feat(api): Added validation for reason field

[JosephFak]

User description

Description

Introduced a validation pipe for the reason field
Introduced two tests alongside this

Implemented the validation across 6 files

Fixes #161

Dependencies

N/A

Future Improvements

I dont think much can change about this, its a relatively simple process.

Screenshots of relevant screens

Photo of code passing test

Developer's checklist

• [X ] My PR follows the style guidelines of this project
• [X ] I have performed a self-check on my work

If changes are made in the code:

• I have followed the coding guidelines
• [X ] My changes in code generate no new warnings
• My changes are breaking another fix/feature of the project
• [ X] I have added test cases to show that my feature works
• [X ] I have added relevant screenshots in my PR
• There are no UI/UX issues

Documentation Update

• This PR requires an update to the documentation at docs.keyshade.xyz
• [X ] I have made the necessary updates to the documentation, or no documentation changes are required.

---

Type

enhancement, bug_fix

---

Description

• Implemented AlphanumericReasonValidationPipe to ensure that the reason query parameter across various controllers only contains alphanumeric characters and spaces.
• Added this validation to controllers for approval, environment, project, secret, variable, and workspace management.
• Created unit tests for the new validation pipe to ensure it correctly allows valid inputs and rejects invalid ones.

---

Changes walkthrough

	Relevant files
Enhancement	approval.controller.ts Integrate Alphanumeric Validation in Approval Controller  apps/api/src/approval/controller/approval.controller.ts Added AlphanumericReasonValidationPipe to the reason query parameter in updateApproval method. +2/-1      alphanumeric-reason-pipe.ts Implement Alphanumeric Reason Validation Pipe                        apps/api/src/common/alphanumeric-reason-pipe.ts Implemented AlphanumericReasonValidationPipe which validates alphanumeric strings. Throws BadRequestException if validation fails. +11/-0    environment.controller.ts Apply Alphanumeric Validation in Environment Controller    apps/api/src/environment/controller/environment.controller.ts Applied AlphanumericReasonValidationPipe to reason query parameter in environment-related methods. +3/-2      project.controller.ts Integrate Alphanumeric Validation in Project Controller    apps/api/src/project/controller/project.controller.ts Integrated AlphanumericReasonValidationPipe in project management methods. +4/-3      secret.controller.ts Apply Alphanumeric Validation in Secret Controller              apps/api/src/secret/controller/secret.controller.ts Added AlphanumericReasonValidationPipe to all secret management methods. +6/-5      variable.controller.ts Enforce Alphanumeric Validation in Variable Controller      apps/api/src/variable/controller/variable.controller.ts Enforced alphanumeric validation on reason query parameter across variable management methods. +7/-7      workspace.controller.ts Integrate Alphanumeric Validation in Workspace Controller apps/api/src/workspace/controller/workspace.controller.ts Integrated AlphanumericReasonValidationPipe to workspace update method. +3/-2
Tests	alphanumeric-reason-pipe.spec.ts Add Tests for Alphanumeric Reason Validation Pipe                apps/api/src/common/alphanumeric-reason-pipe.spec.ts Created tests for AlphanumericReasonValidationPipe. Tests include validation for both valid and invalid inputs. +25/-0

---

✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[codiumai-pr-agent-free]

PR Description updated to latest commit (5a99355)

[codiumai-pr-agent-free]

PR Review

⏱️ Estimated effort to review [1-5]	2, because the changes are straightforward and involve adding a validation pipe across multiple controllers. The code is well-organized, and the addition of unit tests helps in understanding the impact and functionality of the changes.
🧪 Relevant tests	Yes
🔍 Possible issues	Possible Bug: The regex used in AlphanumericReasonValidationPipe allows spaces, which might not be intended as it could allow strings of only spaces. Consider adjusting the regex or adding a check to ensure the string is not just empty spaces.
🔒 Security concerns	No

---

✨ Review tool usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be added by configuring the tool.

The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.

• When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

• With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

See the review usage page for a comprehensive guide on using this tool.

[codiumai-pr-agent-free]

PR Code Suggestions

Category	Suggestions
Enhancement	Add string trimming before validation to handle leading and trailing spaces. Consider adding a trim operation before validating the string to ensure that leading and trailing spaces do not cause a valid input to be rejected. apps/api/src/common/alphanumeric-reason-pipe.ts [6] -if (typeof value === 'string' && /^[a-zA-Z0-9\s]*$/.test(value)) { - return value; +if (typeof value === 'string' && /^[a-zA-Z0-9\s]*$/.test(value.trim())) { + return value.trim(); }
	Adjust the regex to disallow leading and trailing spaces while allowing spaces between words. Modify the regular expression to allow for spaces between alphanumeric characters but not at the beginning or end of the string. apps/api/src/common/alphanumeric-reason-pipe.ts [6] -if (typeof value === 'string' && /^[a-zA-Z0-9\s]*$/.test(value)) { +if (typeof value === 'string' && /^[a-zA-Z0-9]+(?:\s[a-zA-Z0-9]+)*$/.test(value)) { return value; }
	Improve error messages for better debugging and user feedback. Include more detailed error information in the BadRequestException to aid debugging and user feedback. apps/api/src/common/alphanumeric-reason-pipe.ts [9] -throw new BadRequestException('Reason must only contain alphanumeric characters and spaces.'); +throw new BadRequestException(`Invalid reason: '${value}'. Reason must only contain alphanumeric characters and spaces.`);
Best practice	Enforce type safety by specifying the parameter type. Add a specific type for the value parameter in the transform method to enforce that it must be a string, improving type safety. apps/api/src/common/alphanumeric-reason-pipe.ts [5] -transform(value: any): string { +transform(value: string): string {
	Simplify the string type check for clarity and conciseness. Consider using a more concise and modern approach to check if the value is a string using typeof value === 'string'. apps/api/src/common/alphanumeric-reason-pipe.ts [6] -if (typeof value === 'string' && /^[a-zA-Z0-9\s]*$/.test(value)) { +if (/^[a-zA-Z0-9\s]*$/.test(value)) { return value; }

---

✨ Improve tool usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.

• When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

• With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

See the improve usage page for a comprehensive guide on using this tool.

[rajdip-b]

The E2E tests are failing. Can you confirm if they run on your device?

[JosephFak]

I have made all the changes above, however I am not sure why the e2e is not running

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[rajdip-b]

All good bro!

[rajdip-b]

🎉 This PR is included in version 1.3.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