update dashboard implementation

[nikhilsinhaparseable]

as per the new design in prism

Summary by CodeRabbit

• New Features

  • Added the ability to add tiles to existing dashboards.
  • Introduced support for dashboard types and more flexible tile definitions.
  • Improved error handling with clearer unauthorized access messages.

• Bug Fixes

  • Enhanced validation for dashboard and tile IDs to ensure uniqueness and correctness.

• Refactor

  • Simplified dashboard data model and removed legacy migration logic.
  • Centralized and streamlined dashboard creation, updating, and deletion processes.
  • Improved ownership enforcement for dashboard modifications.
  • Restructured dashboard API routes for clearer and more organized access.
  • Updated dashboard listing to return summaries instead of full dashboards.
  • Removed manual ID and version assignments, relying on centralized methods.
  • Updated search functionality to use dashboard titles for improved matching.

• Style

  • Updated naming conventions for dashboard-related actions for better clarity.

[coderabbitai]

Walkthrough

This update refactors and simplifies the dashboard management system. It renames HTTP handler functions for clarity, centralizes dashboard creation and updates, adds an endpoint for adding tiles, and enforces ownership checks. The dashboard data model is streamlined, legacy migration code is removed, and error handling is improved for loading and modifying dashboards.

Changes

File(s)	Change Summary
src/handlers/http/modal/server.rs	Renamed dashboard HTTP handler functions for clarity and added a new /add_tile PUT route for dashboards under scoped sub-route /{dashboard_id}.
src/handlers/http/users/dashboards.rs	Refactored and renamed dashboard handler functions, centralized validation and storage, added add_tile handler, extended error enum with Unauthorized, and removed direct storage manipulation and manual ID generation.
src/prism/home/mod.rs	Updated get_dashboard_titles to remove session key dependency, changed filtering to use dashboard title instead of name, and adjusted dashboard ID extraction.
src/users/dashboards.rs	Simplified dashboard and tile data models, removed legacy migration/versioning, improved error handling during load, enforced ownership checks on update/delete, and added/updated methods for dashboard CRUD operations with in-memory cache synchronized with persistent storage.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant HTTP_Handler
    participant Dashboards_Store

    User->>HTTP_Handler: POST /dashboards (create_dashboard)
    HTTP_Handler->>Dashboards_Store: create(user_id, dashboard)
    Dashboards_Store-->>HTTP_Handler: Result
    HTTP_Handler-->>User: Response

    User->>HTTP_Handler: PUT /dashboards/{id}/add_tile (add_tile)
    HTTP_Handler->>Dashboards_Store: get_dashboard_by_user(dashboard_id, user_id)
    Dashboards_Store-->>HTTP_Handler: Dashboard or Error
    HTTP_Handler->>Dashboards_Store: update(user_id, dashboard_id, dashboard_with_new_tile)
    Dashboards_Store-->>HTTP_Handler: Result
    HTTP_Handler-->>User: Response

    User->>HTTP_Handler: GET /dashboards (list_dashboards)
    HTTP_Handler->>Dashboards_Store: list_dashboards()
    Dashboards_Store-->>HTTP_Handler: Dashboard summaries
    HTTP_Handler-->>User: Response

Loading

Suggested labels

for next release

Suggested reviewers

• parmesant

Poem

In the warren of code, dashboards shine anew,
With tiles that hop in, and titles that grew.
Old migrations are gone, the fields are now light,
Ownership enforced, so all is just right.
A carrot for progress, a hop for each test—
This dashboard refactor is simply the best! 🥕✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8caf261 and 5184122.

📒 Files selected for processing (1)

• src/users/dashboards.rs (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:63-71
Timestamp: 2025-05-01T10:22:45.695Z
Learning: Dashboard design in Parseable follows a sharing model where any user can read (list/get) any dashboard, enabling dashboard sharing functionality, but only the dashboard author can modify (update/delete) their own dashboards.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/users/dashboards.rs:154-165
Timestamp: 2025-05-01T12:22:42.363Z
Learning: Title validation for dashboards is performed in the `create_dashboard` HTTP handler function rather than in the `DASHBOARDS.create` method, avoiding redundant validation.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:0-0
Timestamp: 2025-05-01T10:27:56.858Z
Learning: The `add_tile()` function in `src/handlers/http/users/dashboards.rs` should use `get_dashboard_by_user(dashboard_id, &user_id)` instead of `get_dashboard(dashboard_id)` to ensure proper authorization checks when modifying a dashboard.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:125-148
Timestamp: 2025-05-01T10:33:51.767Z
Learning: When adding a tile to a dashboard in `add_tile()` function, the tile ID must be provided by the client and should not be generated by the server. If the tile ID is missing (nil), the API should fail the operation with an appropriate error message.

