feat: add project and associations image management#39
Conversation
|
Warning Review limit reached
Next review available in: 48 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
WalkthroughThe addAssociation, editAssociation, addProject, and editProject TRPC procedures now accept FormData instead of JSON inputs. New Zod schemas validate form fields and optional logo image files. Provided logo files are uploaded via uploadBlob using a new getImageExtension helper, storing the resulting blob URL instead of a raw string. ChangesFormData-based logo uploads
Sequence Diagram(s)sequenceDiagram
participant Client
participant Router
participant FormSchema
participant BlobStorage
participant Database
Client->>Router: submit FormData (fields + optional logo)
Router->>FormSchema: validate and coerce fields
alt logo file provided
Router->>BlobStorage: uploadBlob(logo, getImageExtension)
BlobStorage-->>Router: uploaded logo URL
else no logo
Router->>Router: use null for logo
end
Router->>Database: insert or update record with logo URL/null
Compact metadata
Related issues: None specified Poem 🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 6
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/routers/web/associations.ts`:
- Around line 88-89: The blob upload mutations currently run through
publicProcedure and can call uploadBlob without auth, so switch these handlers
to an authenticated/admin-only procedure before any upload logic. Update the
relevant association mutation(s) in associations.ts that build uploadedLogo and
the other uploadBlob call so only authorized callers can reach Buffer.from(...),
getImageExtension(...), and uploadBlob.
- Around line 120-129: The edit flow in associations.ts currently clears the
existing logo when no new file is uploaded. Update the update path around the
uploadBlob handling and DB.update(ASSOCIATIONS).set(...) so logo is only changed
when a new file is provided, and otherwise left untouched; if intentional
removal is needed, add an explicit remove flag in the same update logic.
- Around line 29-34: The associationFormSchema currently allows empty strings
for name, descriptionIt, and descriptionEn because it uses z.string() directly.
Update associationFormSchema in associations.ts to trim these fields and enforce
non-empty content (for example by using nonempty/min length after trimming) so
blank association text cannot be submitted, while leaving logo optional as-is.
In `@src/routers/web/projects.ts`:
- Around line 55-56: The project mutation(s) in projects.ts are uploading blobs
from publicProcedure, so unauthenticated callers can reach uploadBlob and write
to Azure Blob storage. Move these upload paths behind an
authenticated/admin-only procedure before the uploadBlob call, and keep the
existing logo/image validation intact while ensuring only authorized users can
trigger the mutation.
- Around line 88-97: The edit flow in the project update logic is overwriting an
existing logo with null when no new file is uploaded. Update the PROJECTS update
path in the project router so the logo field is only changed when a new upload
is present, or add a dedicated removal flag to explicitly clear it; keep the
current logo unchanged for text-only edits. Use the existing uploadBlob handling
and the DB.update(PROJECTS) call as the place to gate the logo assignment.
- Around line 17-24: Project form validation still allows empty required text
fields and whitespace-only links; update projectFormSchema to trim title,
descriptionIt, and descriptionEn before validation so empty values are rejected,
and normalize link by trimming whitespace before converting an empty result to
null. Keep the change localized to the projectFormSchema in projects.ts and
preserve the existing logo and category handling.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 887f11a6-da90-4ae8-b39f-f63468db396c
📒 Files selected for processing (3)
src/routers/web/associations.tssrc/routers/web/projects.tssrc/utils/web.ts
Introduce functionality for uploading and validating logos in both project and association management