feat(api): expose priority and note in GET /auth-files response#2124
feat(api): expose priority and note in GET /auth-files response#2124luispater merged 4 commits intorouter-for-me:devfrom
Conversation
…sponse The list endpoint previously omitted priority and note, which are stored inside each auth file's JSON content. This adds them to both the normal (auth-manager) and fallback (disk-read) code paths, and extends PATCH /auth-files/fields to support writing the note field. Co-Authored-By: Claude Opus 4.6 <[email protected]>
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly enhances the GET /auth-files API endpoint by exposing previously hidden priority and note fields. This change empowers the frontend to display more comprehensive information on credential cards, including priority badges and user-defined notes, and enables sorting based on priority. Furthermore, the PATCH /auth-files/fields endpoint has been updated to provide full control over the note field, allowing users to set or clear it as needed. Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Changelog
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request successfully exposes the priority and note fields in the /auth-files API response and adds support for updating the note field. The implementation is mostly correct, but I've identified a few areas for improvement. Specifically, there's a correctness issue regarding how the note field is read, leading to inconsistent behavior. I've also pointed out a couple of opportunities to refactor the code for better maintainability and efficiency by reducing duplication and redundant operations. Addressing these points will make the new functionality more robust and the code easier to maintain.
| // Expose note from Metadata. | ||
| if note, ok := auth.Metadata["note"].(string); ok { | ||
| if trimmed := strings.TrimSpace(note); trimmed != "" { | ||
| entry["note"] = trimmed | ||
| } | ||
| } |
There was a problem hiding this comment.
There's an inconsistency in how the note field is accessed compared to the priority field. The synthesizer stores both priority and note in auth.Attributes, but here note is being read from auth.Metadata. While this might work in some cases because Metadata is also populated from the file, it's better to have a single, consistent source for these synthesized values.
For consistency and correctness, note should be read from auth.Attributes, just like priority. This also has the benefit of removing a redundant strings.TrimSpace call, as the synthesizer already handles trimming.
// Expose note from Attributes (set by synthesizer from JSON "note" field).
if note := authAttribute(auth, "note"); note != "" {
entry["note"] = note
}| if nv := gjson.GetBytes(data, "note"); nv.Exists() && strings.TrimSpace(nv.String()) != "" { | ||
| fileData["note"] = strings.TrimSpace(nv.String()) | ||
| } |
There was a problem hiding this comment.
The expression strings.TrimSpace(nv.String()) is evaluated twice here, once in the condition and again in the assignment. This is slightly inefficient. You can improve this by storing the trimmed string in a variable and using it in both places. This will also make the code a bit more readable.
if nv := gjson.GetBytes(data, "note"); nv.Exists() {
if trimmed := strings.TrimSpace(nv.String()); trimmed != "" {
fileData["note"] = trimmed
}
}| if req.Note != nil { | ||
| if targetAuth.Metadata == nil { | ||
| targetAuth.Metadata = make(map[string]any) | ||
| } | ||
| trimmedNote := strings.TrimSpace(*req.Note) | ||
| if trimmedNote == "" { | ||
| delete(targetAuth.Metadata, "note") | ||
| } else { | ||
| targetAuth.Metadata["note"] = trimmedNote | ||
| } | ||
| changed = true | ||
| } |
There was a problem hiding this comment.
This block for handling req.Note is very similar to the block for req.Priority just above it. This introduces code duplication, specifically the check if targetAuth.Metadata == nil.
Consider refactoring to reduce this duplication and improve maintainability. You could combine the logic by first checking if either field needs to be updated, then initializing the metadata map if needed, and then handling each field.
For example:
if req.Priority != nil || req.Note != nil {
if targetAuth.Metadata == nil {
targetAuth.Metadata = make(map[string]any)
}
if req.Priority != nil {
if *req.Priority == 0 {
delete(targetAuth.Metadata, "priority")
} else {
targetAuth.Metadata["priority"] = *req.Priority
}
}
if req.Note != nil {
trimmedNote := strings.TrimSpace(*req.Note)
if trimmedNote == "" {
delete(targetAuth.Metadata, "note")
} else {
targetAuth.Metadata["note"] = trimmedNote
}
}
changed = true
}![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5b6342e6ac
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| if pv := gjson.GetBytes(data, "priority"); pv.Exists() { | ||
| fileData["priority"] = int(pv.Int()) | ||
| } |
There was a problem hiding this comment.
When the auth manager is unavailable, the fallback path now emits priority for any file that merely has a priority key, but gjson.Int() coerces non-numeric values (for example "priority":"high" or "priority":null) to 0. This makes the API report a concrete priority that was never configured and can change sort/order behavior in degraded mode, while the normal in-memory path only includes priority when integer parsing succeeds.
Useful? React with 👍 / 👎.
luispater
left a comment
luispater
left a comment
There was a problem hiding this comment.
Thanks for the PR. I'm requesting changes mainly around one correctness gap.
