chore: migrate users.getStatus endpoint to new OpenAPI pattern with AJV validation#39484
Open
Yashika-code wants to merge 6 commits intoRocketChat:developfrom
Open
Conversation
Contributor
|
Looks like this PR is not ready to merge, because of the following issues:
Please fix the issues and try again If you have any trouble, please check the PR guidelines |
🦋 Changeset detectedLatest commit: dd0e51f The changes in this PR will be included in the next version bump. This PR includes changesets to release 41 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
WalkthroughMigrates Changes
Sequence Diagram(s)sequenceDiagram
participant Client
actor AuthService
participant API_Server as API.v1.get('users.getStatus')
participant Database as UsersDB
Client->>API_Server: GET users.getStatus (auth token, params)
API_Server->>AuthService: validate token
AuthService-->>API_Server: auth OK / unauthorized
alt authorized
API_Server->>Database: fetch target user (or use requesting user)
Database-->>API_Server: user record (status, connectionStatus, message, _id)
API_Server-->>Client: 200 { success, _id?, status, connectionStatus?, message? }
else unauthorized
API_Server-->>Client: 401 { error }
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Suggested labels
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@apps/meteor/app/api/server/v1/users.ts`:
- Line 22: The file imports validateForbiddenErrorResponse but still calls
validateBadRequestErrorResponse at runtime causing an undefined symbol; either
replace the call to validateBadRequestErrorResponse with
validateForbiddenErrorResponse where appropriate (e.g., at the call site around
the code that currently references validateBadRequestErrorResponse) or
re-add/import validateBadRequestErrorResponse if that validator is the intended
one, and remove the unused validateForbiddenErrorResponse import if you choose
to keep validateBadRequestErrorResponse; ensure the validator name in the import
list and the validator used in the function/body match
(validateForbiddenErrorResponse vs validateBadRequestErrorResponse).
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 108ce93e-1353-4994-ac45-a98a08dc8339
📒 Files selected for processing (3)
.changeset/migrate-users-getStatus-openapi.mdapps/meteor/app/api/server/v1/users.tspackages/rest-typings/src/v1/users.ts
💤 Files with no reviewable changes (1)
- packages/rest-typings/src/v1/users.ts
📜 Review details
🧰 Additional context used
📓 Path-based instructions (1)
**/*.{ts,tsx,js}
📄 CodeRabbit inference engine (.cursor/rules/playwright.mdc)
**/*.{ts,tsx,js}: Write concise, technical TypeScript/JavaScript with accurate typing in Playwright tests
Avoid code comments in the implementation
Files:
apps/meteor/app/api/server/v1/users.ts
🧠 Learnings (9)
📓 Common learnings
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:09.561Z
Learning: In RocketChat/Rocket.Chat OpenAPI migration PRs for apps/meteor/app/api/server/v1 endpoints, maintainers prefer to avoid any logic changes; style-only cleanups (like removing inline comments) may be deferred to follow-ups to keep scope tight.
📚 Learning: 2026-02-24T19:09:09.561Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:09.561Z
Learning: In RocketChat/Rocket.Chat OpenAPI migration PRs for apps/meteor/app/api/server/v1 endpoints, maintainers prefer to avoid any logic changes; style-only cleanups (like removing inline comments) may be deferred to follow-ups to keep scope tight.
Applied to files:
.changeset/migrate-users-getStatus-openapi.md
📚 Learning: 2026-03-03T11:11:48.541Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 39230
File: apps/meteor/app/api/server/v1/chat.ts:214-222
Timestamp: 2026-03-03T11:11:48.541Z
Learning: In apps/meteor/server/lib/moderation/reportMessage.ts, the reportMessage function validates that description is not empty or whitespace-only with `if (!description.trim())`. When migrating the chat.reportMessage endpoint to OpenAPI, adding minLength validation to the schema preserves this existing behavior.
Applied to files:
.changeset/migrate-users-getStatus-openapi.md
📚 Learning: 2026-02-25T20:10:16.987Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38913
File: packages/ddp-client/src/legacy/types/SDKLegacy.ts:34-34
Timestamp: 2026-02-25T20:10:16.987Z
Learning: In the RocketChat/Rocket.Chat monorepo, packages/ddp-client and apps/meteor do not use TypeScript project references. Module augmentations in apps/meteor (e.g., declare module 'rocket.chat/rest-typings') are not visible when compiling packages/ddp-client in isolation, which is why legacy SDK methods that depend on OperationResult types for OpenAPI-migrated endpoints must remain commented out.
Applied to files:
.changeset/migrate-users-getStatus-openapi.md
📚 Learning: 2026-03-09T18:39:14.020Z
Learnt from: Harxhit
Repo: RocketChat/Rocket.Chat PR: 39476
File: apps/meteor/server/methods/addAllUserToRoom.ts:0-0
Timestamp: 2026-03-09T18:39:14.020Z
Learning: In apps/meteor/server/methods/addAllUserToRoom.ts, the implementation uses a single cursor pass (Users.find(userFilter).batchSize(100)) that collects both the full user objects (collectedUsers: IUser[]) and their usernames (usernames: string[]) in one iteration. `beforeAddUserToRoom` is then called once with the full usernames batch (preserving batch-validation semantics), and the subsequent subscription/message processing loop iterates over the same stable `collectedUsers` array — no second DB query is made. This avoids any race condition between validation and processing while preserving the original batch-validation behavior.
