feat(PM-1793): Create AI workflow api implementation #34
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| @@ -23,7 +23,7 @@ export class GetHealthCheckResponseDto { | |||
| } | |||
|
|
|||
| @ApiTags('Healthcheck') | |||
| @Controller('/') | |||
| @Controller('/reviews') | |||
There was a problem hiding this comment.
The change from @Controller('/') to @Controller('/reviews') seems to alter the endpoint path for the health check controller. Ensure that this change aligns with the intended functionality of the AI workflow API implementation, as it might affect existing routes and integrations.
| @@ -40,7 +40,7 @@ import { JwtUser } from 'src/shared/modules/global/jwt.service'; | |||
|
|
|||
| @ApiTags('ReviewSummations') | |||
| @ApiBearerAuth() | |||
| @Controller('/api/reviewSummations') | |||
| @Controller('/reviewSummations') | |||
There was a problem hiding this comment.
The change in the route path from /api/reviewSummations to /reviewSummations might affect existing API consumers. Ensure that this change is intentional and that all dependent services or clients are updated accordingly.
| @@ -52,7 +52,7 @@ import { JwtUser } from 'src/shared/modules/global/jwt.service'; | |||
|
|
|||
| @ApiTags('Submissions') | |||
| @ApiBearerAuth() | |||
| @Controller('/api/submissions') | |||
| @Controller('/submissions') | |||
There was a problem hiding this comment.
The change from /api/submissions to /submissions in the @Controller decorator modifies the base route for the SubmissionController. Ensure that this change is intentional and that all relevant parts of the application are updated to reflect this new route, as it may affect API endpoint accessibility.
| @@ -66,25 +66,50 @@ export class SubmissionController { | |||
| UserRole.Copilot, | |||
| UserRole.Submitter, | |||
| UserRole.Reviewer, | |||
| UserRole.User, | |||
There was a problem hiding this comment.
Adding UserRole.User to the list of roles might need a review to ensure that this role should indeed have the permissions associated with this method. Verify if this role should have access to create submissions.
| this.logger.log( | ||
| `Creating submission with request boy: ${JSON.stringify(body)}`, | ||
| console.log( | ||
| `Creating submission with request body: ${JSON.stringify(body)}`, |
There was a problem hiding this comment.
Using console.log for logging is not recommended in production code. Consider using a proper logging library or framework that is already integrated into your application, such as this.logger.log, which was previously used.
| @@ -151,6 +176,7 @@ export class SubmissionController { | |||
| UserRole.Submitter, | |||
| UserRole.Reviewer, | |||
| UserRole.Talent, | |||
| UserRole.User, | |||
There was a problem hiding this comment.
Adding UserRole.User to the list of roles might require updating the authorization logic to ensure that users with this role have the correct permissions. Please verify that this change aligns with the intended access control policies.
| @@ -185,6 +211,7 @@ export class SubmissionController { | |||
| UserRole.Admin, | |||
| UserRole.Submitter, | |||
| UserRole.Reviewer, | |||
| UserRole.User, | |||
There was a problem hiding this comment.
Adding UserRole.User to the list of roles might unintentionally broaden access. Please ensure that this role should indeed have access to this functionality, as it could introduce security concerns if not intended.
| @@ -20,6 +20,7 @@ export class SubmissionService { | |||
| constructor(private readonly prisma: PrismaService) {} | |||
|
|
|||
| async createSubmission(authUser: JwtUser, body: SubmissionRequestDto) { | |||
| console.log(`BODY: ${JSON.stringify(body)}`); | |||
There was a problem hiding this comment.
Using console.log for logging is not recommended in production code. Consider using a proper logging library to handle logging with different levels and outputs.
src/dto/aiWorkflow.dto.ts
Outdated
|
|
||
| @ApiProperty({ required: false }) | ||
| @IsString() | ||
| @IsNotEmpty() |
There was a problem hiding this comment.
Suggestion:
The @IsNotEmpty() decorator should not be used with optional properties like updatedBy. Consider removing @IsNotEmpty() to accurately reflect that this field can be empty or undefined.
| @@ -50,8 +50,8 @@ export class KafkaConsumerService | |||
| } | |||
|
|
|||
| async onApplicationBootstrap() { | |||
| await this.subscribeToTopics(); | |||
| await this.startConsumer(); | |||
| // await this.subscribeToTopics(); | |||
There was a problem hiding this comment.
The calls to subscribeToTopics() and startConsumer() have been commented out. If this is intentional for testing or debugging, consider adding a mechanism to ensure these methods are called in production to maintain the expected functionality of the Kafka consumer.
| break; | ||
| } | ||
| case 'llm_model': { | ||
| console.log(`[${type}][${subtype}][${file}] Processing file`); |
There was a problem hiding this comment.
