[SILO-449] fix: add missing methods in external APIs

[Saurabhkmr98]

Description

• fix: add missing methods in external APIs
• fix: add missing fields in Project Serializer

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• Feature (non-breaking change which adds functionality)
• Improvement (change that would cause existing functionality to not work as expected)
• Code refactoring
• Performance improvements
• Documentation update

Summary by CodeRabbit

• New Features
  • Project creation now accepts logo properties, external source, external ID, and an option to enable issue types.
  • Issue attachments support partial updates via PATCH.
• Chores
  • Member listing endpoint now requires a UUID project_id in the URL (was string). Update client requests accordingly.

[coderabbitai]

Walkthrough

Adds four fields to ProjectCreateSerializer, enables PATCH on issue attachment detail endpoint, and switches project_id path converter to UUID in the project members URL.

Changes

Cohort / File(s)	Summary
Serializer: project create fields apps/api/plane/api/serializers/project.py	Added Meta.fields: logo_props, external_source, external_id, is_issue_type_enabled (after timezone). No new validation or logic.
Routing: issue attachment methods apps/api/plane/api/urls/issue.py	Allowed methods expanded on IssueAttachmentDetailAPIEndpoint to include PATCH (was GET, DELETE).
Routing: members URL UUID apps/api/plane/api/urls/member.py	Changed project_id path converter from str:project_id to uuid:project_id for project members endpoint.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Client
  participant API as API Router
  participant View as IssueAttachmentDetailAPIEndpoint
  participant Store as Storage/DB

  Client->>API: PATCH /issues/{issue_id}/attachments/{id}
  API->>View: Dispatch PATCH
  alt Validation passes
    View->>Store: Update attachment fields
    Store-->>View: Updated record
    View-->>Client: 200 OK + updated payload
  else Validation fails
    View-->>Client: 400/422 Error
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• [SILO-303] Add external id and external source in project model #7182 — Adds external_source and external_id to Project model and migrations; aligns with serializer field additions.

Suggested labels

⚙️backend, requires approval

Suggested reviewers

• dheeru0198

Poem

A nibble of fields, a hop to PATCH,
UUID trails where members match.
I thump the ground—routes aligned,
Serializer carrots neatly lined.
With gentle paws I merge and cheer,
Bugs be gone, the path is clear! 🥕🐇

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 6f0fd89 and 8de7e7b.

📒 Files selected for processing (1)

• apps/api/plane/api/urls/member.py (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/api/plane/api/urls/member.py

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Analyze (javascript)
• GitHub Check: Analyze (python)

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-add_missing_fields

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[makeplane]

Pull Request Linked with Plane Work Items

• [SILO-449] fix: add missing methods in external APIs

Comment Automatically Generated by Plane

Let's add missing post method

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

apps/api/plane/api/serializers/project.py (1)

48-52: Project model fields verified

All four newly added fields on ProjectCreateSerializer exist on the Project model and are writable:

• logo_props (models.JSONField(default=dict))
• external_source (models.CharField(max_length=255, null=True, blank=True))
• external_id (models.CharField(max_length=255, blank=True, null=True))
• is_issue_type_enabled (models.BooleanField(default=False))

Optional enhancements:

• In ProjectSerializer.validate(), add a minimal check that logo_props is a JSON-compatible type (dict/list) to catch malformed payloads early.
• If you have a fixed list of integration names, consider using a ChoiceField or manual check for external_source.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between cd61e8d and 4a5310b.

📒 Files selected for processing (3)

• apps/api/plane/api/serializers/project.py (1 hunks)
• apps/api/plane/api/urls/issue.py (1 hunks)
• apps/api/plane/api/urls/member.py (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: NarayanBavisetti
PR: makeplane/plane#7460
File: apps/api/plane/app/serializers/draft.py:112-122
Timestamp: 2025-07-23T18:18:06.875Z
Learning: In the Plane codebase serializers, workspace_id is not consistently passed in serializer context, so parent issue validation in DraftIssueCreateSerializer only checks project_id rather than both workspace_id and project_id. The existing project member authentication system already validates that users can only access projects they belong to, providing sufficient security without risking breaking functionality by adding workspace_id validation where the context might not be available.

🔇 Additional comments (1)

apps/api/plane/api/urls/issue.py (1)

92-94: IssueAttachmentDetailAPIEndpoint PATCH behavior and serializer restrictions verified

• The endpoint defines its own def patch(...), so partial updates are explicitly supported without relying on mixins.
• Inside patch(), only the is_uploaded flag is toggled and saved—no user-supplied blob or metadata fields are passed through the serializer for update.
• IssueAttachmentSerializer already marks "workspace", "project", "issue", timestamps, and user fields as read-only.
• Access is gated by ProjectEntityPermission.

No further changes needed.

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (1)

apps/api/plane/api/views/member.py (1)

180-191: Simplify validation logic for required fields.

