fix(learn): include namespace in token audit event#47
Conversation
Add effective namespace (req.namespace or course_id fallback) to the dashboard_token_generated audit log for scoped access traceability. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses an issue where the Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request adds the effective namespace to the dashboard_token_generated audit log event. While the log message implementation is correct, the review identifies that this traceability improvement is incomplete as the namespace information is not persisted to the DashboardTokenOrm database audit record. A comment has been added recommending storing the effective namespace in the dashboard_tokens table to ensure a complete audit trail, emphasizing the creation of a new database migration for schema changes as per repository guidelines.
- Optional enrollment mode for LMS integrations (FEAT-003) - Widget UX: collapsible sources, a11y, i18n, snippet fix - Phase 2 stabilization: BUG-010, BUG-011, DEBT-002/003/008 - Sync main history, 3 critical bug fixes from v0.2.0 review - Version 0.3.0, CHANGELOG, docs update (18 new config vars, ERR-LEARN codes) - Commit signing guide, quality gate, branching rules in CONTRIBUTING Reviews: PRs #42-#47, 30+ comments addressed (CodeRabbit, Gemini) Tests: 576 passed, integration + NFR gates green Refs: FEAT-003, BUG-010, BUG-011, DEBT-002, DEBT-003, DEBT-008
What
Add effective namespace to dashboard_token_generated audit log event.
Why
When req.namespace overrides course_id, the audit event was missing the actual token scope, weakening traceability. Review comment on PR #44.