- Blocking:
GET /auth-filesstill dropsnotefor multi-project Gemini credentials.buildAuthFileEntry()only readsnotefromauth.Metadata, while the new synthesizer code stores it inAttributes, andSynthesizeGeminiVirtualAuths()does not copynoteinto the virtual auth metadata. Since the disabled primary auth is hidden and the virtual auths are what the UI actually lists, those cards will still not receivenote. - Non-blocking: the fallback disk-read path now uses
gjson.Result.Int()for any existingpriority, which means malformed string values become0instead of being omitted. It would be better to keep this behavior aligned with the normal auth-manager path. - Tests: I ran
go test ./internal/watcher/synthesizer ./internal/api/handlers/management -count=1in a detached worktree for PR2124, and both packages passed. I didn't find any new regression coverage for the addednotebehavior.
Once the Gemini virtual-auth path is handled and the parsing behavior/tests are tightened up, I'm happy to take another look.
…arsing - Read note from Attributes (consistent with priority) in buildAuthFileEntry, fixing missing note on Gemini multi-project virtual auth cards. - Propagate note from primary to virtual auths in SynthesizeGeminiVirtualAuths, mirroring existing priority propagation. - Sync note/priority writes to both Metadata and Attributes in PatchAuthFileFields, with refactored nil-check to reduce duplication (review feedback). - Validate priority type in fallback disk-read path instead of coercing all values to 0 via gjson.Int(), aligning with the auth-manager code path. - Add regression tests for note synthesis, virtual-auth note propagation, and end-to-end multi-project Gemini note inheritance. Co-Authored-By: Claude Opus 4.6 <[email protected]>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f90120f846
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| entry["id_token"] = claims | ||
| } | ||
| // Expose priority from Attributes (set by synthesizer from JSON "priority" field). | ||
| if p := strings.TrimSpace(authAttribute(auth, "priority")); p != "" { |
There was a problem hiding this comment.
buildAuthFileEntry now exposes priority/note only from auth.Attributes, but registerAuthFromFile still initializes attributes with just path/source and leaves these values in Metadata; as a result, files added via UploadAuthFile can contain valid priority/note in JSON yet GET /auth-files omits them until some later re-synthesis repopulates attributes. This makes the new response fields unreliable in normal auth-manager mode for uploaded or freshly registered files.
Useful? React with 👍 / 👎.
buildAuthFileEntry now falls back to reading priority/note from auth.Metadata when Attributes lacks them. This covers auths registered via UploadAuthFile which bypass the synthesizer and only populate Metadata from the raw JSON. Co-Authored-By: Claude Opus 4.6 <[email protected]>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8d8f5970ee
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| if nv := gjson.GetBytes(data, "note"); nv.Exists() { | ||
| if trimmed := strings.TrimSpace(nv.String()); trimmed != "" { | ||
| fileData["note"] = trimmed |
There was a problem hiding this comment.
In the auth-manager fallback path, note is read with nv.String() for any existing JSON value and then trimmed, so malformed auth files like {"note":123} or {"note":true} get exposed as concrete note text instead of being ignored. This diverges from the normal manager path (synthesizeFileAuths/buildAuthFileEntry), which only accepts string notes, so degraded mode can return inconsistent and misleading note values. Restrict this branch to gjson.String before setting fileData["note"].
Useful? React with 👍 / 👎.
Only emit note in listAuthFilesFromDisk when the JSON value is actually a string (gjson.String), matching the synthesizer/buildAuthFileEntry behavior. Non-string values like numbers or booleans are now ignored instead of being coerced via gjson.String(). Co-Authored-By: Claude Opus 4.6 <[email protected]>
2 participants
概述 / Summary
GET /auth-files列表接口此前不返回凭证文件中的priority和note字段,导致前端无法在卡片上展示优先级和备注,也无法按优先级排序。本 PR 将这两个字段暴露到列表响应中,并扩展PATCH /auth-files/fields以支持写入note。The
GET /auth-fileslist endpoint previously omitted thepriorityandnotefields stored inside each auth file's JSON content. This meant the frontend could not display priority badges or notes on credential cards, nor sort by priority. This PR exposes both fields in the list response and extendsPATCH /auth-files/fieldsto support writing thenotefield.改动详情 / Changes
1.
buildAuthFileEntry()— 正常路径 / Normal pathauth.Attributes["priority"](合成阶段已写入)读取 priority,转为 int 返回auth.Metadata["note"]读取 note(string),非空时返回priorityfromauth.Attributes["priority"](already set by synthesizer), converts to intnotefromauth.Metadata["note"](string), includes when non-empty2.
listAuthFilesFromDisk()— 回退路径 / Fallback pathpriority和note字段priorityandnotefrom on-disk JSON files3.
synthesizeFileAuths()— 合成阶段 / Synthesismetadata["note"]读取 note 并存入auth.Attributes["note"]notefrommetadata["note"]intoauth.Attributes["note"]4.
PatchAuthFileFields()— 字段写入 / Field updateNote *string字段Note *stringto the request struct改动文件 / Changed files
internal/api/handlers/management/auth_files.gointernal/watcher/synthesizer/file.go测试计划 / Test plan
priority的凭证文件,列表接口返回priority整数值 / Auth files withpriorityreturn it as integer in list responsenote的凭证文件,列表接口返回note字符串 / Auth files withnotereturn it as string in list responsePATCH /auth-files/fields传入note可正常写入和清除 /PATCH /auth-files/fieldswithnotewrites and clears correctly🤖 Generated with Claude Code