Implement risk Accept/ Review endpoints#345
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds dedicated AcceptRisk and ReviewRisk service operations to the risk management system, exposing them as new REST endpoints (POST /risks/{id}/accept, POST /risks/{id}/review, and their SSP-scoped variants). The PR also introduces a ValidationError type in the risks package, a RiskReviewDecision enum, and adds a INTEGRATION_RUNS Makefile variable for repeated integration test runs to detect flakiness. A TODO comment is left as a hook for future notification worker wiring.
Changes:
- New
AcceptRiskandReviewRiskservice methods with proper transaction handling, status transition enforcement, and audit event/review record creation - New
Accept/ReviewHTTP handler methods with SSP-scoped variants, validation, and Swagger documentation - New
ValidationErrortype for structured validation feedback from the service layer;INTEGRATION_RUNSMakefile variable for multi-run flakiness detection
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
internal/service/relational/risks/errors.go |
New ValidationError type and IsValidationError helper for structured service-layer validation errors |
internal/service/relational/risks/reviews.go |
New RiskReviewDecision enum, IsValid() method, and NormalizeRiskReviewDecision normalizer |
internal/service/relational/risks/service.go |
AcceptRisk and ReviewRisk methods implementing status transitions, event logging, and review records |
internal/service/relational/risks/service_test.go |
Unit tests for AcceptRisk validation/success and ReviewRisk extend/reopen decisions |
internal/api/handler/risks.go |
Accept, Review, AcceptForSSP, ReviewForSSP handler methods with request types and route registration |
internal/api/handler/risks_integration_test.go |
Integration tests for the new accept and review endpoints, including SSP-scoped variants |
Makefile |
Adds INTEGRATION_RUNS variable enabling repeated integration test runs |
docs/swagger.yaml, docs/swagger.json, docs/docs.go |
Auto-generated Swagger docs for the four new endpoints |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 10 out of 10 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
gusfcarvalho
changed the title
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 10 out of 10 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 10 out of 10 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
this PR adds accept/review endpoints for Risks