fix: usecase 層の error 握り潰しを修正 (#358)#362
Conversation
errcheck で検出された write 系メソッド(Update/Create/Destroy)の戻り値 error の握り潰しを解消。あわせて同ファイル群の error ハンドリングを整理した。 - shift_usecase: UpdateShiftAdmin/UpdateShiftsFromGAS の Update を error 処理。action_log の Create は best-effort のため log-and-continue(メイン処理は中断しない)。UpdateShiftsFromGAS の dateID/taskID パースエラーを伝播。 - mail_auth/place/task/user_usecase: Create/Update/Delete・bcrypt・FindNewRecord の戻り値 error チェックを追加。WebSignIn の _makeRandomStr/sessionRep.Create の err 上書きを解消。新規メッセージは日本語規約に統一。 errcheck: 22 → 12(残12件は defer Close=#359, e.Start/c.JSON=#316 でスコープ外)。 Close #358
|
Warning Review limit reached
More reviews will be available in 17 minutes and 51 seconds. Learn how PR review limits work. Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file). ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits. 🚦 How do rate limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (4)
📝 Walkthroughウォークトレース
変更内容Usecase errcheck対応:エラー伝播の統一
推定レビュー工数🎯 3 (Moderate) | ⏱️ ~20 minutes 関連PR
推奨レビュアー
詩
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@api/lib/usecase/mail_auth_usecase.go`:
- Around line 143-151: The DeleteByUserID call on sessionRep is currently
executing before password validation with bcrypt.CompareHashAndPassword,
creating a security vulnerability where incorrect password attempts can force
logout for users. Move the entire session deletion block (the if statement
checking err from u.sessionRep.DeleteByUserID) to execute only after the
CompareHashAndPassword check succeeds, ensuring sessions are only deleted after
successful authentication.
In `@api/lib/usecase/shift_usecase.go`:
- Line 1497: The Scan operation on existRow at line 1497 incorrectly treats all
errors as "record not found". Currently, the condition only checks if err is
nil, but DB errors other than sql.ErrNoRows will still fall through and cause
new record creation at line 1536, potentially creating duplicates. Refactor the
error handling to explicitly check if the error is sql.ErrNoRows before allowing
fallback to new creation, and properly return or handle other database errors
instead of proceeding to create a new shift record.
In `@api/lib/usecase/user_usecase.go`:
- Line 379: Replace the string comparison `err.Error() == "sql: no rows in
result set"` in the conditional check at line 379 with the standard Go error
comparison pattern using `errors.Is(err, sql.ErrNoRows)`. This approach is more
robust and follows Go conventions for error handling. Ensure the sql package is
imported if it is not already present in the file.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 282ade98-4b17-43eb-9ac5-c2139c8820d8
📒 Files selected for processing (5)
api/lib/usecase/mail_auth_usecase.goapi/lib/usecase/place_usecase.goapi/lib/usecase/shift_usecase.goapi/lib/usecase/task_usecase.goapi/lib/usecase/user_usecase.go
- WebSignIn: 既存セッション削除をパスワード検証の後へ移動。認証前に削除すると、学籍番号を知るだけで誤パスワード試行による強制ログアウトが可能だった。 - UpdateShiftsFromGAS: 既存シフト確認 Scan の非 sql.ErrNoRows エラーを新規作成へフォールバックさせず return するよう変更。DBエラー時の重複生成を防止。 - sql.ErrNoRows の判定を文字列比較から errors.Is(err, sql.ErrNoRows) に統一(user_usecase 1箇所・task_usecase 2箇所)。
|
CodeRabbit 指摘3件、いずれも妥当だったため対応しました(commit 2aa6862)。 検証: |
Summary
errcheck で検出された usecase 層の write 系メソッド(Update/Create/Destroy)の戻り値 error 握り潰しを解消(#358)。あわせて同5ファイル内の関連する error ハンドリングの綻び(bcrypt 失敗・strconv パースエラー喪失・Create/Update 後の err 上書き)も整理した。
Close #358
変更内容
UpdateShiftAdmin/UpdateShiftsFromGASのUpdateを error 処理。action_logのCreateは best-effort のため log-and-continue(メイン処理は中断しない)。dateID/taskIDのパースエラーを伝播WebSignUp/WebSignInのbcrypt・Create・_makeRandomStr・sessionRep.Createの err チェック追加(_makeRandomStrの err 上書きバグを解消)Create/Update・FindNewRecordの戻り値 err チェック追加新規メッセージは既存の日本語規約
errors.Wrapf(err, "〜失敗: %v")に統一。既存の英語メッセージ(cannot connect SQL等)は不変。errcheck の変化
残 12 件はすべてスコープ外(別issue):
e.Start/c.JSON3 件 → [Go static] errcheck: エラー未処理の解消 (e.Start / c.JSON 3件) #316スコープ外(別途対応)
defer X.Close()のエラー処理 → [Go static] errcheck: defer X.Close() のエラー処理 (9件) #359strconv.Atoi(shift 870/951-954)→ 別issue予定Test plan
cd api && go build ./...が通るcd api && golangci-lint runで write 系 errcheck が 0(残は [Go static] errcheck: defer X.Close() のエラー処理 (9件) #359/[Go static] errcheck: エラー未処理の解消 (e.Start / c.JSON 3件) #316 のみ)Summary by CodeRabbit
リリースノート