src/users/dashboards.rs (4)

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:0-0
Timestamp: 2025-05-01T10:27:56.858Z
Learning: The `add_tile()` function in `src/handlers/http/users/dashboards.rs` should use `get_dashboard_by_user(dashboard_id, &user_id)` instead of `get_dashboard(dashboard_id)` to ensure proper authorization checks when modifying a dashboard.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:63-71
Timestamp: 2025-05-01T10:22:45.695Z
Learning: Dashboard design in Parseable follows a sharing model where any user can read (list/get) any dashboard, enabling dashboard sharing functionality, but only the dashboard author can modify (update/delete) their own dashboards.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/users/dashboards.rs:154-165
Timestamp: 2025-05-01T12:22:42.363Z
Learning: Title validation for dashboards is performed in the `create_dashboard` HTTP handler function rather than in the `DASHBOARDS.create` method, avoiding redundant validation.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1348
File: src/prism/home/mod.rs:366-368
Timestamp: 2025-06-15T18:18:14.590Z
Learning: In the Parseable dashboard system, dashboard_id is guaranteed to always be present (never None) because IDs are generated at dashboard creation time, and there are no pre-v1 dashboards that could lack IDs.

🧬 Code Graph Analysis (1)

src/users/dashboards.rs (4)

src/users/filters.rs (4)

• serde_json (109-109)
• serde_json (143-143)
• load (100-155)
• update (157-161)

src/storage/object_storage.rs (7)

• serde_json (462-462)
• serde_json (537-537)
• serde_json (564-564)
• serde_json (604-604)
• serde_json (630-630)
• serde_json (707-707)
• dashboard_path (1312-1314)

src/handlers/http/users/dashboards.rs (4)

• dashboards (35-38)
• delete_dashboard (104-114)
• get_dashboard (43-52)
• list_dashboards (33-41)

src/handlers/http/users/filters.rs (1)

• update (78-101)

⏰ Context from checks skipped due to timeout of 90000ms (10)

• GitHub Check: Build Default x86_64-pc-windows-msvc
• GitHub Check: Build Default x86_64-unknown-linux-gnu
• GitHub Check: Build Kafka aarch64-apple-darwin
• GitHub Check: Build Default aarch64-unknown-linux-gnu
• GitHub Check: Build Default x86_64-apple-darwin
• GitHub Check: Quest Smoke and Load Tests for Distributed deployments
• GitHub Check: Build Default aarch64-apple-darwin
• GitHub Check: Build Kafka x86_64-unknown-linux-gnu
• GitHub Check: Quest Smoke and Load Tests for Standalone deployments
• GitHub Check: coverage

🔇 Additional comments (11)

src/users/dashboards.rs (11)

19-34: LGTM! Clean imports and constants setup.

The imports are well-organized and the CURRENT_DASHBOARD_VERSION constant provides clear versioning strategy.

---

35-53: Well-designed data structures with good flexibility.

The DashboardType enum with Dashboard as default and the Tile struct with flexible other_fields provide a clean, extensible design. Using Ulid for tile_id ensures uniqueness in distributed systems.

---

54-80: Excellent implementation of metadata management with proper preservation.

The set_metadata method correctly preserves existing dashboard_type when present (lines 74-76), addressing the previous concern about unintentional overwrites. The method properly handles dashboard ID generation and ensures all required metadata is set.

---

84-115: Clean summary generation for API responses.

The to_summary method efficiently creates a summary map for dashboard listing, including only the essential fields needed for the API response.

---

120-123: Robust dashboard ID validation with clear error messaging.

The validation function properly checks ULID format and provides descriptive error messages for invalid IDs.

---

132-166: Resilient dashboard loading with proper error handling.

