Skip to content

Config override CRUD#803

Merged
fomalhautb merged 55 commits intodevfrom
project-config-to-json
Aug 1, 2025
Merged

Config override CRUD#803
fomalhautb merged 55 commits intodevfrom
project-config-to-json

Conversation

@fomalhautb
Copy link
Contributor

@fomalhautb fomalhautb commented Jul 25, 2025
edited by coderabbitai bot
Loading

Important

Add admin-only API endpoints and UI support for project configuration overrides, with comprehensive tests and documentation updates.

  • New Features:
    • Added admin-only API endpoints for reading and updating project configuration overrides in config/crud.tsx and config/override/crud.tsx.
    • Admin app supports fetching, caching, and updating configuration overrides with new React hooks in admin-app-impl.ts.
  • Bug Fixes:
    • Validation and error handling for OAuth providers, duplicate IDs, and invalid config fields in oauth-providers/crud.tsx.
  • Tests:
    • Added end-to-end tests for configuration management and validation errors in config.test.ts and js/config.test.ts.
  • Documentation:
    • Updated API documentation for new config override endpoints in config.ts.

This description was created by Ellipsis for 3d20abc. You can customize this summary. It will automatically update as commits are pushed.

Summary by CodeRabbit

  • New Features

    • Added the ability for admins to view and update project configuration overrides through new internal API endpoints.
    • Extended the admin app to support fetching, updating, and caching configuration overrides, including React hook support for real-time config usage.
    • Introduced new admin interface methods for retrieving and updating configuration.

  • Bug Fixes

    • Improved validation and error handling for configuration updates, including checks for duplicate or invalid OAuth provider entries and non-existent configuration fields.

  • Tests

    • Added comprehensive end-to-end tests covering configuration retrieval, updates, access control, OAuth provider management, and domain management.

  • Documentation

    • Enhanced API documentation for configuration management endpoints and operations.

fomalhautb and others added 18 commits July 24, 2025 13:00
@fomalhautb
remove old config
a9ceab2
@fomalhautb
fix validateRedirectUrl
6390832
@fomalhautb
fix tenancy config
1f02532
@fomalhautb
fix
588019d
@fomalhautb
better error handling
86466a9
@fomalhautb
fix
3d38936
@fomalhautb
fix
506ff7d
@fomalhautb
fix
5d7bcc0
@fomalhautb
fix
3626c5c
@fomalhautb
fix
76f593a
@fomalhautb
remove environment-config
0b00d8c
@fomalhautb @greptile-apps
Update apps/backend/src/app/api/latest/integrations/neon/oauth-provid…
62b7775 
…ers/crud.tsx

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
@fomalhautb @greptile-apps
Update apps/backend/src/app/api/latest/auth/otp/send-sign-in-code/rou…
0bcafcd 
…te.tsx

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
@fomalhautb @greptile-apps
Update apps/backend/prisma/seed.ts
15f73de 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
@fomalhautb
Merge branch 'dev' into remove-old-config
8c18c7f
@fomalhautb
fix
073ab15
@fomalhautb
fix tests
bc069b0
@fomalhautb
added config override crud
9ceb0ac
@vercel
Copy link

vercel bot commented Jul 25, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
stack-backend ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 1, 2025 4:22pm
stack-dashboard ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 1, 2025 4:22pm
stack-demo ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 1, 2025 4:22pm
stack-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 1, 2025 4:22pm

recurseml[bot]
recurseml bot reviewed Jul 25, 2025
View reviewed changes
@recurseml
Copy link

recurseml bot commented Jul 25, 2025

😱 Found 1 issue. Time to roll up your sleeves! 😱

🗒️ View all ignored comments in this repo
  • The constraint 'TokenStoreType extends string' is too restrictive. It should likely be 'TokenStoreType extends string | object' to match the condition check in line 113 where TokenStoreType is checked against {}
  • Return type mismatch - the interface declares useUsers() returning ServerUser[] but the Team interface that this extends declares useUsers() returning TeamUser[]
  • There is a syntax error in the super constructor call due to the ellipsis operator used incorrectly. Objects aren't being merged correctly. This syntax usage can lead to runtime errors when trying to pass the merged object to 'super()'. Verify that the intended alterations to the object occur before or outside of the super() call if needed.
  • Throwing an error when no active span is found is too aggressive. The log function should gracefully fallback to console.log or another logging mechanism when there's no active span, since not all execution contexts will have an active span. This makes the code less resilient and could break functionality in non-traced environments.

