coderabbit review comments fixed

Author: Rajat-Dabade

server/api/users.go

@@ -269,7 +269,7 @@ func (a *API) handleGetUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	auditRec := a.makeAuditRecord(r, "postBlocks", audit.Fail)
+	auditRec := a.makeAuditRecord(r, "getUser", audit.Fail)
 	defer a.audit.LogRecord(audit.LevelRead, auditRec)
 	auditRec.AddMeta("userID", userID)
 

server/app/import.go

@@ -112,8 +112,6 @@ func (a *App) ImportArchive(r io.Reader, opt model.ImportArchiveOptions) error {
 
 // Update image and attachment blocks.
 func (a *App) fixImagesAttachments(boardMap map[string]*model.Board, fileMap map[string]string, teamID string, userID string) {
-	blockIDs := make([]string, 0)
-	blockPatches := make([]model.BlockPatch, 0)
 	for _, board := range boardMap {
 		if board.IsTemplate {
 			continue
@@ -128,6 +126,8 @@ func (a *App) fixImagesAttachments(boardMap map[string]*model.Board, fileMap map
 			return
 		}
 
+		blockIDs := make([]string, 0)
+		blockPatches := make([]model.BlockPatch, 0)
 		for _, block := range newBlocks {
 			if block.Type == "image" || block.Type == "attachment" {
 				fieldName := "fileId"

server/integrationtests/board_test.go

@@ -2125,6 +2125,8 @@ func TestGetTemplates(t *testing.T) {
 		require.NotNil(t, rBoards)
 		require.GreaterOrEqual(t, len(rBoards), 6)
 
+		var skippedTitles []string
+
 		t.Log("\n\n")
 		for _, board := range rBoards {
 			t.Logf("Test get template: %s - %s\n", board.Title, board.ID)
@@ -2141,7 +2143,8 @@ func TestGetTemplates(t *testing.T) {
 
 			rBoardsAndBlock, resp := th.Client.DuplicateBoard(board.ID, false, teamID)
 			if resp.StatusCode == 400 {
-				t.Logf("Skipping duplicate test for template %s due to file info limitations", board.Title)
+				t.Logf("Skipping duplicate test for template %q due to file info limitations (known issue)", board.Title)
+				skippedTitles = append(skippedTitles, board.Title)
 				continue
 			}
 			th.CheckOK(resp)
@@ -2164,6 +2167,10 @@ func TestGetTemplates(t *testing.T) {
 			require.NotNil(t, rBlocks2)
 			require.Equal(t, len(rBoardsAndBlock.Blocks), len(rBlocks2))
 		}
+
+		if len(skippedTitles) > 0 {
+			t.Skipf("skipped %d template(s) due to file info limitations: %v", len(skippedTitles), skippedTitles)
+		}
 		t.Log("\n\n")
 	})
 }

server/integrationtests/file_test.go

@@ -5,7 +5,6 @@ package integrationtests
 
 import (
 	"bytes"
-	"strings"
 	"testing"
 
 	"github.com/mattermost/mattermost-plugin-boards/server/client"
@@ -119,13 +118,7 @@ func TestFileInfo(t *testing.T) {
 		th.CheckOK(resp)
 		require.NotNil(t, fileInfo)
 		require.NotNil(t, fileInfo.Id)
-		fileIDWithoutPrefix := file.FileID
-		if len(fileIDWithoutPrefix) > 0 && fileIDWithoutPrefix[0] == '7' {
-			fileIDWithoutPrefix = fileIDWithoutPrefix[1:]
-		}
-		if idx := strings.LastIndex(fileIDWithoutPrefix, "."); idx != -1 {
-			fileIDWithoutPrefix = fileIDWithoutPrefix[:idx]
-		}
+		fileIDWithoutPrefix := utils.RetrieveFileIDFromBlockFieldStorage(file.FileID)
 		require.Equal(t, fileIDWithoutPrefix, fileInfo.Id)
 	})
 }

server/model/board.go

@@ -8,7 +8,6 @@ import (
 	"io"
 	"time"
 
-	"github.com/mattermost/mattermost-plugin-boards/server/utils"
 	mmModel "github.com/mattermost/mattermost/server/public/model"
 )
 