The loading logic gracefully handles malformed JSON by logging warnings and continuing with other dashboards (lines 147-149, 157-158). This ensures the system remains functional even with corrupted data.

---

170-187: Well-implemented persistence layer with proper validation.

The save_dashboard method correctly validates dashboard ID presence and handles serialization/storage operations with appropriate error propagation.

---

192-225: Solid CRUD operations with proper authorization enforcement.

Both create and update methods implement the correct patterns:

• create: generates new metadata and persists to storage and memory
• update: enforces ownership via ensure_dashboard_ownership, updates metadata with existing ID, and maintains memory consistency

The memory update logic in update (lines 221-222) correctly removes the old version and adds the updated one.

---

230-248: Proper deletion implementation with authorization and cleanup.

The delete_dashboard method correctly enforces ownership, removes from both storage and memory, maintaining data consistency across both layers.

---

252-289: Well-designed retrieval methods supporting different access patterns.

The separation between get_dashboard (public access for sharing) and get_dashboard_by_user (ownership-aware access) properly implements the sharing model described in the learnings. The list_dashboards method returns all dashboards without filtering, allowing the HTTP layer to handle authorization as needed.

---

295-304: Excellent authorization helper method.

The ensure_dashboard_ownership method provides a clean, reusable way to verify ownership with appropriate error handling, returning DashboardError::Unauthorized when access is denied.

✨ Finishing Touches

• 📝 Generate Docstrings

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (5)

src/handlers/http/modal/server.rs (1)

275-278: Permission looks off

Updating a dashboard is currently guarded by Action::CreateDashboard.
Double-check whether a dedicated UpdateDashboard/PutDashboard action should be used here to avoid over-permissive RBAC rules.

src/handlers/http/users/dashboards.rs (2)

292-301: Return type of ensure_dashboard_ownership is unused

ensure_dashboard_ownership returns a Dashboard, but callers only rely on the Result side-effect. Returning () avoids an unnecessary clone:

-async fn ensure_dashboard_ownership(...) -> Result<Dashboard, DashboardError> {
+async fn ensure_dashboard_ownership(...) -> Result<(), DashboardError> {
     self.get_dashboard_by_user(dashboard_id, user_id)
         .await
-        .ok_or(DashboardError::Unauthorized)
+        .map(|_| ())
 }

---

33-41: Pagination / large payload

list_dashboards always returns the full list. For organisations with hundreds of dashboards this may hurt latency. Consider adding pagination (limit/offset) or server-side filtering.

src/users/dashboards.rs (2)

83-112: to_summary omits dashboard_type

Summaries currently expose title/author/modified/dashboard_id but not dashboard_type; Prism UI might need it to distinguish dashboards vs reports. Consider including it.

---

285-287: Clone-heavy list

list_dashboards clones the entire vector on every call. For read-heavy scenarios, return an Arc<Vec<_>> or iterate over a read lock to avoid frequent allocations.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 970a5a5 and bc00691.

📒 Files selected for processing (4)

• src/handlers/http/modal/server.rs (1 hunks)
• src/handlers/http/users/dashboards.rs (3 hunks)
• src/prism/home/mod.rs (2 hunks)
• src/users/dashboards.rs (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

src/handlers/http/modal/server.rs (1)

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:0-0
Timestamp: 2025-05-01T10:27:56.858Z
Learning: The `add_tile()` function in `src/handlers/http/users/dashboards.rs` should use `get_dashboard_by_user(dashboard_id, &user_id)` instead of `get_dashboard(dashboard_id)` to ensure proper authorization checks when modifying a dashboard.

src/handlers/http/users/dashboards.rs (1)

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:0-0
Timestamp: 2025-05-01T10:27:56.858Z
Learning: The `add_tile()` function in `src/handlers/http/users/dashboards.rs` should use `get_dashboard_by_user(dashboard_id, &user_id)` instead of `get_dashboard(dashboard_id)` to ensure proper authorization checks when modifying a dashboard.

