Remove admin guard in header

[iam-flo]

This pull request introduces several updates to enhance functionality, improve error handling, and streamline the user interface for bad practice detection in pull requests. The changes span across the backend, frontend, and email templates, focusing on adding new fields for better traceability, refining scheduling logic, and updating user-facing routes and templates.

Backend Enhancements:

• Improved Error Logging:

  • Updated error logging in checkUserRoleAndScheduleDetectionAtTime to use e.toString() for more detailed exception information. (BadPracticeDetectorScheduler.java, server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/BadPracticeDetectorScheduler.javaL130-R130)

• Enhanced Scheduling Logic:

  • Refactored scheduleDetectionAtTime to prevent concurrent task cancellations by introducing a temporary list for tasks to remove. (BadPracticeDetectorScheduler.java, server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/BadPracticeDetectorScheduler.javaR151-R160)

• Extended DetectorRequest Model:

  • Added repositoryName and pullRequestNumber fields to DetectorRequest for better traceability in bad practice detection. (PullRequestBadPracticeDetector.java, [1]; DetectorRequest.java, [2] [3] [4] [5] [6]
  • Updated OpenAPI schema to reflect these new fields. (openapi.yaml, server/intelligence-service/openapi.yamlR50-R64)

• Python Service Updates:

  • Adjusted detect_bad_practices function to accept and utilize repository_name and pull_request_number for tagging and tracking. (bad_practice_detector.py, [1] [2]
  • Updated DetectorRequest in Python to include these fields. (detector.py, [1] [2]

Frontend and UI Updates:

• Route Adjustments:

  • Introduced new routes for "Best Practices" to replace and extend existing "Activity" routes. (app.routes.ts, webapp/src/app/app.routes.tsL50-R51)

• Header and Dashboard Updates:

  • Updated the header to include a "Best Practices" link accessible to all signed-in users. (header.component.html, webapp/src/app/core/header/header.component.htmlL10-R14)
  • Refined ActivityDashboardComponent to ensure userLogin defaults to the current user if no id is provided in the route. (activity-dashboard.component.ts, webapp/src/app/home/activity/activity-dashboard.component.tsL30-R38)

• Bug Fix:

  • Added a null check for collapsibleTrigger in PullRequestBadPracticeCardComponent to prevent runtime errors. (pull-request-bad-practice-card.component.ts, webapp/src/app/user/pull-request-bad-practice-card/pull-request-bad-practice-card.component.tsL108-R108)

Email Template Update:

• Simplified Links:
  • Updated email templates to use a generic "Best Practices" link instead of user-specific URLs for reviewing and resolving bad practices. (bad-practices-detected.html, server/application-server/src/main/resources/mail-templates/bad-practices-detected.htmlL12-R15)

[coderabbitai]

"""

Walkthrough

The changes involve updates to both backend and frontend components. On the backend, error logging was enhanced to include full exception details, and scheduled tasks are now safely removed after iteration to prevent concurrent modification errors. An info-level logging statement was added before cancelling scheduled tasks for pull requests. The DetectorRequest model and related detection logic were extended to include repository name and pull request number, which are now propagated through the detection service and reflected in the OpenAPI schema. On the frontend, the header component's conditional rendering was refactored: the "Workspace" link remains visible only to signed-in admins, while the "Activity" link was replaced by a "Best practices" link shown to all signed-in users along with the "Teams" link. Routing was updated to support new best-practices paths. Additionally, a null check was added in the pull request bad practice card component to avoid runtime errors when accessing the collapsible trigger's state.

