feat(tenant): add readInternal method for internal service calls

[nevil-mathew]

Summary by CodeRabbit

• New Features

  • Added an internal endpoint to read tenant details with elevated access. Returns an error if the tenant code is missing.

• Chores

  • Updated internal routing configuration to point tenant read requests to the new internal path. No changes to the public API or user-facing behavior.

[coderabbitai]

Walkthrough

Internal access URL for tenant read was updated to point to a new internal route, and a new controller method readInternal(req) was added to return tenant details using tenantService.read with admin context.

Changes

Cohort / File(s)	Summary
Internal access routing src/constants/common.js	Updated internalAccessUrls entry from '/user/v1/tenant/read/' to '/user/v1/tenant/readInternal/'.
Tenant controller (internal read) src/controllers/v1/tenant.js	Added async method readInternal(req): validates req.params.id, calls tenantService.read(tenantCode, true), returns result or error.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant S as Internal Service
  participant R as Router
  participant C as TenantController
  participant TS as tenantService
  participant DB as Data Store

  S->>R: GET /user/v1/tenant/readInternal/:id
  R->>C: readInternal(req)
  alt Missing tenant code
    C-->>S: 400 TENANT_CODE_REQUIRED
  else Valid tenant code
    C->>TS: read(tenantCode, true)
    TS->>DB: Query tenant (admin context)
    DB-->>TS: Tenant data
    TS-->>C: Result
    C-->>S: 200 Tenant data
  end

  note over C,TS: New internal flow using isAdmin=true

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

I hop through routes where secrets dwell,
A hidden lane where tenants tell;
readInternal whispers, swift and clean,
A trusted path, behind the screen.
With gentle paws I fetch the key—
The admin truth, returned to thee. 🐇✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "feat(tenant): add readInternal method for internal service calls" accurately and succinctly describes the primary change in the changeset — the addition of a Tenant.readInternal controller method intended for internal service reads — and it follows conventional commit style and is directly related to the edits in src/controllers/v1/tenant.js and the related constant update.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

✅ Unit Test PR creation complete.

• Create PR with unit tests
• Commit unit tests in branch internal-tenant-read
• Post copyable unit tests in a comment

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

src/controllers/v1/tenant.js (1)

169-178: Minor: tighten param extraction and document HTTP method.

Use optional chaining + trim to avoid accidental whitespace issues and align with file style. Also annotate the method as GET in JSDoc.

Apply:

-	/**
-	 * Read tenant details for internal service calls
-	 * @method
+	/**
+	 * Read tenant details for internal service calls
+	 * @method GET
 	 * @name readInternal
 	 * @param {Object} req - request data
 	 * @param {String} req.params.id - tenant code to fetch details for
 	 * @returns {JSON} - tenant details without any filtering for internal service use
 	 */
@@
-	async readInternal(req) {
+	async readInternal(req) {
 		try {
-			const tenantCode = req.params.id
-			if (!tenantCode) {
+			const tenantCode = req?.params?.id?.trim()
+			if (!tenantCode) {
 				return responses.failureResponse({
 					statusCode: httpStatusCode.bad_request,
 					message: 'TENANT_CODE_REQUIRED',
 					result: {},
 				})

src/constants/common.js (1)

33-35: Ensure internalAccessUrls matching accounts for trailing slashes.

authenticator uses req.path.includes(path) (src/middlewares/authenticator.js:64–66); because the constant entry ends with '/', requests without the trailing slash (e.g. /user/v1/tenant/readInternal) will not match. Remove the trailing slash from the constant, normalize/truncate trailing slashes on both req.path and the list, or switch to prefix matching (req.path.startsWith(path)).

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 32bae02 and 331554b.

📒 Files selected for processing (2)

• src/constants/common.js (1 hunks)
• src/controllers/v1/tenant.js (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

src/controllers/**

⚙️ CodeRabbit configuration file

These are API controllers. Focus on request/response handling, security (auth middleware usage), and proper status codes.

Files:

• src/controllers/v1/tenant.js

🧬 Code graph analysis (1)

src/controllers/v1/tenant.js (2)

src/services/tenant.js (2)

• responses (31-31)
• httpStatusCode (9-9)

src/helpers/responses.js (1)

• error (28-28)

[coderabbitai]

Note

Unit test generation is an Early Access feature. Expect some limitations and changes as we gather feedback and continue to improve it.

---

Generating unit tests... This may take up to 20 minutes.

[coderabbitai]

✅ UTG Post-Process Complete

No new issues were detected in the generated code and all check runs have completed. The unit test generation process has completed successfully.

[coderabbitai]

Creating a PR to put the unit tests in...

The changes have been created in this pull request: View PR