refactor(frontier): move SearchOrganizationInvoices to FrontierService

[paanSinghCoder]

Summary

• Move `SearchOrganizationInvoices` RPC from `AdminService` to `FrontierService` so org admins can list their own org's invoices without requiring platform super-user access.
• Remove the redundant `SearchOrganisationInvoices` RPC (British spelling) added in feat(frontier): add SearchOrgInvoices RPC #471 that was never implemented on the frontier server.
• Request/response shape is preserved from the admin version: nested `OrganizationInvoice` projection + `RQLQueryPaginationResponse` + `RQLQueryGroupResponse`.

Follow-up

A corresponding frontier PR will:

• Bump `PROTON_COMMIT` and regenerate Go protos (handler on `*ConnectHandler` continues to satisfy the right interface after regen — no code move required beyond server registration).
• Swap the `authorization.go` entry for this RPC from `IsSuperUser` to `IsAuthorized(org, UpdatePermission)` (matches the gate on `ListInvoices`).
• Switch the admin dashboard frontend from `AdminServiceQueries.searchOrganizationInvoices` to `FrontierServiceQueries.searchOrganizationInvoices`.

Test plan

• `buf build` / `buf lint` pass
• Consumers of the generated code (frontier Go, @raystack/proton JS) regenerate cleanly

🤖 Generated with Claude Code

[github-actions]

The latest Buf updates on your PR. Results from workflow Validate / validate (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	⏩ skipped	✅ passed	✅ passed	Apr 17, 2026, 11:04 AM

[coderabbitai]

📝 Walkthrough

Walkthrough

The changes consolidate invoice search functionality by removing the SearchOrganizationInvoices RPC from the AdminService and updating the FrontierService endpoint with the same name. The request message field is renamed from org_id to id, and the response schema is restructured to include a new nested OrganizationInvoice message containing invoice details (id, amount, currency, state, invoice_link, created_at, org_id) along with pagination and grouping metadata. The operation names are also standardized to use "Organization" instead of "Organisation" spelling.

Suggested reviewers

• AmanGIT07

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the main change: moving SearchOrganizationInvoices from AdminService to FrontierService, which is the primary refactoring objective.
Description check	✅ Passed	The description comprehensively explains the changes, including moving the RPC between services, removing the redundant British-spelling variant, preserving response shapes, and detailing follow-up actions and test plans.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

raystack/frontier/v1beta1/frontier.proto (2)

917-931: OrganizationInvoice duplicates SearchInvoicesResponse.Invoice in admin.proto.

The nested OrganizationInvoice (lines 918-926) is field-for-field identical to SearchInvoicesResponse.Invoice in raystack/frontier/v1beta1/admin.proto (lines ~1556-1565). Since both are nested inside their respective response messages, they generate independent types in downstream code, leading to duplicated models and conversion boilerplate in consumers (frontier Go, @raystack/proton JS, dashboard).

Consider promoting a shared top-level OrganizationInvoice message (in frontier.proto or models.proto) and referencing it from both response messages. This is a non-breaking change for new responses but does reshape the admin response — so it can be deferred until the admin endpoint itself is revisited.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@raystack/frontier/v1beta1/frontier.proto` around lines 917 - 931, The nested
message OrganizationInvoice inside SearchOrganizationInvoicesResponse duplicates
SearchInvoicesResponse.Invoice from admin.proto; extract OrganizationInvoice to
a single shared top-level message (e.g., create a top-level message
OrganizationInvoice in frontier.proto or models.proto) and update
SearchOrganizationInvoicesResponse.OrganizationInvoice and the admin
SearchInvoicesResponse.Invoice to reference that shared top-level
OrganizationInvoice instead of declaring a nested type, removing the duplicate
nested definition and adjusting any imports/package references accordingly.

---

912-915: Consider renaming id to org_id and tightening validation.

The field id on line 913 semantically represents an organization ID (per PR description and the response's org_id projection), but the name id is ambiguous in a SearchOrganizationInvoices context where an "invoice id" could also be inferred. The adjacent ListInvoicesRequest (line 899) uses org_id with min_len = 3, and SearchCurrentUserPATsRequest (line 2559) uses string.uuid = true for its org id. Consider either:

1. Renaming to org_id for consistency with ListInvoicesRequest and to disambiguate intent, or
2. Adding a field comment clarifying that id is the organization identifier.

Additionally, since organization IDs are UUIDs elsewhere in this file (e.g., SetOrganizationMemberRoleRequest.org_id, CreateAuditRecordRequest.org_id), consider (buf.validate.field).string.uuid = true instead of min_len = 3 for stricter input validation.

📝 Proposed change

 message SearchOrganizationInvoicesRequest {
-  string id = 1 [(buf.validate.field).string.min_len = 3];
+  // ID of the organization whose invoices are being searched
+  string id = 1 [(buf.validate.field).string.min_len = 3];
   RQLRequest query = 2;
 }

Or, if the field rename is acceptable (note: this would need to align with the handler/frontend wiring mentioned in the PR description):

 message SearchOrganizationInvoicesRequest {
-  string id = 1 [(buf.validate.field).string.min_len = 3];
+  string org_id = 1 [(buf.validate.field).string.min_len = 3];
   RQLRequest query = 2;
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@raystack/frontier/v1beta1/frontier.proto` around lines 912 - 915, Rename the
ambiguous field id in the proto message SearchOrganizationInvoicesRequest to
org_id and tighten its validation to use (buf.validate.field).string.uuid = true
to match other org_id fields (e.g., ListInvoicesRequest,
SetOrganizationMemberRoleRequest, CreateAuditRecordRequest) and align with
SearchCurrentUserPATsRequest usage; update any handler/frontend wiring and all
references/imports/generated code that consume SearchOrganizationInvoicesRequest
to use the new org_id name and UUID validation.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@raystack/frontier/v1beta1/frontier.proto`:
- Around line 917-931: The nested message OrganizationInvoice inside
SearchOrganizationInvoicesResponse duplicates SearchInvoicesResponse.Invoice
from admin.proto; extract OrganizationInvoice to a single shared top-level
message (e.g., create a top-level message OrganizationInvoice in frontier.proto
or models.proto) and update
SearchOrganizationInvoicesResponse.OrganizationInvoice and the admin
SearchInvoicesResponse.Invoice to reference that shared top-level
OrganizationInvoice instead of declaring a nested type, removing the duplicate
nested definition and adjusting any imports/package references accordingly.
- Around line 912-915: Rename the ambiguous field id in the proto message
SearchOrganizationInvoicesRequest to org_id and tighten its validation to use
(buf.validate.field).string.uuid = true to match other org_id fields (e.g.,
ListInvoicesRequest, SetOrganizationMemberRoleRequest, CreateAuditRecordRequest)
and align with SearchCurrentUserPATsRequest usage; update any handler/frontend
wiring and all references/imports/generated code that consume
SearchOrganizationInvoicesRequest to use the new org_id name and UUID
validation.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 13fc14cb-36a7-4f11-a191-a4a295ee7738

📥 Commits

Reviewing files that changed from the base of the PR and between e8e42d9 and 7942a4c.

📒 Files selected for processing (2)

• raystack/frontier/v1beta1/admin.proto
• raystack/frontier/v1beta1/frontier.proto

💤 Files with no reviewable changes (1)

• raystack/frontier/v1beta1/admin.proto