Changes

File(s)	Change Summary
server/application-server/src/main/java/.../BadPracticeDetectorScheduler.java	Enhanced error logging to use full exception string; avoided concurrent modification by removing scheduled tasks after iteration; added info-level logging before cancelling scheduled tasks.
server/application-server/src/main/java/.../PullRequestBadPracticeDetector.java	Added repositoryName and pullRequestNumber fields to DetectorRequest in detection method.
server/application-server/src/main/resources/mail-templates/bad-practices-detected.html	Updated URLs in email template to point to /best-practices page instead of user-specific activity page; updated link text accordingly.
server/application-server/src/main/java/.../intelligenceservice/model/DetectorRequest.java	Added repositoryName and pullRequestNumber properties with getters, setters, equals, hashCode, and toString updates.
server/intelligence-service/app/detector/bad_practice_detector.py	Updated detect_bad_practices function signature to include repository_name and pull_request_number; added these as tags in trace context.
server/intelligence-service/app/routers/detector.py	Extended DetectorRequest model with repository_name and pull_request_number; passed these to detection function.
server/intelligence-service/openapi.yaml	Added repository_name and pull_request_number as required properties in DetectorRequest schema.
webapp/src/app/core/header/header.component.html	Refactored conditional rendering: "Workspace" link for signed-in admins only; replaced "Activity" with "Best practices" link for all signed-in users; "Teams" link also for all signed-in users.
webapp/src/app/user/pull-request-bad-practice-card/pull-request-bad-practice-card.component.ts	Added null/undefined check for collapsibleTrigger before accessing its state to prevent runtime errors.
webapp/src/app/app.routes.ts	Replaced 'user/:id/activity' route with 'user/:id/best-practices' and 'best-practices' routes using same component and auth guard.
webapp/src/app/home/activity/activity-dashboard.component.ts	Changed type of userLogin from `string

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant HeaderComponent

    User->>HeaderComponent: Loads header
    HeaderComponent->>HeaderComponent: Check if user is signed in
    alt User is signed in
        HeaderComponent->>HeaderComponent: Render "Best practices" and "Teams" links
        HeaderComponent->>HeaderComponent: Check if user is admin
        alt User is admin
            HeaderComponent->>HeaderComponent: Render "Workspace" link
        end
    end

Loading

Possibly related PRs

• update mails and automatic detection #303 #309: Extensive modifications to the bad practice detection scheduling logic and role checks in BadPracticeDetectorScheduler, related to task cancellation and scheduling.
• Final fixed for detection release #326: Refactoring and enhancement of scheduling logic in BadPracticeDetectorScheduler to improve task tracking, cancellation, and cleanup.

Suggested labels

lgtm

Suggested reviewers

• FelixTJDietrich
• GODrums

Poem

A gentle hop on backend grass,
Where logs now tell us as tasks pass.
The header blooms with links anew,
"Best practices" and "Teams" for every crew!
Only admins find the "Workspace" door—
Rabbits cheer, and users explore!
🐇✨
"""

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d184ae6 and 243e715.

📒 Files selected for processing (1)

• server/intelligence-service/app/detector/bad_practice_detector.py (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• server/intelligence-service/app/detector/bad_practice_detector.py

⏰ Context from checks skipped due to timeout of 90000ms (11)

• GitHub Check: Webhook Ingest / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/webhook-ingest
• GitHub Check: Webhook Ingest / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/webhook-ingest
• GitHub Check: Intelligence Service / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/intelligence-service
• GitHub Check: Webapp / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/webapp
• GitHub Check: Intelligence Service / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/intelligence-service
• GitHub Check: Webapp / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/webapp
• GitHub Check: Application Server / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Application Server / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Run Chromatic
• GitHub Check: Verify API Specs and Client of the Intelligence Service (add autocommit-openapi label to PR to au...
• GitHub Check: Code Quality Checks

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[Copilot]

Pull Request Overview

This PR refines the header conditional rendering to display admin-specific links only when appropriate and enhances task cancellation traceability in the backend.

• Frontend: Separates the admin check from the signed-in condition to ensure that only admin users see the “Workspace” link while general users now have access to “Activity” and “Teams.”
• Backend: Adds an informative log entry before a task cancellation to improve debugging and traceability.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
webapp/src/app/core/header/header.component.html	Refactored conditional rendering for admin-specific and general user links
server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/BadPracticeDetectorScheduler.java	Added logging for task cancellation events

Comments suppressed due to low confidence (1)

server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/BadPracticeDetectorScheduler.java:153

• The new log statement improves traceability; please ensure its format and log level align with the project's established logging conventions.

logger.info("Cancelling previous task for pull request: {}", pullRequest.getId());

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

webapp/src/app/core/header/header.component.html (1)

10-13: Conditional rendering logic looks correct
The new @if (signedIn()) wrapper with a nested @if (user()?.roles?.includes('admin')) for “Workspace” cleanly separates admin-only content from links shown to all signed-in users. This aligns perfectly with the PR objectives.

Consider adding unit or integration tests (e.g., via TestBed) to cover header link visibility in three scenarios: signed-out, signed-in non-admin, and signed-in admin.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6d5cf8a and 49031c8.