🧬 Code Graph Analysis (1)

src/handlers/http/modal/server.rs (2)

src/handlers/http/users/dashboards.rs (7)

• dashboards (35-38)
• create_dashboard (54-66)
• list_dashboards (33-41)
• get_dashboard (43-52)
• delete_dashboard (104-114)
• update_dashboard (68-102)
• add_tile (116-146)

src/users/dashboards.rs (3)

• list_dashboards (285-287)
• get_dashboard (250-261)
• delete_dashboard (228-246)

⏰ Context from checks skipped due to timeout of 90000ms (10)

• GitHub Check: Build Default x86_64-pc-windows-msvc
• GitHub Check: Quest Smoke and Load Tests for Standalone deployments
• GitHub Check: Build Default aarch64-apple-darwin
• GitHub Check: Build Default x86_64-apple-darwin
• GitHub Check: Build Default x86_64-unknown-linux-gnu
• GitHub Check: Build Default aarch64-unknown-linux-gnu
• GitHub Check: Quest Smoke and Load Tests for Distributed deployments
• GitHub Check: Build Kafka aarch64-apple-darwin
• GitHub Check: Build Kafka x86_64-unknown-linux-gnu
• GitHub Check: coverage

🔇 Additional comments (1)

src/prism/home/mod.rs (1)

360-383: Missing authorization filtering

list_dashboards() returns every dashboard in memory; without SessionKey checks this exposes dashboards the current user may not own or be allowed to view.
Consider filtering by ownership or adding RBAC verification similar to streams/alerts searches.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

src/users/dashboards.rs (2)

160-162: Possible duplicate‐ID leakage during successive loads

load() appends new dashboards to the in-memory vector without de-duplicating against items already present in self.0, leading to multiple entries with the same dashboard_id if load() is called more than once (e.g., in tests).

-        let mut s = self.0.write().await;
-        s.append(&mut this);
+        let mut s = self.0.write().await;
+        for d in this {
+            s.retain(|existing| existing.dashboard_id != d.dashboard_id);
+            s.push(d);
+        }

This keeps the latest version while preventing duplicates.

---

285-287: list_dashboards clones the entire vector – consider borrowing or streaming

Returning Vec<Dashboard> incurs an O(n) clone each call and scales poorly with many dashboards.
If external mutation is not required, expose an immutable slice or iterator to avoid the copy:

pub async fn list_dashboards(&self) -> Vec<Dashboard> {
    self.0.read().await.clone()   // current
}

// possible alternatives
pub async fn list_dashboards(&self) -> Vec<DashboardSummary> { … } // lighter type
// or
pub async fn list_dashboards(&self) -> impl Iterator<Item = Dashboard> { … }

Evaluate based on API ergonomics and performance expectations.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bc00691 and 7915fae.

📒 Files selected for processing (2)

• src/handlers/http/modal/server.rs (1 hunks)
• src/users/dashboards.rs (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• src/handlers/http/modal/server.rs

⏰ Context from checks skipped due to timeout of 90000ms (10)

• GitHub Check: Build Default aarch64-apple-darwin
• GitHub Check: Build Default x86_64-pc-windows-msvc
• GitHub Check: Quest Smoke and Load Tests for Standalone deployments
• GitHub Check: Build Kafka x86_64-unknown-linux-gnu
• GitHub Check: Build Default x86_64-apple-darwin
• GitHub Check: coverage
• GitHub Check: Build Default aarch64-unknown-linux-gnu
• GitHub Check: Build Kafka aarch64-apple-darwin
• GitHub Check: Build Default x86_64-unknown-linux-gnu
• GitHub Check: Quest Smoke and Load Tests for Distributed deployments

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (2)

src/users/dashboards.rs (2)

69-78: Fix dashboard_type overwrite issue from previous review

The set_metadata method still overwrites dashboard_type to Dashboard, ignoring any existing type like Report.

Apply this fix to preserve existing dashboard type:

-        self.dashboard_type = Some(DashboardType::Dashboard);
+        // Preserve existing type if already set
+        if self.dashboard_type.is_none() {
+            self.dashboard_type = Some(DashboardType::Dashboard);
+        }

---

240-244: Fix compile error from nonexistent method

The code uses Option::is_none_or which doesn't exist in stable Rust, causing compilation failure.

Apply this fix to use correct method:

-            .retain(|d| d.dashboard_id.as_ref().is_none_or(|id| *id != dashboard_id));
+            .retain(|d| d.dashboard_id.map_or(true, |id| id != dashboard_id));

🧹 Nitpick comments (1)

src/users/dashboards.rs (1)

175-176: Handle potential None dashboard_id correctly

Based on retrieved learnings, dashboard_id is guaranteed to be present after creation, but this error handling could be more descriptive.

