Update notification instance action default accepts

[skanderm]

Fixes issue with deployment where notification instances don't have the right attributes accepted:

Summary by CodeRabbit

• New Features

  • Enhanced flexibility in notification actions, allowing for more dynamic parameters.
  • Introduced a new action for creating notifications with relationships to subscriptions.
  • Improved audio image processing with new actions for managing feed segments and generating spectrograms.

• Bug Fixes

  • Updated handling of asynchronous tasks for spectrogram generation, ensuring proper success and error management.

[coderabbitai]

Walkthrough

The changes involve modifications to the Orcasite.Notifications.NotificationInstance and Orcasite.Radio.AudioImage modules. In the NotificationInstance, default actions have been updated for greater flexibility, and a new action for managing relationships has been added. Additionally, an after_action callback for sending notification emails has been introduced. In the AudioImage module, the create and update actions have been refined to enhance relationship management and asynchronous processing, including new before and after actions for handling feed segments and generating spectrograms.

Changes

File Path	Change Summary
server/lib/orcasite/notifications/resources/notification_instance.ex	Default actions updated to [:read, :destroy, update: :*, create: :*]; added create_with_relationships action with manage_relationship function; introduced after_action for sending notification emails.
server/lib/orcasite/radio/audio_image.ex	Updated create :for_feed_segment to include before_action for feed segments and added two after_action changes; modified update :generate_spectrogram to include require_atomic? false and updated after_action for asynchronous processing.

Poem

In the land of code where rabbits play,
New actions hop in, brightening the day.
With spectrograms dancing and emails that sing,
Flexibility blooms, oh what joy they bring!
So let’s celebrate with a joyful cheer,
For the changes we cherish, let’s hold them near! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)

server/lib/orcasite/notifications/resources/notification_instance.ex (2)

Line range hint 48-71: Add error handling for Oban job insertion.

The after_action callback creates an Oban job but doesn't handle potential job insertion failures. This could lead to notifications being marked as processed without actually being sent.

Consider wrapping the Oban insertion in error handling:

       change fn changeset, _context ->
         changeset
         |> Ash.Changeset.after_action(fn _, record ->
-          %{
-            notification_instance_id: record.id,
-            notification_id: record.notification_id,
-            subscription_id: record.subscription_id,
-            meta: record.meta
-          }
-          |> Orcasite.Notifications.Workers.SendNotificationEmail.new()
-          |> Oban.insert()
-
-          {:ok, record}
+          case %{
+            notification_instance_id: record.id,
+            notification_id: record.notification_id,
+            subscription_id: record.subscription_id,
+            meta: record.meta
+          }
+          |> Orcasite.Notifications.Workers.SendNotificationEmail.new()
+          |> Oban.insert() do
+            {:ok, _job} -> {:ok, record}
+            {:error, error} -> 
+              # Log the error and potentially update the notification status
+              {:error, "Failed to queue notification: #{inspect(error)}"}
+          end
         end)
       end

---

Line range hint 48-71: Consider adding notification monitoring capabilities.

The asynchronous notification processing via Oban is a good architectural choice for scalability. However, consider adding:

1. Monitoring for failed notifications
2. A mechanism to retry failed notifications
3. Metrics collection for notification processing times and success rates

This will help track the health of the notification system and ensure reliable delivery.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between bfca95f and bcfa35d.

📒 Files selected for processing (2)

• server/lib/orcasite/notifications/resources/notification_instance.ex (1 hunks)
• server/lib/orcasite/radio/audio_image.ex (1 hunks)

🔇 Additional comments (3)

server/lib/orcasite/notifications/resources/notification_instance.ex (2)

Line range hint 48-71: Verify ExtractNotificationInstanceMeta implementation.

The action uses ExtractNotificationInstanceMeta for processing meta data, but its implementation needs verification to ensure proper data extraction.

Let's check the implementation:

#!/bin/bash
# Description: Locate and examine the ExtractNotificationInstanceMeta module
# Look for the implementation file
fd -e ex "ExtractNotificationInstanceMeta.ex" server/lib/orcasite/notifications/changes/

# If found, examine its content
rg -A 10 "defmodule.*ExtractNotificationInstanceMeta" server/lib/orcasite/notifications/changes/

---

46-46: Verify security implications of wildcard parameters.

The change from explicit actions to update: :* and create: :* allows any parameters to be passed. While this fixes the deployment issue, it might expose security risks if not properly validated.

Let's verify if there are adequate validations in place:

✅ Verification successful

Let me gather more information about the validation and constraints by checking the resource definition and related files.

---

Wildcard parameters are safely constrained by attribute definitions

The use of update: :* and create: :* is safe because the resource has well-defined attribute constraints:

• :channel is restricted to [:email]
• :status is restricted to [:new, :pending, :sent, :failed]
• Other attributes have strict types (:map, :utc_datetime_usec)
• Relationships are properly defined with belongs_to constraints

The Ash framework enforces these constraints automatically, preventing any unauthorized attributes from being set through the wildcard parameters. The change aligns with the deployment requirements while maintaining security.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for validation logic in related files
# Look for validation modules or constraints
rg -g '!*.beam' -g '!*.ex.beam' -A 5 "validate|constraint|guard" server/lib/orcasite/notifications/

Length of output: 1456

---

Script:

#!/bin/bash
# Check the resource definition for attributes and their constraints
ast-grep --pattern 'defmodule Orcasite.Notifications.NotificationInstance do
  $$$
  attributes do
    $$$
  end
  $$$
'

# Look for any change modules that might contain validations
rg -g '*.ex' -A 5 "use Ash.Resource.Change|validate" server/lib/orcasite/notifications/

# Check for relationships and their constraints
ast-grep --pattern 'relationships do
  $$$
end'

Length of output: 17584

server/lib/orcasite/radio/audio_image.ex (1)

170-170: Confirm that disabling atomicity is appropriate for this action

By setting require_atomic? false, the update :generate_spectrogram action will not run inside a transaction. Since the action involves asynchronous processing, this may be acceptable. However, please verify that transactional guarantees are not needed here to maintain data consistency and prevent race conditions.

Run the following script to examine the usage of require_atomic? across the codebase:

✅ Verification successful

Based on the search results, I can now generate a final response since I have enough context about how require_atomic? is used across the codebase.

Setting require_atomic? false is appropriate for this spectrogram generation action

The codebase consistently uses require_atomic? false for actions that involve asynchronous processing or external operations. This pattern is seen in similar scenarios:

• Feed stream operations that handle playlist and segment processing
• Notification handling for subscriptions and notifications
• Detection and candidate processing
• Other audio/feed related operations

The spectrogram generation is an asynchronous operation that doesn't require immediate transactional consistency, as evidenced by:

• The action sets the status to :processing and uses an after_action hook
• Similar to other async operations in the codebase that follow this pattern
• No critical data dependencies that would require atomic guarantees

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Search for all occurrences of `require_atomic?` in action definitions.

# Expected result: Review how `require_atomic?` is used in other actions to ensure consistency.
rg -A 5 $'require_atomic?'

Length of output: 6347