Error handling of UrlResolver and fix VC profile inaccessible

[bobbykolev]

• add skip in the useRestrictedRedirect hook for awaiting the data before rerouting to restricted on VC profile and settings;
• change the auth check on VC profile from Read to ReadAbout;

The second one leads to access to all VC profiles from all members. The logic should be improved on the server in the future. The fix was suggested by Neil.

Summary by CodeRabbit

• New Features

  • Improved navigation behavior: Redirection now waits until related content is fully loaded, ensuring a smoother user experience.
  • Enhanced error reporting: Users will receive clearer feedback when issues occur during content resolution, helping prevent unexpected errors.
  • New error handling capabilities in the URL resolver, providing users with specific error messages when issues arise.

• Bug Fixes

  • Added logic to skip redirects during loading states, preventing unnecessary navigation interruptions.

[coderabbitai]

Walkthrough

The changes update the useRestrictedRedirect hook by introducing an optional skip parameter. This parameter allows the hook to bypass redirection logic when set to true. Components such as VCProfilePage and VCSettingsPageLayout have been updated to pass this parameter based on their loading states. Additionally, error handling in UrlResolverProvider now throws a NotFoundError when the GraphQL query (which has been extended with isError and errorMessage fields) indicates an error.

Changes

Files	Change Summary
src/core/routing/useRestrictedRedirect.tsx	Added optional skip property in RestrictedRedirectQueryResponse and updated the useRestrictedRedirect hook to bypass redirect logic early when skip is true. The dependency array now includes skip.
src/domain/community/virtualContributor/vcProfilePage/VCProfilePage.tsx src/domain/community/virtualContributorAdmin/layout/VCSettingsPageLayout.tsx	Updated hook invocations to include a skip parameter based on the logical OR result of URL resolver and data loading states.
src/main/routing/urlResolver/UrlResolverProvider.tsx	Introduced error handling that throws a NotFoundError when the URL resolver query finishes loading and indicates an error.
src/main/routing/urlResolver/UrlResolvers.graphql	Added isError and errorMessage fields to the UrlResolver query response for enhanced error reporting.

Sequence Diagram(s)

sequenceDiagram
    participant Component as VCProfilePage/VCSettingsPageLayout
    participant Hook as useRestrictedRedirect
    participant Priv as Privilege Checker

    Component->>Hook: Call useRestrictedRedirect(data, error, skip)
    alt skip is true
       Hook->>Hook: Exit early (bypass redirect)
    else skip is false
       Hook->>Priv: Validate user privileges
       Priv-->>Hook: Return validation result
       Hook->>Component: Trigger redirect if necessary
    end

Loading

sequenceDiagram
    participant Provider as UrlResolverProvider
    participant GraphQL as UrlResolver Query

    Provider->>GraphQL: Execute urlResolver query
    GraphQL-->>Provider: Return data (including isError, errorMessage)
    alt Not loading and isError is true
       Provider->>Provider: Throw NotFoundError(errorMessage)
    else
       Provider->>Provider: Proceed normally
    end

Loading

Possibly related PRs

• [VC invites] Fix BoK not loading every time in preview dialog #7350: The changes in this PR involve modifications to the useRestrictedRedirect hook, which are related to the updates made in this PR that also involve the invocation of the useRestrictedRedirect hook, specifically by adding the skip parameter.
• vc profile page #7093: The changes in this PR directly relate to the modifications in this PR that update the invocation of the useRestrictedRedirect hook in the VCProfilePage component to include the new skip parameter.
• Handle missing privileges for add VC to community. #7470: The changes in this PR are related to the modifications in this PR that also update the invocation of useRestrictedRedirect to include the new skip parameter, thus directly connecting the two PRs at the code level.

Suggested labels

client, translations

Suggested reviewers

• ccanos
• reactoholic

---

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8aae085 and 0605c8c.

📒 Files selected for processing (1)

• src/domain/community/virtualContributor/vcProfilePage/VCProfilePage.tsx (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• src/domain/community/virtualContributor/vcProfilePage/VCProfilePage.tsx

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

src/main/routing/urlResolver/UrlResolverProvider.tsx (1)

137-139: Consider adding type narrowing for better type safety.

While the error handling logic is correct, we can improve type safety by adding a type guard.

-  if (!urlResolverLoading && urlResolverData?.urlResolver.isError) {
+  if (!urlResolverLoading && urlResolverData && urlResolverData.urlResolver.isError) {
-    throw new NotFoundError(urlResolverData?.urlResolver.errorMessage);
+    throw new NotFoundError(urlResolverData.urlResolver.errorMessage);
   }

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 852c791 and 8aae085.