📚 Relevant Docs

  • Function sets backendContext with a new configuration but doesn't pass 'defaultProjectKeys'. Since defaultProjectKeys is required in the type definition and cannot be updated (throws error if tried to set), this will cause a type error.
  • The schema is using array syntax for pick() which is incorrect for Yup schemas. The pick() method in Yup expects individual arguments, not an array. Should be changed to: emailConfigSchema.pick('type', 'host', 'port', 'username', 'sender_name', 'sender_email')

📚 Relevant Docs

  • Creating a refresh token with current timestamp as expiration means it expires immediately. Should set a future date for token expiration.
  • The 'tools' object is initialized as an empty object, even though 'tools' is presumably expected to contain tool definitions. This could cause the server capabilities to lack necessary tool configurations, thus potentially impacting functionalities that depend on certain tool setups.

📚 Relevant Docs

  • 'STACK_SECRET_SERVER_KEY' is potentially being included in every request header without checking its existence again here. Although it's checked during initialization, this could lead to security issues as it's exposed in all communications where the header is logged or captured.

📚 Relevant Docs

  • When adding 'use client' directive at the beginning, it doesn't check if file.text already contains the 'use client' directive. This could lead to duplicate 'use client' directives if the file already has one.

📚 Relevant Docs

⚠️ Only 5 files were analyzed due to processing limits.

Need help? Join our Discord for support!
https://discord.gg/qEjHQk64Z9

@fomalhautb fomalhautb changed the base branch from dev to remove-old-config July 25, 2025 00:49
@fomalhautb fomalhautb marked this pull request as ready for review July 25, 2025 18:03
@fomalhautb fomalhautb assigned N2D4 and unassigned fomalhautb Jul 25, 2025
@fomalhautb fomalhautb requested a review from N2D4 July 25, 2025 18:03
N2D4
N2D4 approved these changes Aug 1, 2025
View reviewed changes
@N2D4 N2D4 assigned madster456 and fomalhautb and unassigned N2D4 and madster456 Aug 1, 2025
coderabbitai[bot]
coderabbitai bot reviewed Aug 1, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
apps/backend/src/app/api/latest/internal/config/override/crud.tsx (1)

45-47: Use return await for consistency

Per the coding guidelines, promises should be returned with return await.

-    return {
+    return await Promise.resolve({
       config_override_string: JSON.stringify(updatedConfig),
-    };
+    });
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eb5a173 and 3d20abc.

📒 Files selected for processing (6)
  • apps/backend/src/app/api/latest/internal/config/crud.tsx (1 hunks)
  • apps/backend/src/app/api/latest/internal/config/override/crud.tsx (1 hunks)
  • apps/backend/src/app/api/latest/internal/config/override/route.tsx (1 hunks)
  • apps/backend/src/app/api/latest/internal/config/route.tsx (1 hunks)
  • apps/e2e/tests/backend/endpoints/api/v1/internal/config.test.ts (1 hunks)
  • packages/stack-shared/src/interface/admin-interface.ts (2 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
  • packages/stack-shared/src/interface/admin-interface.ts
  • apps/e2e/tests/backend/endpoints/api/v1/internal/config.test.ts
🧰 Additional context used
📓 Path-based instructions (3)
**/*.{ts,tsx}

📄 CodeRabbit Inference Engine (CLAUDE.md)

