status: "error", error: "tag must be a non-empty string" },
+ { status: 400, headers: getCorsHeaders() },
+ );
+ }
const raw = {
period: searchParams.get("period") ?? "all",
- tag: searchParams.get("tag") ?? undefined,
+ tag: rawTag ?? undefined,
};Also applies to: 30-33
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@lib/admins/slack/validateGetSlackTagsQuery.ts` at line 10, The query schema
currently allows an empty tag string (tag: z.string().optional()), which lets
"?tag=" pass validation and later be treated as falsy, causing unintended
unfiltered results; in validateGetSlackTagsQuery change the tag schema to reject
empty strings (e.g., use z.string().min(1).optional() or z.string().refine(s =>
s.trim().length > 0).optional()) so blank values are invalid (apply same change
to the other occurrences referenced around lines 30-33).
recoup-coding-agent
left a comment
recoup-coding-agent
left a comment
There was a problem hiding this comment.
Code Review: Tag filter for coding agent Slack endpoint
Summary
Clean, focused PR. Adds optional tag query param to filter GET /api/admins/coding/slack by Slack user ID, and adds a new GET /api/admins/coding-agent/slack-tags endpoint to return the distinct list of users for populating filter chips in the admin UI.
CLEAN Code Assessment
SRP ✅ Each new file has one clear responsibility.
OCP ✅ Filter logic is additive — existing behavior unchanged when tag is omitted.
DRY ✅ Reuses fetchSlackMentions, validateAdminAuth, and existing patterns.
YAGNI ✅ No over-engineering. Simple filter added exactly where needed.
Issues Found
🟡 Suggestion
Performance consideration for getSlackTagOptionsHandler: The handler calls fetchSlackMentions("all") and does client-side dedup. This works fine today, but as mention volume grows, fetching every mention just to extract unique user metadata will be slow. Consider a dedicated Supabase query for distinct users when volume warrants it.
🔵 Nit
Empty JSDoc block on makeRequest() in the test file — just remove it.
Security ✅
Admin auth enforced via validateAdminAuth on both the existing and new endpoint. No concerns.
Verdict: approve
Well-tested, follows conventions, clean implementation.
recoup-coding-agent
left a comment
recoup-coding-agent
left a comment
There was a problem hiding this comment.
Summary
Adds a tag filter to the existing GET /api/admins/coding/slack endpoint and a new GET /api/admins/coding-agent/slack-tags endpoint returning distinct Slack users as filter-chip options. Clean, focused PR with good test coverage.
CLEAN Code Assessment
- SRP: Each new handler/validator has exactly one responsibility.
- DRY: Reuses existing
validateAdminAuth,fetchSlackMentions,getCorsHeaders— no duplication. - YAGNI: No over-engineering — minimal change to add the filter.
- Tests: Good coverage including dedup, alphabetical sort, auth failure, and upstream error cases.
Issues Found
suggestion
URL inconsistency: New endpoint is at /api/admins/coding-agent/slack-tags while the existing one is at /api/admins/coding/slack. The path diverges from the existing coding/ prefix to coding-agent/. Not a blocker, but worth aligning if the admin routes ever get reorganized.
fetchSlackMentions("all") hardcoded in getSlackTagOptionsHandler: This always fetches all-time mentions regardless of any request context. The comment says "always returns all-time unique tags" — that makes sense for a filter-options endpoint, but if the volume of mentions grows large this could become expensive. Acceptable for now.
nit
searchParams.get("tag") ?? undefined—null ?? undefinedevaluates toundefined, which is correct, but using|| undefinedorsearchParams.get("tag") ?? undefinedare both fine. Just noting it reads slightly awkward.makeRequest()in the test file has an empty JSDoc/** */block — no description needed, but the empty block adds noise.
Security
Admin auth required on both endpoints — correct. No injection risks.
Verdict
approve — clean, well-tested, ready to merge.
2 participants
Summary
tagquery param toGET /api/admins/coding/slackto filter mentions by Slack user_idGET /api/admins/coding-agent/slack-tagsendpoint returning distinct Slack users as filter optionsgetSlackTagOptionsHandlerTest plan
pnpm test lib/admins/coding-agent— all 5 tests passGET /api/admins/coding/slack?tag=U123returns only mentions from that userGET /api/admins/coding-agent/slack-tagsreturns deduplicated, alphabetically sorted users🤖 Generated with Claude Code
Summary by CodeRabbit