⛔ Files ignored due to path filters (3)

• src/core/apollo/generated/apollo-helpers.ts is excluded by !**/generated/**
• src/core/apollo/generated/apollo-hooks.ts is excluded by !**/generated/**
• src/core/apollo/generated/graphql-schema.ts is excluded by !**/generated/**

📒 Files selected for processing (5)

• src/core/routing/useRestrictedRedirect.tsx (3 hunks)
• src/domain/community/virtualContributor/vcProfilePage/VCProfilePage.tsx (1 hunks)
• src/domain/community/virtualContributorAdmin/layout/VCSettingsPageLayout.tsx (1 hunks)
• src/main/routing/urlResolver/UrlResolverProvider.tsx (2 hunks)
• src/main/routing/urlResolver/UrlResolvers.graphql (1 hunks)

🧰 Additional context used

📓 Path-based instructions (2)

`src/**/*.{ts,tsx,js}`: Review the React.js/TypeScript/JavaS...

src/**/*.{ts,tsx,js}: Review the React.js/TypeScript/JavaScript code for best practices and potential bugs.
Ensure that the code adheres to TypeScript's typing system and modern standards.
Use the following code guide documentation in the codebase: 'docs/code-guidelines.md'.
Ensure sufficient error handling and logging is present, but note:

• We have a global error handler in place. So local try/catch blocks are not required unless they provide value beyond what the global error handler already covers.
• Avoid flagging the absence of local error handling in cases where the global error handler suffices.
• Avoid flagging the absence of logging in cases where the global logger is already in place (graphql usage).

Inform about the recommendation of not using non-null assertion,
except on GraphQL queries where the variable is asserted non-null and followed by a
skip: with the same variable.
Examples:

• Not Required: there's a skip
  {
  variables: { templateId: templateId! },
  skip: !templateId,
  }

Check for common security vulnerabilities such as:

• SQL Injection
• XSS (Cross-Site Scripting)
• CSRF (Cross-Site Request Forgery)
• Insecure dependencies
• Sensitive data exposure

• src/domain/community/virtualContributor/vcProfilePage/VCProfilePage.tsx
• src/domain/community/virtualContributorAdmin/layout/VCSettingsPageLayout.tsx
• src/core/routing/useRestrictedRedirect.tsx
• src/main/routing/urlResolver/UrlResolverProvider.tsx

`src/**/*.{graphql,gql}`: Review the GraphQL schema and quer...

src/**/*.{graphql,gql}: Review the GraphQL schema and queries for best practices, potential bugs, and adherence to the project's GraphQL standards.
Ensure that the schema is well-defined and queries are optimized.
Check for security vulnerabilities.

• src/main/routing/urlResolver/UrlResolvers.graphql

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Travis CI - Pull Request

🔇 Additional comments (9)

src/main/routing/urlResolver/UrlResolverProvider.tsx (2)

3-3: LGTM!

The import statement is well-organized and follows the project's path aliasing convention.

---

130-135: LGTM!

The GraphQL query implementation follows the project guidelines correctly:

• Non-null assertion is properly used with a corresponding skip condition
• Skip condition prevents unnecessary query execution

src/main/routing/urlResolver/UrlResolvers.graphql (1)

49-50: LGTM!

The new GraphQL fields are well-named and properly integrated:

• isError provides clear error state indication
• errorMessage provides detailed error information
  These additions support the improved error handling for VC profile accessibility.

src/core/routing/useRestrictedRedirect.tsx (4)

11-11: LGTM! Interface update is well-defined.

The optional skip parameter is correctly typed as a boolean in the RestrictedRedirectQueryResponse interface.

---

27-27: LGTM! Hook signature update is correct.

The skip parameter is properly destructured with a default value of false, maintaining backward compatibility.

---

40-42: LGTM! Early return optimization is well-implemented.

The early return when skip is true prevents unnecessary redirect logic execution.

---

51-51: ⚠️ Potential issue

Add skip to useEffect dependencies.

The skip parameter should be included in the dependencies array since it's used within the effect.

Apply this diff to fix the dependencies:

-  }, [data, error, skip]);
+  }, [data, error, skip, navigate, redirectUrl, navigateOptions, readPrivileges, requiredPrivilege]);

Likely an incorrect or invalid review comment.

src/domain/community/virtualContributorAdmin/layout/VCSettingsPageLayout.tsx (1)

35-41: LGTM! Hook usage is correctly updated.

The implementation:

• Properly combines loading states to prevent premature redirects
• Correctly reads privileges from the virtual contributor data
• Appropriately requires Update privilege for settings page

src/domain/community/virtualContributor/vcProfilePage/VCProfilePage.tsx (1)

50-53: LGTM! Hook usage is correctly updated.

The implementation:

• Properly combines loading states to prevent premature redirects
• Correctly reads privileges from the virtual contributor data
• Appropriately uses default Read privilege for profile page