**/*.{ts,tsx}: TypeScript with strict types, prefer type over interface
Avoid casting to any; Prefer making changes to the API so that any casts are unnecessary to access a property or method

Files:

  • apps/backend/src/app/api/latest/internal/config/route.tsx
  • apps/backend/src/app/api/latest/internal/config/override/route.tsx
  • apps/backend/src/app/api/latest/internal/config/crud.tsx
  • apps/backend/src/app/api/latest/internal/config/override/crud.tsx
**/*.{js,jsx,ts,tsx}

📄 CodeRabbit Inference Engine (CLAUDE.md)

**/*.{js,jsx,ts,tsx}: 2-space indentation, spaces in braces, semicolons required
Return promises with return await, no floating promises
Proper error handling for async code with try/catch
Use helper functions: yupXyz() for validation, getPublicEnvVar() for env
Switch cases must use blocks

Files:

  • apps/backend/src/app/api/latest/internal/config/route.tsx
  • apps/backend/src/app/api/latest/internal/config/override/route.tsx
  • apps/backend/src/app/api/latest/internal/config/crud.tsx
  • apps/backend/src/app/api/latest/internal/config/override/crud.tsx
**/*.{jsx,tsx}

📄 CodeRabbit Inference Engine (CLAUDE.md)

**/*.{jsx,tsx}: React Server Components preferred where applicable
No direct 'use' imports from React (use React.use instead)

Files:

  • apps/backend/src/app/api/latest/internal/config/route.tsx
  • apps/backend/src/app/api/latest/internal/config/override/route.tsx
  • apps/backend/src/app/api/latest/internal/config/crud.tsx
  • apps/backend/src/app/api/latest/internal/config/override/crud.tsx
🧠 Learnings (1)
📚 Learning: applies to **/*.{js,jsx,ts,tsx} : use helper functions: `yupxyz()` for validation, `getpublicenvvar(... 
Learnt from: CR
PR: stack-auth/stack-auth#0
File: CLAUDE.md:0-0
Timestamp: 2025-07-28T23:25:51.701Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Use helper functions: `yupXyz()` for validation, `getPublicEnvVar()` for env

Applied to files:

  • apps/backend/src/app/api/latest/internal/config/override/crud.tsx
🧬 Code Graph Analysis (3)
apps/backend/src/app/api/latest/internal/config/route.tsx (1)
apps/backend/src/app/api/latest/internal/config/crud.tsx (1)
  • configCrudHandlers (6-13)
apps/backend/src/app/api/latest/internal/config/override/route.tsx (1)
apps/backend/src/app/api/latest/internal/config/override/crud.tsx (1)
  • configOverridesCrudHandlers (9-49)
apps/backend/src/app/api/latest/internal/config/override/crud.tsx (7)
packages/stack-shared/src/utils/proxies.tsx (1)
  • createLazyProxy (61-127)
apps/backend/src/route-handlers/crud-handler.tsx (1)
  • createCrudHandlers (99-294)
packages/stack-shared/src/interface/crud/config.ts (1)
  • configOverrideCrud (11-21)
packages/stack-shared/src/schema-fields.ts (1)
  • yupObject (245-249)
packages/stack-shared/src/utils/errors.tsx (1)
  • StatusError (152-261)
apps/backend/src/lib/config.tsx (3)
  • validateEnvironmentConfigOverride (88-96)
  • overrideEnvironmentConfigOverride (232-262)
  • getRenderedEnvironmentConfigQuery (42-47)
apps/backend/src/prisma-client.tsx (2)
  • rawQuery (270-273)
  • globalPrismaClient (31-31)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)
  • GitHub Check: build (22.x)
  • GitHub Check: docker
  • GitHub Check: lint_and_build (latest)
  • GitHub Check: build (22.x)
  • GitHub Check: docker
  • GitHub Check: setup-tests
  • GitHub Check: restart-dev-and-test
  • GitHub Check: all-good
  • GitHub Check: Security Check
🔇 Additional comments (4)
apps/backend/src/app/api/latest/internal/config/route.tsx (1)

1-3: LGTM!