Applied to files:
apps/meteor/app/api/server/v1/users.ts
📚 Learning: 2026-02-24T19:09:01.522Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:01.522Z
Learning: In Rocket.Chat OpenAPI migration PRs for endpoints under apps/meteor/app/api/server/v1, avoid introducing logic changes. Only perform scope-tight changes that preserve behavior; style-only cleanups (e.g., removing inline comments) may be deferred to follow-ups to keep the migration PR focused.
Applied to files:
apps/meteor/app/api/server/v1/users.ts
📚 Learning: 2026-02-23T17:53:06.802Z
Learnt from: ggazzo
Repo: RocketChat/Rocket.Chat PR: 35995
File: apps/meteor/app/api/server/v1/rooms.ts:1107-1112
Timestamp: 2026-02-23T17:53:06.802Z
Learning: During PR reviews that touch endpoint files under apps/meteor/app/api/server/v1, enforce strict scope: if a PR targets a specific endpoint (e.g., rooms.favorite), do not propose changes to unrelated endpoints (e.g., rooms.invite) unless maintainers explicitly request them. Focus feedback on the touched endpoint's behavior, API surface, and related tests; avoid broad cross-endpoint changes in the same PR unless requested.
Applied to files:
apps/meteor/app/api/server/v1/users.ts
📚 Learning: 2026-02-26T19:25:44.063Z
Learnt from: gabriellsh
Repo: RocketChat/Rocket.Chat PR: 38778
File: packages/ui-voip/src/providers/useMediaSession.ts:192-192
Timestamp: 2026-02-26T19:25:44.063Z
Learning: In the Rocket.Chat repository, do not reference Biome lint rules in code review feedback. Biome is not used even if biome.json exists; only reference Biome rules if there is explicit, project-wide usage documented. For TypeScript files, review lint implications without Biome guidance unless the project enables Biome rules.
Applied to files:
apps/meteor/app/api/server/v1/users.ts
📚 Learning: 2026-02-26T19:25:44.063Z
Learnt from: gabriellsh
Repo: RocketChat/Rocket.Chat PR: 38778
File: packages/ui-voip/src/providers/useMediaSession.ts:192-192
Timestamp: 2026-02-26T19:25:44.063Z
Learning: In this repository (RocketChat/Rocket.Chat), Biome lint rules are not used even if a biome.json exists. When reviewing TypeScript files (e.g., packages/ui-voip/src/providers/useMediaSession.ts), ensure lint suggestions do not reference Biome-specific rules. Rely on general ESLint/TypeScript lint rules and project conventions instead.
Applied to files:
apps/meteor/app/api/server/v1/users.ts
🔇 Additional comments (2)
apps/meteor/app/api/server/v1/users.ts (1)
882-922: LGTM - Route migration follows the expected pattern.The new chained
.get()pattern is correctly implemented with:
authRequired: truefor authentication- Proper 401/200 response schemas
- Handler logic that correctly differentiates between self-status requests (includes
connectionStatus) and other-user requestsOne minor observation: On line 907,
Users.findOneById(this.userId)could theoretically returnnull, but since the request is authenticated, this is extremely unlikely. The optional chaining at lines 909-911 handles this gracefully..changeset/migrate-users-getStatus-openapi.md (1)
1-6: LGTM - Changeset correctly documents the migration.The changeset accurately describes the endpoint migration and appropriately uses patch version bumps for both affected packages.
ahmed-n-abdeltwab
suggested changes
Mar 10, 2026
Comment on lines
+888
to
+892
| 200: ajv.compile<{ | ||
| _id?: string; | ||
| status: 'online' | 'offline' | 'away' | 'busy'; | ||
| connectionStatus?: 'online' | 'offline' | 'away' | 'busy'; | ||
| }>({ |
Contributor
There was a problem hiding this comment.
where's the message props?
Contributor
Author
There was a problem hiding this comment.
Thanks for pointing that out! I've added the message property to the response schema as an optional field to match the existing API response.
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
1 issue found across 1 file (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="apps/meteor/app/api/server/v1/users.ts">
<violation number="1" location="apps/meteor/app/api/server/v1/users.ts:914">
P2: Potential AJV validation failure: `message` can be null/undefined but schema requires string type. When `statusText` is undefined or null, the response object will have `message: undefined` or `message: null`, which fails AJV's `type: 'string'` validation. This should normalize nullish values by conditionally including `message` only when it has a valid string value.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Proposed changes
Migrates the
users.getStatusREST API endpoint from the legacyAPI.v1.addRoutepattern to the new chainedAPI.v1.get()pattern with AJV response schema validation and OpenAPI documentation support.Closes #34983
Endpoints migrated
users.getStatusaddRoute.get().get()chainedArchitectural changes
API.v1.addRoute('users.getStatus', ...)with the new chained.get('users.getStatus', ...)methodstatus,_id, andconnectionStatusfields401: validateUnauthorizedErrorResponsefor unauthorized access handlingExtractRoutesFromAPI+declare modulefor automatic type inference/v1/users.getStatustyping fromrest-typings(now inferred via module augmentation)Files changed
apps/meteor/app/api/server/v1/users.ts— Main migrationpackages/rest-typings/src/v1/users.ts— Removed old manual typingRelated project
This continues the REST API migration effort described in the GSoC 2026 project: Replace old REST API definitions over the new API.
cc @diego-sampaio @ggazzo
This PR is part of the ongoing REST API migration effort tracked in RocketChat/Rocket.Chat-Open-API#150
Summary by CodeRabbit
Refactor
Documentation
Chores