Add server-side seller filtering for review list endpoints.

[Xhether]

Currently when running the seller endpoint from the frontend, the backend doesn't seem to be filtering reviews by sellers, rather it returns all user reviews. This means filtering is left to the client (frontend), which seems like wasted work and bad practice.

Made-with: Cursor

Overview / Changes

Changed review service to only search for reviews via seller id. Enforcing that a seller id is required when looking for reviews.

Test Coverage

Added relevant unit tests

Related PRs or Issues

(cuappdev/resell-ios#96)

Summary by CodeRabbit

• New Features

  • Review endpoints now support optional seller ID filtering to display seller-specific transaction and user reviews.

• Tests

  • Added test coverage to verify seller ID filtering functionality works as expected.

[coderabbitai]

📝 Walkthrough

Walkthrough

Two review endpoints now support optional seller filtering by accepting a sellerId query parameter. Controllers branch on its presence to call either seller-specific or all-reviews methods. Supporting repository and service methods were added with eager-loaded relations, along with new test cases validating both filtering and eager loading behavior.

Changes

Cohort / File(s)	Summary
Controllers src/api/controllers/TransactionReviewController.ts, src/api/controllers/UserReviewController.ts	Added optional sellerId query parameters with conditional branching: if provided, fetch filtered reviews via new service methods; otherwise, fetch all reviews using existing methods.
Repositories src/repositories/TransactionReviewRepository.ts, src/repositories/UserReviewRepository.ts	Updated eager loading to include seller relations in all review queries. Added new filtering methods getTransactionReviewsBySellerId() and getUserReviewsBySellerId() that join transaction/seller relations and filter by seller Firebase UID.
Services src/services/TransactionReviewService.ts, src/services/UserReviewService.ts	Added new public methods getTransactionReviewsBySellerId() and getUserReviewsBySellerId() that execute within read-only transactions and delegate to repository methods.
Tests src/tests/TransactionReviewTest.test.ts, src/tests/UserReviewTest.test.ts	Added test cases validating seller ID filtering (asserting single seller reviews are returned) and confirming seller relations are eagerly loaded in review responses.

Sequence Diagram

sequenceDiagram
    participant Client
    participant Controller
    participant Service
    participant Repository
    participant Database

    Client->>Controller: GET /reviews?sellerId=uuid
    Controller->>Controller: Check if sellerId provided
    Controller->>Service: getUserReviewsBySellerId(sellerId)
    Service->>Service: Create read-only transaction
    Service->>Repository: getUserReviewsBySellerId(sellerId)
    Repository->>Database: Query: JOIN review.seller WHERE seller.firebaseUid = sellerId
    Database-->>Repository: UserReviewModel[] with eager-loaded seller
    Repository-->>Service: Return filtered reviews
    Service-->>Controller: Return filtered reviews
    Controller-->>Client: Response with seller-filtered reviews

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 A seller's tale, now sorted clean,
With Firebase UIDs filtering the scene,
Reviews hop by seller, eager and bright,
Transactions and users, all grouped just right!
Thump-thump goes the database with joy!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	PR description is incomplete and doesn't follow the required template structure with all key sections properly filled out.	Complete the description by adding detailed 'Changes Made' section explaining the implementation, clarify whether sellerId filtering is truly required (description says 'enforcing required' but code shows optional parameters), and ensure all template sections are properly addressed.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding server-side seller filtering to review list endpoints, which is the primary objective of the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/review-seller-filter

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (3)

src/repositories/TransactionReviewRepository.ts (1)

19-29: Parameter type Uuid is misleading for a firebaseUid value.

sellerId is bound to seller.firebaseUid, which is a Firebase UID string and not a UUID. Typing the parameter as Uuid will silently mislead callers and future maintainers (and any type-driven validation downstream). Recommend string here, matching the controller signature.

♻️ Proposed change

-  public async getTransactionReviewsBySellerId(
-    sellerId: Uuid,
-  ): Promise<TransactionReviewModel[]> {
+  public async getTransactionReviewsBySellerId(
+    sellerId: string,
+  ): Promise<TransactionReviewModel[]> {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/repositories/TransactionReviewRepository.ts` around lines 19 - 29, The
parameter type for getTransactionReviewsBySellerId is incorrect: sellerId is
bound to seller.firebaseUid (a Firebase UID string), so change the method
signature in TransactionReviewRepository from sellerId: Uuid to sellerId: string
and update any usages/call sites that pass a Firebase UID to match the new type;
ensure the controller signature and any interface typings that reference
getTransactionReviewsBySellerId are updated to string as well to keep types
consistent.

src/api/controllers/TransactionReviewController.ts (1)

24-34: Consider pagination and clarify the sellerId semantics.