The current validation can be simplified and made more robust by checking for both missing and empty values.

Apply this diff to improve the validation:

     def post(self, request, slug, project_id):
         # ------------------- Validation -------------------
-        if (
-            request.data.get("email") is None
-            or request.data.get("display_name") is None
-        ):
+        email = request.data.get("email", "").strip()
+        display_name = request.data.get("display_name", "").strip()
+        
+        if not email or not display_name:
             return Response(
                 {
-                    "error": "Expected email, display_name, workspace_slug, project_id, one or more of the fields are missing."
+                    "error": "Email and display_name are required fields."
                 },
                 status=status.HTTP_400_BAD_REQUEST,
             )
-
-        email = request.data.get("email")

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 4a5310b and 89153ec.

📒 Files selected for processing (1)

• apps/api/plane/api/views/member.py (2 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: NarayanBavisetti
PR: makeplane/plane#7460
File: apps/api/plane/app/serializers/draft.py:112-122
Timestamp: 2025-07-23T18:18:06.875Z
Learning: In the Plane codebase serializers, workspace_id is not consistently passed in serializer context, so parent issue validation in DraftIssueCreateSerializer only checks project_id rather than both workspace_id and project_id. The existing project member authentication system already validates that users can only access projects they belong to, providing sufficient security without risking breaking functionality by adding workspace_id validation where the context might not be available.

🧬 Code Graph Analysis (1)

apps/api/plane/api/views/member.py (4)

apps/api/plane/api/serializers/user.py (1)

• UserLiteSerializer (9-34)

apps/api/plane/db/models/user.py (2)

• User (38-170)
• save (152-170)

apps/api/plane/db/models/workspace.py (3)

• Workspace (115-182)
• WorkspaceMember (202-234)
• save (196-199)

apps/api/plane/db/models/project.py (5)

• ProjectMember (206-250)
• Project (59-169)
• save (167-169)
• save (183-185)
• save (222-232)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Analyze (javascript)
• GitHub Check: Analyze (python)

🔇 Additional comments (1)

apps/api/plane/api/views/member.py (1)

256-258: Add workspace parameter to ProjectMember creation.

According to the retrieved learnings and the ProjectMember model which inherits from ProjectBaseModel, the workspace should be explicitly set when creating project members for consistency.

Apply this diff:

             project_member = ProjectMember.objects.create(
-                project=project, member=user, role=request.data.get("role", 5)
+                project=project, member=user, workspace=workspace, role=request.data.get("role", 5)
             )

⛔ Skipped due to learnings

Learnt from: NarayanBavisetti
PR: makeplane/plane#7460
File: apps/api/plane/app/serializers/draft.py:112-122
Timestamp: 2025-07-23T18:18:06.875Z
Learning: In the Plane codebase serializers, workspace_id is not consistently passed in serializer context, so parent issue validation in DraftIssueCreateSerializer only checks project_id rather than both workspace_id and project_id. The existing project member authentication system already validates that users can only access projects they belong to, providing sufficient security without risking breaking functionality by adding workspace_id validation where the context might not be available.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 89153ec and 6f0fd89.

📒 Files selected for processing (1)

• apps/api/plane/api/urls/member.py (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: NarayanBavisetti
PR: makeplane/plane#7460
File: apps/api/plane/app/serializers/draft.py:112-122
Timestamp: 2025-07-23T18:18:06.875Z
Learning: In the Plane codebase serializers, workspace_id is not consistently passed in serializer context, so parent issue validation in DraftIssueCreateSerializer only checks project_id rather than both workspace_id and project_id. The existing project member authentication system already validates that users can only access projects they belong to, providing sufficient security without risking breaking functionality by adding workspace_id validation where the context might not be available.

📚 Learning: 2025-07-23T18:18:06.875Z

Learnt from: NarayanBavisetti
PR: makeplane/plane#7460
File: apps/api/plane/app/serializers/draft.py:112-122
Timestamp: 2025-07-23T18:18:06.875Z
Learning: In the Plane codebase serializers, workspace_id is not consistently passed in serializer context, so parent issue validation in DraftIssueCreateSerializer only checks project_id rather than both workspace_id and project_id. The existing project member authentication system already validates that users can only access projects they belong to, providing sufficient security without risking breaking functionality by adding workspace_id validation where the context might not be available.

Applied to files:

• apps/api/plane/api/urls/member.py

🧬 Code Graph Analysis (1)

apps/api/plane/api/urls/member.py (1)

apps/api/plane/api/views/member.py (1)

• ProjectMemberAPIEndpoint (103-264)

🔇 Additional comments (1)

apps/api/plane/api/urls/member.py (1)

7-7: All project routes consistently use <uuid:project_id>
Scan of apps/api/plane/api/urls confirmed no remaining <str:project_id> patterns, ensuring type safety and alignment with other endpoints.