fix: admin queries and bootstrapping

[danielhe4rt]

Summary by CodeRabbit

• New Features

  • Added searchable owner field with improved filtering capabilities in tenant management forms

• Improvements

  • Enhanced system performance through optimized query caching
  • User count statistics now display in abbreviated format for better readability

• Bug Fixes

  • Fixed GitHub navigation links in guest panel interface

• Removals

  • Removed tenant statistics overview widget from admin dashboard

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The PR enhances caching for stats queries, refactors the application bootstrap sequence across service providers, removes the TenantsStatsOverview widget, improves UI field configuration with searchability, adds conditional debugbar support with configuration, and implements environment-aware database seeding logic.

Changes

Cohort / File(s)	Summary
Tenant module updates app-modules/tenant/src/Filament/Admin/Resources/Tenants/Schemas/TenantForm.php, app-modules/tenant/src/Filament/Admin/Widgets/TenantsStatsOverview.php, app-modules/tenant/src/Plugins/AdminTenantPanelPlugin.php	Updated owner_id field to use named parameters with native(false), searchable(), and a modifyQueryUsing callback to limit results. Removed TenantsStatsOverview widget class and its registration from the panel plugin.
User module stats and caching app-modules/user/src/Filament/Admin/Resources/Users/UserResource.php, app-modules/user/src/Filament/Shared/Widgets/UsersStatsOverview.php	Added 5-minute caching to navigation badge count with abbreviated number formatting. Wrapped stats queries with cache()->remember() and added UsersStatsOverview widget registration.
User model simplifications app-modules/user/src/Models/User.php, app-modules/user/src/Plugins/AdminUserPanelPlugin.php	Simplified canAccessPanel() to explicitly return match expression; removed conditional GitHub provider check in getFilamentAvatarUrl(). Registered UsersStatsOverview widget.
Application bootstrap refactoring app/Providers/AppServiceProvider.php	Reorganized boot sequence into private configuration methods (configureDatabase(), configureDates(), configureVite(), configureUrl()); added conditional registerDebugbar() method.
Debugbar conditional support app/Providers/Tools/DebugbarServiceProvider.php, config/debugbar.php, composer.json	Added new DebugbarServiceProvider with conditional boot logic based on config; created comprehensive debugbar configuration file; updated Laravel framework version and added debugbar to dont-discover list.
UI and seeding updates app/Providers/Filament/GuestPanelProvider.php, database/seeders/ThreeDotsSeeder.php	Removed footer render hook and commented out login buttons in sidebar/topbar; added GitHub href link. Implemented environment-aware admin user lookup (production vs. local).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

• Service provider refactoring: The centralized bootstrap sequence in AppServiceProvider requires verification that all configuration steps execute correctly and dependencies are properly ordered.
• Caching additions: Verify cache keys are unique, TTL values are appropriate, and fallback handling for null values is correct across UserResource and UsersStatsOverview.
• Conditional debugbar registration: Ensure DebugbarServiceProvider doesn't interfere with production deployments and that the config file is properly excluded from discovery.
• Environment-aware seeding: Confirm the production vs. local username lookup in ThreeDotsSeeder aligns with actual user data expectations.

Possibly related PRs

• fix: admin privileges #130: Modifies the same User::canAccessPanel() method, adjusting its access logic and return structure.
• feat: event page #121: Alters the User model class with HasMedia trait and media-related methods, overlapping with this PR's User model changes.
• feat: talks time #105: Modifies database/seeders/ThreeDotsSeeder.php with changes to admin user lookup and tenant/event seeding logic.

Suggested reviewers

• gvieira18
• Clintonrocha98

Poem

🐰 Cachés were added, widgets took flight,
Debugbar now dances when day turns to night,
Bootstrap boots faster with methods so clean,
Environment-aware seeds keep things serene! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 36.84% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the primary changes: optimizing admin queries (caching, relationship modifications) and refactoring bootstrapping logic (AppServiceProvider refactoring).

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/stuff

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (5)

app/Providers/Filament/GuestPanelProvider.php (3)

39-58: Large commented-out FOOTER hook could be removed or moved to config/docs

The entire PanelsRenderHook::FOOTER block is now commented out. If this footer isn’t coming back soon, consider deleting it (or moving the config/text into a markdown/docs file) to keep the provider lean and avoid stale UI fragments living in comments.