The route handler correctly exposes the GET endpoint for reading configuration using the standard CRUD handler pattern.

apps/backend/src/app/api/latest/internal/config/override/route.tsx (1)

1-3: LGTM!

The route handler correctly exposes the PATCH endpoint for updating configuration overrides following the established pattern.

apps/backend/src/app/api/latest/internal/config/crud.tsx (1)

1-13: LGTM!

The CRUD handler implementation correctly uses lazy initialization and properly returns the stringified configuration from the auth context.

apps/backend/src/app/api/latest/internal/config/override/crud.tsx (1)

12-38: Verify the behavior when config_override_string is not provided

When data.config_override_string is falsy, the handler skips all validation and override logic, returning the current config without modifications. Is this the intended behavior for PATCH requests with empty/null override strings?

@fomalhautb fomalhautb merged commit 2b5eebc into dev Aug 1, 2025
18 checks passed
@fomalhautb fomalhautb deleted the project-config-to-json branch August 1, 2025 16:28
@coderabbitai coderabbitai bot mentioned this pull request Aug 1, 2025
Merged
madster456 pushed a commit that referenced this pull request Aug 4, 2025
@fomalhautb @greptile-apps
@N2D4 @madster456
Config override CRUD (#803)
3457e32 
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md

-->

<!-- ELLIPSIS_HIDDEN -->


----

> [!IMPORTANT]
> Add admin-only API endpoints and UI support for project configuration
overrides, with comprehensive tests and documentation updates.
> 
>   - **New Features**:
> - Added admin-only API endpoints for reading and updating project
configuration overrides in `config/crud.tsx` and
`config/override/crud.tsx`.
> - Admin app supports fetching, caching, and updating configuration
overrides with new React hooks in `admin-app-impl.ts`.
>   - **Bug Fixes**:
> - Validation and error handling for OAuth providers, duplicate IDs,
and invalid config fields in `oauth-providers/crud.tsx`.
>   - **Tests**:
> - Added end-to-end tests for configuration management and validation
errors in `config.test.ts` and `js/config.test.ts`.
>   - **Documentation**:
> - Updated API documentation for new config override endpoints in
`config.ts`.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 3d20abc. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>

----


<!-- ELLIPSIS_HIDDEN -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added the ability for admins to view and update project configuration
overrides through new internal API endpoints.
* Extended the admin app to support fetching, updating, and caching
configuration overrides, including React hook support for real-time
config usage.
* Introduced new admin interface methods for retrieving and updating
configuration.

* **Bug Fixes**
* Improved validation and error handling for configuration updates,
including checks for duplicate or invalid OAuth provider entries and
non-existent configuration fields.

* **Tests**
* Added comprehensive end-to-end tests covering configuration retrieval,
updates, access control, OAuth provider management, and domain
management.

* **Documentation**
* Enhanced API documentation for configuration management endpoints and
operations.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
This was referenced Aug 4, 2025
Closed
Merged
@coderabbitai coderabbitai bot mentioned this pull request Aug 14, 2025
Merged
This was referenced Sep 2, 2025
Merged
Merged
@coderabbitai coderabbitai bot mentioned this pull request Sep 10, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Oct 16, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Oct 28, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Nov 6, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Nov 13, 2025
Open
This was referenced Jan 14, 2026
Merged
Merged
This was referenced Feb 2, 2026
Merged
Merged
Closed
Merged
Merged
@coderabbitai coderabbitai bot mentioned this pull request Mar 3, 2026
Merged
@coderabbitai coderabbitai bot mentioned this pull request Mar 13, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ellipsis-dev ellipsis-dev[bot] ellipsis-dev[bot] left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@N2D4 N2D4 N2D4 approved these changes

+2 more reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@recurseml recurseml[bot] recurseml[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@fomalhautb fomalhautb

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fomalhautb @N2D4 @madster456