@@ -390,13 +389,11 @@ func (ibe InvalidBoardErr) Error() string {
 }
 
 func (b *Board) IsValid() error {
-	// Only allow GlobalTeamID ("0") in test environments for security
-	// In production, GlobalTeamID should only be used for templates
+	// GlobalTeamID ("0") is only valid for template boards.
 	if b.TeamID == GlobalTeamID {
-		if !utils.IsRunningUnitTests() {
+		if !b.IsTemplate {
 			return InvalidBoardErr{"invalid-team-id"}
 		}
-		// Allow in test environments
 	} else if !mmModel.IsValidId(b.TeamID) {
 		return InvalidBoardErr{"invalid-team-id"}
 	}

server/model/board_test.go

@@ -4,7 +4,6 @@
 package model
 
 import (
-	"os"
 	"testing"
 
 	"github.com/mattermost/mattermost/server/public/model"
@@ -28,28 +27,41 @@ func TestBoardIsValid(t *testing.T) {
 		require.NoError(t, err)
 	})
 
-	t.Run("Should allow global team ID for valid board in test scenarios", func(t *testing.T) {
-		// Set test environment variable to allow GlobalTeamID
-		origEnv := os.Getenv("FOCALBOARD_UNIT_TESTING")
-		os.Setenv("FOCALBOARD_UNIT_TESTING", "1")
-		defer os.Setenv("FOCALBOARD_UNIT_TESTING", origEnv)
-
+	t.Run("Should allow global team ID for template boards", func(t *testing.T) {
 		board := &Board{
 			ID:          model.NewId(),
 			TeamID:      GlobalTeamID,
+			IsTemplate:  true,
 			CreatedBy:   model.NewId(),
 			ModifiedBy:  model.NewId(),
 			Type:        BoardTypeOpen,
 			MinimumRole: BoardRoleViewer,
-			Title:       "Valid Board",
+			Title:       "Valid Template",
 			CreateAt:    1234567890,
 			UpdateAt:    1234567890,
 		}
 		err := board.IsValid()
-		// GlobalTeamID ("0") is now allowed in test scenarios for integration tests
 		require.NoError(t, err)
 	})
 
+	t.Run("Should return error for global team ID on non-template board", func(t *testing.T) {
+		board := &Board{
+			ID:          model.NewId(),
+			TeamID:      GlobalTeamID,
+			IsTemplate:  false,
+			CreatedBy:   model.NewId(),
+			ModifiedBy:  model.NewId(),
+			Type:        BoardTypeOpen,
+			MinimumRole: BoardRoleViewer,
+			Title:       "Non-template Board",
+			CreateAt:    1234567890,
+			UpdateAt:    1234567890,
+		}
+		err := board.IsValid()
+		require.Error(t, err)
+		require.EqualError(t, err, "invalid-team-id")
+	})
+
 	t.Run("Should return error for invalid team ID", func(t *testing.T) {
 		board := &Board{
 			ID:          model.NewId(),

server/services/store/sqlstore/cloud.go

@@ -26,6 +26,7 @@ func (s *SQLStore) activeCardsQuery(builder sq.StatementBuilderType, selectStr s
 		Join(s.tablePrefix + "boards bd on b.board_id=bd.id").
 		Where(sq.Eq{
 			"b.type":         model.TypeCard,
+			"b.delete_at":    0,
 			"bd.is_template": false,
 		})
 	if !includeDeleted {

server/services/store/sqlstore/helpers_test.go

@@ -231,7 +231,11 @@ func (t *testServicesAPIForUnitTests) GetLicense() *mmModel.License {
 func (t *testServicesAPIForUnitTests) GetFileInfo(fileID string) (*mmModel.FileInfo, error) {
 	// Query the FileInfo table (Mattermost's table) to retrieve saved file info
 	// This matches what the real Mattermost servicesAPI would do
-	query := `SELECT Id, CreateAt, UpdateAt, DeleteAt, Path, ThumbnailPath, PreviewPath, Name, Extension, Size, MimeType, Width, Height, HasPreviewImage, MiniPreview, Content, RemoteId, CreatorId, PostId FROM FileInfo WHERE Id = $1`
+	placeholder := "$1"
+	if t.dbType == model.MysqlDBType {
+		placeholder = "?"
+	}
+	query := `SELECT Id, CreateAt, UpdateAt, DeleteAt, Path, ThumbnailPath, PreviewPath, Name, Extension, Size, MimeType, Width, Height, HasPreviewImage, MiniPreview, Content, RemoteId, CreatorId, PostId FROM FileInfo WHERE Id = ` + placeholder
 