---

62-67: Github CTA change looks good; consider cleaning up the commented button

Adding href="https://github.com/he4rt" to the <x-he4rt::button> in the sidebar guest block is straightforward and keeps the CTA clear. If the “Entrar agora” button is no longer part of the UX, you might want to drop the HTML comment entirely instead of keeping it inline here.

---

74-79: Topbar Github CTA mirrors sidebar; optional DRY / cleanup

Same as the sidebar: the Github link change is fine, and the commented-out “Entrar agora” button adds a bit of noise. If this pattern is finalized, you could either remove the commented code or extract a small shared Blade snippet for the Github button to avoid duplication between sidebar and topbar.

app-modules/tenant/src/Filament/Admin/Resources/Tenants/Schemas/TenantForm.php (1)

35-39: Confirm the impact of limit(10) on searchable relationship options

The new Select::make('owner_id') setup looks good and is idiomatic for Filament; native(false) + searchable() is a solid UX improvement.

One subtle point: putting ->limit(10) inside modifyQueryUsing will cap all owner options to 10 rows, including when the user searches. Without an explicit orderBy, which 10 rows you get may also be arbitrary.

If the intent is “only ever show 10” and that’s acceptable, this is fine. If you instead want “10 per page / per search, but full search coverage,” consider:

• Adding a deterministic sort, e.g. orderBy('name'), and/or
• Using Filament’s built‑in mechanisms for option limiting / pagination rather than a hard limit() inside modifyQueryUsing, per current Filament docs.

app/Providers/AppServiceProvider.php (1)

53-56: Empty method - consider removing or implementing.

configureDates() is currently empty with only a commented-out example. If this is a placeholder for future implementation, consider adding a TODO comment or removing it to avoid dead code.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 73f6d53 and 23120ee.

⛔ Files ignored due to path filters (1)

• composer.lock is excluded by !**/*.lock

📒 Files selected for processing (13)

• app-modules/tenant/src/Filament/Admin/Resources/Tenants/Schemas/TenantForm.php (1 hunks)
• app-modules/tenant/src/Filament/Admin/Widgets/TenantsStatsOverview.php (0 hunks)
• app-modules/tenant/src/Plugins/AdminTenantPanelPlugin.php (0 hunks)
• app-modules/user/src/Filament/Admin/Resources/Users/UserResource.php (2 hunks)
• app-modules/user/src/Filament/Shared/Widgets/UsersStatsOverview.php (1 hunks)
• app-modules/user/src/Models/User.php (1 hunks)
• app-modules/user/src/Plugins/AdminUserPanelPlugin.php (2 hunks)
• app/Providers/AppServiceProvider.php (2 hunks)
• app/Providers/Filament/GuestPanelProvider.php (1 hunks)
• app/Providers/Tools/DebugbarServiceProvider.php (1 hunks)
• composer.json (2 hunks)
• config/debugbar.php (1 hunks)
• database/seeders/ThreeDotsSeeder.php (1 hunks)

💤 Files with no reviewable changes (2)

• app-modules/tenant/src/Plugins/AdminTenantPanelPlugin.php
• app-modules/tenant/src/Filament/Admin/Widgets/TenantsStatsOverview.php

🧰 Additional context used

🧬 Code graph analysis (4)

app-modules/user/src/Plugins/AdminUserPanelPlugin.php (1)

app-modules/user/src/Filament/Shared/Widgets/UsersStatsOverview.php (1)

• UsersStatsOverview (13-51)

app-modules/user/src/Filament/Shared/Widgets/UsersStatsOverview.php (1)

app-modules/events/src/Filament/Shared/Widgets/ActiveEventsStats.php (1)

• getStats (16-61)

app/Providers/AppServiceProvider.php (1)

app/Providers/Tools/DebugbarServiceProvider.php (2)

• DebugbarServiceProvider (9-24)
• boot (11-18)

app-modules/user/src/Models/User.php (9)

app/Providers/Filament/GuestPanelProvider.php (1)

• panel (28-125)

app/Providers/Filament/EventPanelProvider.php (1)

• panel (35-88)

app/Providers/Filament/AdminPanelProvider.php (1)

• panel (26-74)

app/Providers/Filament/UserPanelProvider.php (1)

