refactor: impersonation API contracts to use userId instead of username

[Suvidh-kaushik]

Date: 2/07/2025

Developer Name: Suvidh Kaushik

---

Issue Ticket Number

• Closes doc: add an API contract for get impersonation requests feature #239

Description

• This PR changes the API contract required due to changes from PR
• It modifies the fields userId and impersonatedUserId to createdBy and createdFor
• It also modifies the GET route to fetch the requests using the latest userId based createdBy and createdFor instead of the original username based filtering

Documentation Updated?

• Yes
• No

Under Feature Flag

• Yes
• No

Database Changes

• Yes
• No

Breaking Changes

• Yes
• No

Development Tested?

• Yes
• No

Screenshots

Screenshot 1

Test Coverage

Screenshot 1

Additional Notes

Description by Korbit AI

What change is being made?

Refactor impersonation API contracts to use userId instead of username, and update parameters and response fields accordingly.

Why are these changes being made?

This change is intended to align the API's data handling with more secure practices by using userId for identification, enhancing consistency and reducing ambiguity in user identification throughout the codebase. It reflects a shift away from using usernames, which can be less reliable and more privacy-invasive as identifiers.

Is this description stale? Ask me to generate a new description by commenting /korbit-generate-pr-description

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Summary by CodeRabbit

• Documentation
  • Updated API documentation to remove the createdBy and createdFor fields from impersonation request responses.
  • Clarified that filtering by createdBy and createdFor now requires user IDs instead of usernames.
  • Revised response field summaries to reflect these changes.

Walkthrough

The documentation for the impersonation API was updated to remove the createdBy and createdFor fields from request and response schemas, and to clarify that filter parameters now use user IDs instead of usernames. No changes were made to the API contract, error handling, or control flow.

Changes

File(s)	Change Summary
impersonation/README.md	Removed createdBy and createdFor fields from request/response schemas; clarified filter usage.

Assessment against linked issues

Objective	Addressed	Explanation
Create/update API contract for GET /impersonation/requests, reflecting correct fields and filters (#239)	✅

Possibly related PRs

• feat/ add API contract for get impersonation requests #240: Adds the initial API contract for the impersonation requests endpoint, closely related as both PRs modify the impersonation API documentation.
• feat/ add API contract for get Impersonation request by id #243: Updates impersonation API documentation, including GET /impersonation/requests/:id, related through changes to the same API docs.

Suggested reviewers

• prakashchoudhary07

Poem

A hop and a skip, the docs are now neat,
Fields removed, filters clear, the contract’s complete!
No more confusion, just user IDs in sight,
The bunnies rejoice—API docs done right!
🐇✨

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[korbit-ai]

I've completed my review and didn't find any issues... but I did find this shark.

                (`.
                 \ `.
                  )  `._..---._
\`.       __...---`         o  )
 \ `._,--'           ,    ___,'
  ) ,-._          \  )   _,-'
 /,'    ``--.._____\/--''

Check out our docs on how you can make Korbit work best for you and your team.

Loving Korbit!? Share us on LinkedIn Reddit and X

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

impersonation/README.md (1)

197-197: Space still missing after “endedAt,”
The comma between endedAt and reason is still not followed by a space.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 238380b and 5369e22.

📒 Files selected for processing (1)

• impersonation/README.md (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#242
File: impersonation/README.md:119-122
Timestamp: 2025-06-23T17:43:25.779Z
Learning: In the impersonation API documentation, the `dev` flag description in the POST method is incorrect and will be fixed in a separate GET PR. The PATCH method's `dev` flag behavior should follow the pattern of other update contracts in the project.

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#240
File: impersonation/README.md:181-190
Timestamp: 2025-06-22T16:28:01.053Z
Learning: In the impersonation API, a 204 No Content response is returned when filter criteria don't match any impersonation requests, rather than returning an empty array with 200 status.

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#240
File: impersonation/README.md:137-180
Timestamp: 2025-06-22T16:26:40.204Z
Learning: The impersonation API uses cursor-based pagination by default with `next` and `prev` fields, not page-based pagination with `nextPage`.

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#240
File: impersonation/README.md:117-127
Timestamp: 2025-06-22T16:30:06.385Z
Learning: In the GET /impersonation/requests API endpoint, the `dev` query parameter is required. Without this parameter, the API returns a 404 not found error, so it's not just for enabling a developer view but is necessary for the endpoint to work at all.

impersonation/README.md (4)

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#242
File: impersonation/README.md:119-122
Timestamp: 2025-06-23T17:43:25.779Z
Learning: In the impersonation API documentation, the `dev` flag description in the POST method is incorrect and will be fixed in a separate GET PR. The PATCH method's `dev` flag behavior should follow the pattern of other update contracts in the project.

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#240
File: impersonation/README.md:181-190
Timestamp: 2025-06-22T16:28:01.053Z
Learning: In the impersonation API, a 204 No Content response is returned when filter criteria don't match any impersonation requests, rather than returning an empty array with 200 status.

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#240
File: impersonation/README.md:137-180
Timestamp: 2025-06-22T16:26:40.204Z
Learning: The impersonation API uses cursor-based pagination by default with `next` and `prev` fields, not page-based pagination with `nextPage`.

Learnt from: Suvidh-kaushik
PR: Real-Dev-Squad/website-api-contracts#240
File: impersonation/README.md:117-127
Timestamp: 2025-06-22T16:30:06.385Z
Learning: In the GET /impersonation/requests API endpoint, the `dev` query parameter is required. Without this parameter, the API returns a 404 not found error, so it's not just for enabling a developer view but is necessary for the endpoint to work at all.

🪛 LanguageTool

impersonation/README.md

[uncategorized] ~121-~121: Loose punctuation mark.
Context: ... per page. Default is 5. - createdBy: Optional string to filter requests by u...

(UNLIKELY_OPENING_PUNCTUATION)

---

[uncategorized] ~121-~121: “of” seems less likely than “or” (‘either … or’).
Context: ...nal string to filter requests by userId of super-user who created the request. -...

(AI_HYDRA_LEO_CP_OF_OR)

---

[uncategorized] ~121-~121: You might be missing the article “the” here.
Context: ... string to filter requests by userId of super-user who created the request. - `crea...

(AI_EN_LECTOR_MISSING_DETERMINER_THE)

---

[uncategorized] ~122-~122: Loose punctuation mark.
Context: ...ho created the request. - createdFor: Optional string to filter requests by u...

(UNLIKELY_OPENING_PUNCTUATION)