Consider improving the error message to be more specific:

-            .ok_or(DashboardError::Metadata("Dashboard ID must be provided"))?;
+            .ok_or(DashboardError::Metadata("Dashboard ID is missing - dashboard may not be properly initialized"))?;

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8831313 and 00b6a41.

📒 Files selected for processing (1)

• src/users/dashboards.rs (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:63-71
Timestamp: 2025-05-01T10:22:45.695Z
Learning: Dashboard design in Parseable follows a sharing model where any user can read (list/get) any dashboard, enabling dashboard sharing functionality, but only the dashboard author can modify (update/delete) their own dashboards.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/users/dashboards.rs:154-165
Timestamp: 2025-05-01T12:22:42.363Z
Learning: Title validation for dashboards is performed in the `create_dashboard` HTTP handler function rather than in the `DASHBOARDS.create` method, avoiding redundant validation.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:0-0
Timestamp: 2025-05-01T10:27:56.858Z
Learning: The `add_tile()` function in `src/handlers/http/users/dashboards.rs` should use `get_dashboard_by_user(dashboard_id, &user_id)` instead of `get_dashboard(dashboard_id)` to ensure proper authorization checks when modifying a dashboard.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:125-148
Timestamp: 2025-05-01T10:33:51.767Z
Learning: When adding a tile to a dashboard in `add_tile()` function, the tile ID must be provided by the client and should not be generated by the server. If the tile ID is missing (nil), the API should fail the operation with an appropriate error message.

src/users/dashboards.rs (4)

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:0-0
Timestamp: 2025-05-01T10:27:56.858Z
Learning: The `add_tile()` function in `src/handlers/http/users/dashboards.rs` should use `get_dashboard_by_user(dashboard_id, &user_id)` instead of `get_dashboard(dashboard_id)` to ensure proper authorization checks when modifying a dashboard.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/handlers/http/users/dashboards.rs:63-71
Timestamp: 2025-05-01T10:22:45.695Z
Learning: Dashboard design in Parseable follows a sharing model where any user can read (list/get) any dashboard, enabling dashboard sharing functionality, but only the dashboard author can modify (update/delete) their own dashboards.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1305
File: src/users/dashboards.rs:154-165
Timestamp: 2025-05-01T12:22:42.363Z
Learning: Title validation for dashboards is performed in the `create_dashboard` HTTP handler function rather than in the `DASHBOARDS.create` method, avoiding redundant validation.

Learnt from: nikhilsinhaparseable
PR: parseablehq/parseable#1348
File: src/prism/home/mod.rs:366-368
Timestamp: 2025-06-15T18:18:14.590Z
Learning: In the Parseable dashboard system, dashboard_id is guaranteed to always be present (never None) because IDs are generated at dashboard creation time, and there are no pre-v1 dashboards that could lack IDs.

⏰ Context from checks skipped due to timeout of 90000ms (9)

• GitHub Check: Build Default x86_64-pc-windows-msvc
• GitHub Check: Build Default x86_64-apple-darwin
• GitHub Check: Build Default aarch64-unknown-linux-gnu
• GitHub Check: Build Default x86_64-unknown-linux-gnu
• GitHub Check: Build Kafka x86_64-unknown-linux-gnu
• GitHub Check: Build Kafka aarch64-apple-darwin
• GitHub Check: Quest Smoke and Load Tests for Distributed deployments
• GitHub Check: Quest Smoke and Load Tests for Standalone deployments
• GitHub Check: coverage

🔇 Additional comments (3)

src/users/dashboards.rs (3)

194-201: LGTM - Dashboard creation follows ownership pattern

The create method correctly implements the ownership model by setting metadata with the user_id and persisting to both storage and memory.

---

212-213: LGTM - Proper ownership verification before updates

The ownership check ensures only dashboard authors can modify their dashboards, consistent with the sharing model from retrieved learnings.

---

298-301: LGTM - Clean ownership enforcement implementation

The ensure_dashboard_ownership method correctly implements the authorization pattern by checking both dashboard existence and author ownership.