 	var fileInfo mmModel.FileInfo
 	err := t.db.QueryRow(query, fileID).Scan(

server/services/store/sqlstore/mattermost_tables.go

@@ -169,7 +169,8 @@ func setupTeamMembersTableForIntegration(db *sql.DB, dbType string) error {
 				roles character varying(64),
 				deleteat bigint,
 				schemeuser boolean,
-				schemeadmin boolean
+				schemeadmin boolean,
+				PRIMARY KEY (teamid, userid)
 			);
 		`
 	case model.MysqlDBType:
@@ -180,7 +181,8 @@ func setupTeamMembersTableForIntegration(db *sql.DB, dbType string) error {
 				Roles VARCHAR(64),
 				DeleteAt BIGINT,
 				SchemeUser BOOLEAN,
-				SchemeAdmin BOOLEAN
+				SchemeAdmin BOOLEAN,
+				PRIMARY KEY (TeamId, UserId)
 			) DEFAULT CHARACTER SET utf8mb4;
 		`
 	default:
@@ -382,7 +384,7 @@ func setupFileInfoTableForIntegration(db *sql.DB, dbType string) error {
 	switch dbType {
 	case model.PostgresDBType:
 		createTableSQL = `
-			CREATE TABLE IF NOT EXISTS FileInfo (
+			CREATE TABLE IF NOT EXISTS fileinfo (
 				Id VARCHAR(26) NOT NULL,
 				CreatorId VARCHAR(26),
 				PostId VARCHAR(26),
@@ -445,17 +447,17 @@ func setupSessionsTableForIntegration(db *sql.DB, dbType string) error {
 	switch dbType {
 	case model.PostgresDBType:
 		createTableSQL = `
-			CREATE TABLE IF NOT EXISTS Sessions (
-				Id character varying(26) NOT NULL PRIMARY KEY,
-				Token character varying(64),
-				CreateAt bigint,
-				ExpiresAt bigint,
-				LastActivityAt bigint,
-				UserId character varying(26),
-				Roles character varying(64),
-				IsOAuth boolean,
-				Props text,
-				DeviceId character varying(512)
+			CREATE TABLE IF NOT EXISTS sessions (
+				id character varying(26) NOT NULL PRIMARY KEY,
+				token character varying(64),
+				createat bigint,
+				expiresat bigint,
+				lastactivityat bigint,
+				userid character varying(26),
+				roles character varying(64),
+				isoauth boolean,
+				props text,
+				deviceid character varying(512)
 			);
 		`
 	case model.MysqlDBType:

server/services/store/sqlstore/support_for_test.go

@@ -146,7 +146,8 @@ func setupTeamMembersTable(t *testing.T, db *sql.DB, dbType string) {
 				roles character varying(64),
 				deleteat bigint,
 				schemeuser boolean,
-				schemeadmin boolean
+				schemeadmin boolean,
+				PRIMARY KEY (teamid, userid)
 			);
 		`
 	case model.MysqlDBType:
@@ -157,7 +158,8 @@ func setupTeamMembersTable(t *testing.T, db *sql.DB, dbType string) {
 				Roles VARCHAR(64),
 				DeleteAt BIGINT,
 				SchemeUser BOOLEAN,
-				SchemeAdmin BOOLEAN
+				SchemeAdmin BOOLEAN,
+				PRIMARY KEY (TeamId, UserId)
 			) DEFAULT CHARACTER SET utf8mb4;
 		`
 	default:
@@ -369,7 +371,7 @@ func setupFileInfoTable(t *testing.T, db *sql.DB, dbType string) {
 	switch dbType {
 	case model.PostgresDBType:
 		createTableSQL = `
-			CREATE TABLE IF NOT EXISTS FileInfo (
+			CREATE TABLE IF NOT EXISTS fileinfo (
 				Id VARCHAR(26) NOT NULL,
 				CreatorId VARCHAR(26),
 				PostId VARCHAR(26),
@@ -435,17 +437,17 @@ func setupSessionsTable(t *testing.T, db *sql.DB, dbType string) {
 	switch dbType {
 	case model.PostgresDBType:
 		createTableSQL = `
-			CREATE TABLE IF NOT EXISTS Sessions (
-				Id character varying(26) NOT NULL PRIMARY KEY,
-				Token character varying(64),
-				CreateAt bigint,
-				ExpiresAt bigint,
-				LastActivityAt bigint,
-				UserId character varying(26),
-				Roles character varying(64),
-				IsOAuth boolean,
-				Props text,
-				DeviceId character varying(512)
+			CREATE TABLE IF NOT EXISTS sessions (
+				id character varying(26) NOT NULL PRIMARY KEY,
+				token character varying(64),
+				createat bigint,
+				expiresat bigint,
+				lastactivityat bigint,
+				userid character varying(26),
+				roles character varying(64),
+				isoauth boolean,
+				props text,
+				deviceid character varying(512)
 			);
 		`
 	case model.MysqlDBType: