Fix: Added organization membership sample data for API_ADMINISTRATOR_USER

[PratapRathi]

What kind of change does this PR introduce?
This PR will add the organization_memberships records for API_ADMINISTRATOR_USER_EMAIL_ADDRESS user.

Issue Number:
Fixes #3178

Snapshots/Videos:

If relevant, did you update the documentation?
N/A

Summary
A fixed user_Id is assigned to API_ADMINISTRATOR_USER_EMAIL_ADDRESS user in seedInitialData.ts, using this id we added some more records in organization_memberships table. This fix and and show the organizations on login with API_ADMINISTRATOR_USER_EMAIL_ADDRESS after loading sample data.

Does this PR introduce a breaking change?
No

Checklist

CodeRabbit AI Review

• I have reviewed and addressed all critical issues flagged by CodeRabbit AI
• I have implemented or provided justification for each non-critical suggestion
• I have documented my reasoning in the PR comments where CodeRabbit AI suggestions were not implemented

Test Coverage

• I have written tests for all new changes/features
• I have verified that test coverage meets or exceeds 95%
• I have run the test suite locally and all tests pass

Other information
N/A

Have you read the contributing guide?
Yes

Summary by CodeRabbit

• New Features

  • Added new administrative memberships across multiple organizations, enhancing role assignments and oversight.

• Chores

  • Refined the administrator account setup by using a consistent identifier, ensuring reliable initialization and improved data integrity.

These updates streamline administrative functions and promote greater system consistency and reliability for end-users.

[coderabbitai]

Walkthrough

This pull request introduces five new administrator membership entries to the organization_memberships.json file and modifies the seedInitialData.ts file. The JSON file receives new entries with distinct organization IDs but a consistent fixed memberId and timestamps. In seedInitialData.ts, the unique UUID generation using uuidv7() is replaced with a fixed UUID for the administrator user. These changes ensure that the administrator user is consistently identified across the sample data seeding process.

Changes

Files	Change Summary
sample_data/organization_memberships.json	Added five new membership entries with a fixed memberId, distinct organizationIds, and unified createdAt and creatorId values.
src/plugins/seedInitialData.ts	Replaced the call to uuidv7() with assignment of a fixed UUID ("0194e562-0a52-70f3-9e7b-2e789a5aebdc") for creating the administrator user in the seeding process.

Sequence Diagram(s)

sequenceDiagram
  participant Seeder as DataSeeder
  participant DB as Database
  participant Membership as OrgMembership

  Seeder->>DB: Check if administrator user exists
  DB-->>Seeder: User not found
  Seeder->>Seeder: Assign fixed admin userId ("0194e562-0a52-70f3-9e7b-2e789a5aebdc")
  Seeder->>DB: Create administrator user with fixed userId
  DB-->>Seeder: User created
  Seeder->>DB: Append membership entries for admin across multiple organizations
  DB-->>Seeder: Membership entries added

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Ensure API_ADMINISTRATOR_USER_EMAIL_ADDRESS user has access (#3178)	✅

Possibly related PRs

• Fixes #2841: Invalid emails and names in import:sample-data script #3160: Updates the seeding process to use a fixed administrator user ID, directly affecting membership entries.
• elevate existing initial administrator user's role on api startup #2875: Modifies the organization membership seeding by applying a consistent fixed memberId for the administrator user.

Suggested labels

ignore-sensitive-files-pr

Suggested reviewers

• gautam-divyanshu
• palisadoes

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Our Pull Request Approval Process

Thanks for contributing!

Testing Your Code

Remember, your PRs won't be reviewed until these criteria are met:

1. We don't merge PRs with poor code quality.
   1. Follow coding best practices such that CodeRabbit.ai approves your PR.
2. We don't merge PRs with failed tests.
   1. When tests fail, click on the Details link to learn more.
   2. Write sufficient tests for your changes (CodeCov Patch Test). Your testing level must be better than the target threshold of the repository
   3. Tests may fail if you edit sensitive files. Ask to add the ignore-sensitive-files-pr label if the edits are necessary.
3. We cannot merge PRs with conflicting files. These must be fixed.

Our policies make our code better.

Reviewers

Do not assign reviewers. Our Queue Monitors will review your PR and assign them.
When your PR has been assigned reviewers contact them to get your code reviewed and approved via:

1. comments in this PR or
2. our slack channel

Reviewing Your Code

Your reviewer(s) will have the following roles:

1. arbitrators of future discussions with other contributors about the validity of your changes
2. point of contact for evaluating the validity of your work
3. person who verifies matching issues by others that should be closed.
4. person who gives general guidance in fixing your tests

CONTRIBUTING.md

Read our CONTRIBUTING.md file. Most importantly:

1. PRs with issues not assigned to you will be closed by the reviewer
2. Fix the first comment in the PR so that each issue listed automatically closes

Other

1. 🎯 Please be considerate of our volunteers' time. Contacting the person who assigned the reviewers is not advised unless they ask for your input. Do not @ the person who did the assignment otherwise.
2. Read the CONTRIBUTING.md file make

[github-actions]

Congratulations on making your first PR! 🎊 If you haven't already, check out our Contributing Guidelines and PR Reporting Guidelines to ensure that you are following our guidelines for contributing and creating PR.

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 1 line in your changes missing coverage. Please review.

Project coverage is 40.11%. Comparing base (5255740) to head (90c57f1).
Report is 15 commits behind head on develop-postgres.

Files with missing lines	Patch %	Lines
src/plugins/seedInitialData.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@                 Coverage Diff                  @@
##           develop-postgres    #3183      +/-   ##
====================================================
- Coverage             40.11%   40.11%   -0.01%     
====================================================
  Files                   455      455              
  Lines                 33543    33542       -1     
  Branches                433      433              
====================================================
- Hits                  13457    13456       -1     
  Misses                20086    20086              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

src/plugins/seedInitialData.ts (1)

89-106: Consider adding validation for environment variables.

While the implementation is correct, consider adding validation for the environment variables before using them to ensure they are properly set.

+ // Add at the beginning of the plugin function
+ const requiredEnvVars = [
+   'API_ADMINISTRATOR_USER_EMAIL_ADDRESS',
+   'API_ADMINISTRATOR_USER_NAME',
+   'API_ADMINISTRATOR_USER_PASSWORD'
+ ];
+ 
+ for (const envVar of requiredEnvVars) {
+   if (!fastify.envConfig[envVar]) {
+     throw new Error(`Missing required environment variable: ${envVar}`);
+   }
+ }

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5255740 and 90c57f1.

📒 Files selected for processing (2)

• sample_data/organization_memberships.json (1 hunks)
• src/plugins/seedInitialData.ts (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: Run tests for talawa api
• GitHub Check: Analyse Code With CodeQL (typescript)

🔇 Additional comments (2)

src/plugins/seedInitialData.ts (1)

87-88: LGTM! Good practice using a fixed UUID for consistent sample data.

The use of a fixed UUID for the administrator user ensures consistent identification across the sample data, making it easier to track and manage administrator memberships.

sample_data/organization_memberships.json (1)

100-127: Verify organization IDs exist in the organizations table.

The new entries reference organization IDs. We should verify these organizations exist in the sample data.

✅ Verification successful

🏁 Script executed:

#!/bin/bash
# Description: Check if the referenced organization IDs exist in the organizations sample data
echo "Checking for organization IDs in sample data..."
ORGS_TO_CHECK=(
  "ab1c2d3e-4f5b-6a7c-8d9e-0f1a2b3c4d5e"
  "ab1c2d3e-4f5b-6a7c-8d9e-0f1a2b3c4d5f"
  "cd3e4f5b-6a7c-8d9e-0f1a-2b3c4d5e6f7a"
  "bc2d3e4f-5a6b-7c8d-9e0f-1a2b3c4d5e6f"
)

for ORG_ID in "${ORGS_TO_CHECK[@]}"; do
  echo "Checking organization ID: $ORG_ID"
  rg -q "\"$ORG_ID\"" sample_data/organizations.json || echo "Warning: Organization ID $ORG_ID not found"
done

Length of output: 1290

---

Organization IDs Verified in Organizations Table
The script output shows that all referenced organization IDs exist in sample_data/organizations.json, with no missing entries.

[coderabbitai]

🧹 Nitpick (assertive)

Consider adding a schema validation for the JSON data.

To ensure data integrity, consider adding a JSON schema validation for the organization memberships data structure.

+ // Add a new file: sample_data/schemas/organization_memberships.schema.json
+ {
+   "$schema": "http://json-schema.org/draft-07/schema#",
+   "type": "array",
+   "items": {
+     "type": "object",
+     "required": ["organizationId", "memberId", "role", "createdAt", "creatorId"],
+     "properties": {
+       "organizationId": {
+         "type": "string",
+         "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+       },
+       "memberId": {
+         "type": "string",
+         "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+       },
+       "role": {
+         "type": "string",
+         "enum": ["administrator", "regular"]
+       },
+       "createdAt": {
+         "type": "string",
+         "format": "date-time"
+       },
+       "creatorId": {
+         "type": "string",
+         "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+       }
+     }
+   }
+ }

[palisadoes]

A better approach would be to update the src/utilities/loadSampleData.ts script to update the sample database so that the API_ADMINISTRATOR_USER is automatically made administrator for all organizations through an API call.

Hard coding the UUID in the data opens up security vulnerabilities.

Please change the logic.

[palisadoes]

This method hard codes a UUID. This is a security vulnerability.

[PratapRathi]

Yes sir, I understood
I will change the logic as you guided.

[PratapRathi]

@palisadoes I am closing this PR, I will raise another PR with the approach you suggested to me.