The log statement uses the variable file, but file is not defined within the current scope. Ensure that file is defined or passed to the function if needed.
| console.log(`[${type}][${subtype}][${file}] Processing file`); | ||
| const idToLegacyIdMap = {}; | ||
| const processedData = jsonData[key].map((c) => { | ||
| const id = nanoid(14); |
There was a problem hiding this comment.
Consider using a more descriptive variable name than c for better readability and maintainability of the code.
| @@ -1509,6 +1666,9 @@ migrate() | |||
| }, | |||
| { key: 'uploadIdMap', value: uploadIdMap }, | |||
| { key: 'submissionIdMap', value: submissionIdMap }, | |||
| { key: 'llmProviderIdMap', value: llmProviderIdMap }, | |||
| { key: 'llmModelIdMap', value: llmModelIdMap }, | |||
| { key: 'aiWorkflowIdMap', value: aiWorkflowIdMap }, | |||
There was a problem hiding this comment.
There is an extra comma at the end of the object in line 1671. This may lead to syntax errors in environments that do not support trailing commas. Consider removing the trailing comma.
| description: 'The AI workflow has been successfully created.', | ||
| }) | ||
| @ApiResponse({ status: 403, description: 'Forbidden.' }) | ||
| async create(@Body() createAiWorkflowDto: CreateAiWorkflowDto) { |
There was a problem hiding this comment.
Consider adding error handling for the create method to manage potential exceptions that might occur during the creation process. This will help in providing more informative error responses to the client.
|
|
||
| async scorecardExists(scorecardId: string): Promise<boolean> { | ||
| const count = await this.prisma.scorecard.count({ | ||
| where: { id: scorecardId, status: ScorecardStatus.ACTIVE}, |
There was a problem hiding this comment.
Consider handling the case where ScorecardStatus.ACTIVE might not be defined or imported correctly. Ensure that ScorecardStatus is imported from the correct module and that it includes the ACTIVE status to prevent runtime errors.
src/dto/aiWorkflow.dto.ts
Outdated
| createdBy: string; | ||
|
|
||
| @ApiProperty({ required: false }) | ||
| updatedBy?: string; |
There was a problem hiding this comment.
The decorators @IsString() and @IsNotEmpty() have been removed from the updatedBy property. If updatedBy should always be a non-empty string when provided, consider keeping these decorators to enforce validation.
src/dto/aiWorkflow.dto.ts
Outdated
| updatedBy?: string; | ||
|
|
||
| @ApiProperty({ required: false }) | ||
| updatedAt?: Date; |
There was a problem hiding this comment.
please remove createdBy, updatedBy, createdAt, updatedAt from the DTO
There was a problem hiding this comment.
@hentrymartin yes, we won't need those over the API call.
src/dto/aiWorkflow.dto.ts
Outdated
| updatedBy?: string; | ||
|
|
||
| @ApiProperty({ required: false }) | ||
| updatedAt?: Date; |
There was a problem hiding this comment.
@hentrymartin yes, we won't need those over the API call.
|
@vas3a @kkartunov I've updated the PR based on the review comments. Can you please have another look on it? |
|
|
||
| return this.prisma.aiWorkflow.create({ | ||
| data: { | ||
| ...rest, |
There was a problem hiding this comment.
you shouldn't do ...rest in here. you should extract the data you need and then pass it to the db.
@kkartunov @jmgasper this is an issue with the current global config for the ValidationPipe. Currently it is configured with whitelist: false - which will not strip off any additional data sent to the API.
This is bad IMO. like in this example, if we don't make sure to manually strip off excess data, it could be passed to DB.
It can get even uglier if the user sends fields that are not validated through DTO but they exist in db (eg. createdBy shouldn't be accepted through API, and we shouldn't add it in DTO, BUT this means that this gets sent to DB without validation).
This could be fixed by either usingwhitelist: true, but might cause other errors if someone used whitelist: false intentionally (we might do it anyway, it's dev only atm and can fix it), OR use forbidNonWhitelisted: true which will throw error if you send additional data. This should be more obvious.
There was a problem hiding this comment.
@hentrymartin please update the code to not use ...rest but pick fields.
There was a problem hiding this comment.
@vas3a As the audit fields are not null fields, I am passing empty string for now to avoid type errors, once the Prisma middleware is done, then it should be removed.
prisma/migrations/20250909154525_updated_audit_fields/migration.sql
Outdated
Show resolved
Hide resolved
|
|
||
| return this.prisma.aiWorkflow.create({ | ||
| data: { | ||
| ...rest, |
There was a problem hiding this comment.
@hentrymartin please update the code to not use ...rest but pick fields.
|
@kkartunov I've updated the PR, please have a look into it again. |
What's in this PR?
Ticket link - https://topcoder.atlassian.net/browse/PM-1793