📒 Files selected for processing (2)

• server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/BadPracticeDetectorScheduler.java (1 hunks)
• webapp/src/app/core/header/header.component.html (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (10)

• GitHub Check: Verify API Specs and Client of the Application Server (add autocommit-openapi label to PR to auto...
• GitHub Check: Verify API Specs and Client of the Intelligence Service (add autocommit-openapi label to PR to au...
• GitHub Check: Webhook Ingest / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/webhook-ingest
• GitHub Check: Webhook Ingest / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/webhook-ingest
• GitHub Check: Intelligence Service / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/intelligence-service
• GitHub Check: Webapp / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/webapp
• GitHub Check: Webapp / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/webapp
• GitHub Check: Application Server / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Application Server / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Verify API Specs and Client of the Intelligence Service (add autocommit-openapi label to PR to au...

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

webapp/src/app/user/pull-request-bad-practice-card/pull-request-bad-practice-card.component.ts (1)

108-108: Good defensive programming!

This null check is a valuable addition that prevents potential runtime errors when accessing collapsibleTrigger.state(). It ensures the component behaves correctly when the ViewChild reference might not be available.

Consider using optional chaining for a more concise implementation:

- if (this.collapsibleTrigger != undefined && this.collapsibleTrigger.state() === 'closed') {
+ if (this.collapsibleTrigger?.state() === 'closed') {

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 49031c8 and 84d7f54.

📒 Files selected for processing (1)

• webapp/src/app/user/pull-request-bad-practice-card/pull-request-bad-practice-card.component.ts (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (13)

• GitHub Check: Verify API Specs and Client of the Application Server (add autocommit-openapi label to PR to auto...
• GitHub Check: Verify API Specs and Client of the Intelligence Service (add autocommit-openapi label to PR to au...
• GitHub Check: Intelligence Service / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/intelligence-service
• GitHub Check: Webhook Ingest / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/webhook-ingest
• GitHub Check: Intelligence Service / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/intelligence-service
• GitHub Check: Webhook Ingest / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/webhook-ingest
• GitHub Check: Application Server / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Application Server / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Webapp / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/webapp
• GitHub Check: Webapp / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/webapp
• GitHub Check: Verify API Specs and Client of the Intelligence Service (add autocommit-openapi label to PR to au...
• GitHub Check: Run Chromatic
• GitHub Check: Verify API Specs and Client of the Application Server (add autocommit-openapi label to PR to auto...

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

server/intelligence-service/app/detector/bad_practice_detector.py (1)

81-83: Consider using structured trace attributes instead of string tags

While the implementation works, consider using structured trace attributes instead of converting the pull request number to a string in a tag list. This would provide more semantic meaning and better querying capabilities in the tracing system.

-langfuse_context.update_current_trace(
-    tags=[repository_name, str(pull_request_number)]
-)
+langfuse_context.update_current_trace(
+    tags=[repository_name], 
+    metadata={"pull_request_number": pull_request_number}
+)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 30045ad and d184ae6.

📒 Files selected for processing (9)

• server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/PullRequestBadPracticeDetector.java (1 hunks)
• server/application-server/src/main/java/de/tum/in/www1/hephaestus/intelligenceservice/model/DetectorRequest.java (5 hunks)
• server/application-server/src/main/resources/mail-templates/bad-practices-detected.html (1 hunks)
• server/intelligence-service/app/detector/bad_practice_detector.py (2 hunks)
• server/intelligence-service/app/routers/detector.py (2 hunks)
• server/intelligence-service/openapi.yaml (1 hunks)
• webapp/src/app/app.routes.ts (1 hunks)
• webapp/src/app/core/header/header.component.html (1 hunks)
• webapp/src/app/home/activity/activity-dashboard.component.ts (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• server/application-server/src/main/resources/mail-templates/bad-practices-detected.html

🚧 Files skipped from review as they are similar to previous changes (1)

• webapp/src/app/core/header/header.component.html

🧰 Additional context used

🪛 GitHub Actions: Intelligence Service QA

server/intelligence-service/app/detector/bad_practice_detector.py

[error] 1-1: Black formatting check failed. File would be reformatted. Run 'black' to fix code style issues.

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Webapp / Create and Push Multi-Arch Manifest
• GitHub Check: Application Server / Build linux/amd64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Application Server / Build linux/arm64 Docker Image for ghcr.io/ls1intum/hephaestus/application-server
• GitHub Check: Mend Security Check

🔇 Additional comments (12)

webapp/src/app/app.routes.ts (1)

50-51: LGTM! Routes properly configured for wider accessibility.

