Sanity Bug 4562

[sumanvpacewisdom]

Add organization and tenant code headers to environment configuration and authentication middleware

• Introduced ORG_CODE_HEADER_NAME and TENANT_CODE_HEADER_NAME in .env.sample and envVariables.js for better organization and tenant context handling.
• Updated common.js to include constants for organization and tenant code headers.
• Enhanced authenticator.js middleware to support organization and tenant code overrides for admin roles, ensuring proper validation and security checks.

[coderabbitai]

Walkthrough

The changes introduce support for organization and tenant code header overrides in the authentication system. Two new environment variables (ORG_CODE_HEADER_NAME and TENANT_CODE_HEADER_NAME) are defined in configuration, exported as constants, and integrated into the authenticator middleware to allow admins to override authentication token fields based on request headers and role permissions.

Changes

Cohort / File(s)	Summary
Configuration & Constants src/.env.sample, src/envVariables.js, src/constants/common.js	Added ORG_CODE_HEADER_NAME and TENANT_CODE_HEADER_NAME environment variables with defaults (x-org-code, x-tenant-code), exported as lowercase constants, and registered in environment variable definitions.
Authentication Middleware src/middlewares/authenticator.js	Implemented header-based token field override logic: Org Admin users can override organization_code; Admin (super admin) users can override both organization_code and tenant_code if both headers are present, otherwise returns bad request.

Sequence Diagram

sequenceDiagram
    participant Client
    participant Authenticator as Authenticator Middleware
    participant TokenProcessor as Token Processing
    participant Response

    Client->>Authenticator: Request with headers<br/>(x-org-code, x-tenant-code)
    Authenticator->>Authenticator: Extract user role<br/>from token
    
    alt User has Admin role
        Authenticator->>Authenticator: Check if both headers<br/>present
        alt Both headers present
            Authenticator->>TokenProcessor: Override organization_code<br/>and tenant_code
        else Missing header
            Authenticator->>Response: Return 400<br/>Bad Request
        end
    else User has Org Admin role
        Authenticator->>TokenProcessor: Override organization_code<br/>only
    else No override permission
        Authenticator->>TokenProcessor: Skip overrides
    end
    
    TokenProcessor->>Response: Return processed token
    Response->>Client: Response

Loading

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested Reviewers

• nevil-mathew

Poem

🐰 With headers held high and roles defined clear,
Admin powers override, the path is sincere,
Organization and tenant codes dance in the light,
Authentication flows with permission just right! 🎭✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title 'Sanity Bug 4562' is a generic ticket reference that does not describe the actual changes made in the pull request (adding org/tenant code header configuration and authentication overrides).	Use a descriptive title that summarizes the main change, such as 'Add organization and tenant code header configuration with admin override support' or 'Support org/tenant code header overrides in authentication middleware'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch SANITY_BUG_4562_CUSTOM_FIELDS

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/constants/common.js`:
- Around line 320-321: The ORG_CODE_HEADER and TENANT_CODE_HEADER constants call
.toLowerCase() on process.env values which can be undefined at module load;
update the assignments for ORG_CODE_HEADER and TENANT_CODE_HEADER in
src/constants/common.js to defensively handle missing env vars by using a safe
default or guard (e.g. use (process.env.ORG_CODE_HEADER_NAME ??
'').toLowerCase() or check typeof before calling toLowerCase()) so the code
never invokes toLowerCase on undefined and optionally surface a clear error if a
required value is missing.

---

ℹ️ Review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 58b9d33 and 6d0c224.

📒 Files selected for processing (4)

• src/.env.sample
• src/constants/common.js
• src/envVariables.js
• src/middlewares/authenticator.js