Two non-blocking observations:

• The seller-filtered branch is unbounded — for a seller with many reviews, response size and DB load will grow linearly. Consider adding take/skip (or cursor) parameters when this endpoint starts seeing real load.
• The sellerId query param value is matched against transaction.seller.firebaseUid in the repository (not the seller entity's primary-key UUID). The naming follows existing codebase convention for user identifiers, but it may be worth documenting in an OpenAPI annotation or a brief comment so frontend integrators don't pass a UUID by mistake.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/api/controllers/TransactionReviewController.ts` around lines 24 - 34, The
getTransactionReviews method should accept pagination parameters and document
sellerId semantics: add optional QueryParams like take (limit) and skip (offset)
to the async getTransactionReviews method and pass them into the service calls
(e.g., call transactionReviewService.getTransactionReviewsBySellerId(sellerId,
take, skip) or transactionReviewService.getAllTransactionReviews(take, skip)) to
avoid unbounded responses; also add an inline comment or OpenAPI annotation
above getTransactionReviews clarifying that sellerId refers to
transaction.seller.firebaseUid (not the seller PK UUID) so frontend integrators
send the correct identifier.

src/repositories/UserReviewRepository.ts (1)

17-26: Same Uuid typing concern as TransactionReviewRepository.getTransactionReviewsBySellerId.

sellerId is matched against firebaseUid (a Firebase UID string), not a UUID. Recommend changing the parameter type to string to match what callers actually pass.

♻️ Proposed change

-  public async getUserReviewsBySellerId(
-    sellerId: Uuid,
-  ): Promise<UserReviewModel[]> {
+  public async getUserReviewsBySellerId(
+    sellerId: string,
+  ): Promise<UserReviewModel[]> {

Minor adjacent nit: the new method uses the alias "seller" for the seller relation, while the existing getUserReviewById (line 34) still uses "user2". Worth aligning on "seller" whenever that file is next touched, for readability.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/repositories/UserReviewRepository.ts` around lines 17 - 26, The method
getUserReviewsBySellerId currently types sellerId as Uuid but compares it to
review.seller.firebaseUid (a Firebase UID string); change the sellerId parameter
type from Uuid to string in getUserReviewsBySellerId and update any callers
accordingly so the types match firebaseUid, and while here consider aligning
relation aliases (e.g., use "seller" consistently instead of "user2") with
getUserReviewById for readability.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@src/api/controllers/TransactionReviewController.ts`:
- Around line 24-34: The getTransactionReviews method should accept pagination
parameters and document sellerId semantics: add optional QueryParams like take
(limit) and skip (offset) to the async getTransactionReviews method and pass
them into the service calls (e.g., call
transactionReviewService.getTransactionReviewsBySellerId(sellerId, take, skip)
or transactionReviewService.getAllTransactionReviews(take, skip)) to avoid
unbounded responses; also add an inline comment or OpenAPI annotation above
getTransactionReviews clarifying that sellerId refers to
transaction.seller.firebaseUid (not the seller PK UUID) so frontend integrators
send the correct identifier.

In `@src/repositories/TransactionReviewRepository.ts`:
- Around line 19-29: The parameter type for getTransactionReviewsBySellerId is
incorrect: sellerId is bound to seller.firebaseUid (a Firebase UID string), so
change the method signature in TransactionReviewRepository from sellerId: Uuid
to sellerId: string and update any usages/call sites that pass a Firebase UID to
match the new type; ensure the controller signature and any interface typings
that reference getTransactionReviewsBySellerId are updated to string as well to
keep types consistent.

In `@src/repositories/UserReviewRepository.ts`:
- Around line 17-26: The method getUserReviewsBySellerId currently types
sellerId as Uuid but compares it to review.seller.firebaseUid (a Firebase UID
string); change the sellerId parameter type from Uuid to string in
getUserReviewsBySellerId and update any callers accordingly so the types match
firebaseUid, and while here consider aligning relation aliases (e.g., use
"seller" consistently instead of "user2") with getUserReviewById for
readability.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6d23a841-7636-4f6d-927f-24df1a26ea47

📥 Commits

Reviewing files that changed from the base of the PR and between dc75067 and 51156ba.

📒 Files selected for processing (8)

• src/api/controllers/TransactionReviewController.ts
• src/api/controllers/UserReviewController.ts
• src/repositories/TransactionReviewRepository.ts
• src/repositories/UserReviewRepository.ts
• src/services/TransactionReviewService.ts
• src/services/UserReviewService.ts
• src/tests/TransactionReviewTest.test.ts
• src/tests/UserReviewTest.test.ts

[Xhether]

Wait this is partially because we're not requiring sellers to be in the response...

[Xhether]

OK now we're good pls review

[ashleynhs]

lgtm