The new routes for best practices are correctly configured to be accessible by all authenticated users (via AuthGuard) rather than just admins. Both the user-specific and general routes use the same component which is consistent with the PR objective of improving conditional rendering.

webapp/src/app/home/activity/activity-dashboard.component.ts (1)

30-30: LGTM! Improved parameter handling for flexible routing.

The changes enhance the component's flexibility:

1. The type change from string | null to string | undefined is more appropriate
2. The fallback logic properly handles both user-specific and general routes

This implementation supports the route changes in app.routes.ts, allowing the component to work whether accessed via a user-specific path or the general best practices path.

Also applies to: 38-38

server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/PullRequestBadPracticeDetector.java (1)

66-67: Changes properly propagate repository context information

These new fields will provide valuable context to the detector service, allowing for better tracing and debugging capabilities with repository-specific information.

server/intelligence-service/openapi.yaml (1)

50-55: API specification properly updated with new fields

The OpenAPI schema is correctly updated with the new required fields, maintaining consistency with the backend changes.

server/intelligence-service/app/routers/detector.py (2)

15-16: Data model correctly updated with new fields

The DetectorRequest model has been properly extended with the new fields that match the OpenAPI specification.

---

37-38: New parameters are properly passed to the detector function

The changes correctly propagate the new fields from the request to the detector function.

server/application-server/src/main/java/de/tum/in/www1/hephaestus/intelligenceservice/model/DetectorRequest.java (6)

39-41: Good addition of new fields to JsonPropertyOrder annotation

The new properties PULL_REQUEST_NUMBER and REPOSITORY_NAME are properly added to the JsonPropertyOrder annotation, ensuring they'll be serialized in the correct order.

---

57-62: New property constants and fields properly defined

The JSON property constants and corresponding fields for pullRequestNumber and repositoryName follow the established pattern in the class. The type choices (Integer for PR number and String for repository name) are appropriate for their purposes.

---

177-226: Well-implemented accessors for new fields

The fluent setters, getters, and standard setters for both new fields follow the same pattern as existing methods in the class. All necessary annotations (@JsonProperty, @JsonInclude, @jakarta.annotation.Nonnull) are correctly applied, maintaining consistency with the rest of the codebase.

---

265-267: Properly updated equals method

The equals method has been correctly updated to include comparisons for the new fields, maintaining proper object equality semantics.

---

272-272: Correctly updated hashCode method

The hashCode method properly includes the new fields, ensuring consistent hashing behavior that aligns with the updated equals method.

---

283-285: toString method properly updated

The toString implementation now includes the new fields, which helps with debugging and logging by providing a complete string representation of the object.

[Copilot]

Pull Request Overview

This pull request removes the admin-only restriction on header links and updates both backend and frontend components to support improved bad practice detection through extended traceability fields and refined scheduling logic. Key changes include updating error logging and scheduling in the backend, modifying frontend routes and header links, and extending the DetectorRequest model with new repository tracking fields.

Reviewed Changes

Copilot reviewed 10 out of 11 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
webapp/src/app/user/pull-request-bad-practice-card/pull-request-bad-practice-card.component.ts	Added a null check for collapsibleTrigger to prevent runtime errors
webapp/src/app/home/activity/activity-dashboard.component.ts	Updated userLogin assignment to default to the current user if not provided
webapp/src/app/core/header/header.component.html	Revised header to remove the admin guard and include a “Best practices” link
webapp/src/app/app.routes.ts	Updated routes to use best practices paths instead of activity paths
server/intelligence-service/app/routers/detector.py	Added repository_name and pull_request_number fields to the DetectorRequest model
server/intelligence-service/app/detector/bad_practice_detector.py	Updated the detection function to include repository tracking in trace tags
server/application-server/src/main/resources/mail-templates/bad-practices-detected.html	Simplified the email template’s review link to a generic best practices dashboard link
server/application-server/src/main/java/de/tum/in/www1/hephaestus/intelligenceservice/model/DetectorRequest.java	Extended the DetectorRequest model with new non-nullable repository fields
server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/PullRequestBadPracticeDetector.java	Populated new repository fields from the pull request object
server/application-server/src/main/java/de/tum/in/www1/hephaestus/activity/badpracticedetector/BadPracticeDetectorScheduler.java	Enhanced error logging and task cancellation logic to improve scheduling

Files not reviewed (1)

• server/intelligence-service/openapi.yaml: Language not supported