• panel (28-68)

app-modules/user/src/Plugins/AdminUserPanelPlugin.php (1)

• getId (15-18)

app-modules/tenant/src/Plugins/AdminTenantPanelPlugin.php (1)

• getId (14-17)

app-modules/events/src/AdminEventPanelPlugin.php (1)

• getId (15-18)

app-modules/season/src/AdminSeasonPanelPlugin.php (1)

• getId (15-18)

app-modules/user/src/Plugins/AppUserPanelPlugin.php (1)

• getId (16-19)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Perform Pest Tests / Run

🔇 Additional comments (11)

composer.json (1)

143-145: Good approach for conditional debugbar loading.

Adding barryvdh/laravel-debugbar to dont-discover aligns with the manual conditional registration in AppServiceProvider. This prevents the debugbar from auto-registering in production and allows explicit control over when it's loaded.

config/debugbar.php (2)

19-24: Safe default configuration.

Setting 'enabled' => env('DEBUGBAR_ENABLED', false) ensures the debugbar is disabled by default, which is a safe production-friendly default. The exclusion of telescope* and horizon* routes is also appropriate.

---

247-249: Good exclusion of Filament views.

Excluding vendor/filament from the views collector will reduce noise in the debugbar and improve performance during development. This is a thoughtful configuration choice.

app/Providers/Tools/DebugbarServiceProvider.php (1)

11-23: Consider also overriding register() if the goal is to fully disable debugbar.

Currently, only boot() is conditionally skipped, but parent::register() still runs (inherited behavior), which registers the debugbar bindings into the container. If you want to completely prevent debugbar initialization when disabled, you should also conditionally skip register().

If this is intentional (e.g., to allow runtime toggling), then this is fine. Otherwise, consider:

+    public function register(): void
+    {
+        if (! $this->canBoot()) {
+            return;
+        }
+
+        parent::register();
+    }
+
     public function boot(): void
     {
         if (! $this->canBoot()) {
             return;
         }

         parent::boot();
     }

app/Providers/AppServiceProvider.php (2)

66-71: Defensive layered checks for debugbar registration.

The isLocal() check here combined with the config('debugbar.enabled') check in DebugbarServiceProvider provides layered protection. This ensures debugbar is only loaded in local environments AND when explicitly enabled via config. Good defense-in-depth approach.

---

26-32: Clean separation of boot concerns.

The refactoring to separate configuration into discrete methods (configureDatabase, configureDates, configureVite, configureUrl) improves readability and maintainability. Each method has a single responsibility.

database/seeders/ThreeDotsSeeder.php (1)

24-26: No issues found — field usage is intentional and correct for environment-specific seeding.

Verification confirms both query patterns are appropriate:

• Production (where('username', 'danielhe4rt')): Queries the production admin user, whose username is registered in config as an admin identifier.
• Non-production (where('name', 'admin')): Queries the seeded admin user created by BaseSeeder with name='admin' (and username='admin').

The User model supports both fields (confirmed in app-modules/user/src/Models/User.php fillable array), and the BaseSeeder creates the admin user with both fields set identically. This is an intentional design pattern for environment-specific seeding.

app-modules/user/src/Plugins/AdminUserPanelPlugin.php (1)

11-11: LGTM! Widget registration is correct.

The UsersStatsOverview widget is properly imported and registered in the admin panel. This aligns with the cached statistics pattern implemented in the widget itself.

Also applies to: 26-28

app-modules/user/src/Filament/Admin/Resources/Users/UserResource.php (1)

18-18: LGTM! Caching implementation is appropriate.

The navigation badge now uses cached user counts with a 5-minute TTL, which will reduce database load. The use of Number::abbreviate() provides a better UX for large user counts (e.g., "1.5K" instead of "1500").

Also applies to: 21-21, 37-37

app-modules/user/src/Models/User.php (2)

128-134: LGTM! Panel access logic is correct.

The explicit return of the match expression properly handles panel access control. The logic correctly restricts admin panel access to admins in production while allowing access in non-production environments for development/testing.

---

136-140: LGTM! Simplified avatar URL generation.

The unconditional GitHub avatar URL generation is appropriate for this GitHub-centric application. Since username is a required field, this simplification removes unnecessary conditional logic while maintaining functionality.