Backend frontend update s3 widget params

[Artuomka]

Summary by CodeRabbit

Release Notes

• Refactor

  • Updated S3 widget credential configuration across the application. Credential parameters now accept direct access_key_id and access_key values instead of secret-name references, simplifying widget setup.

• Tests

  • Updated test suites, including end-to-end tests, validation tests, and unit test fixtures to align with the new S3 credential parameter configuration.

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR refactors S3 widget credential handling from secret-name references to direct credential values. The interface change propagates from backend data structures through credential-resolution use cases, validation logic, and backend tests to frontend components and their test fixtures.

Changes

S3 Widget Credential Parameter Refactor

Layer / File(s)	Summary
BucketWidgetParams interface update backend/src/entities/s3-widget/application/data-structures/s3-widget-params.ds.ts, frontend/src/app/components/ui-components/record-edit-fields/s3/s3.component.ts, frontend/src/app/components/ui-components/record-view-fields/s3/s3.component.ts, frontend/src/app/components/ui-components/table-display-fields/s3/s3.component.ts	Core interface contract changes: credential fields shift from secret-name references (access_key_id_secret_name, secret_access_key_secret_name) to direct values (access_key_id, access_key).
Backend credential secret resolution backend/src/entities/s3-widget/use-cases/get-s3-file-url.use.case.ts, backend/src/entities/s3-widget/use-cases/get-s3-upload-url.use.case.ts	Use cases now lookup secrets using the new access_key_id and access_key fields directly, changing which secret slugs are queried and decrypted for S3 client creation.
Backend S3 widget validation backend/src/entities/widget/utils/validate-create-widgets-ds.ts	Validation logic updated to require access_key_id and access_key instead of secret-name fields; import reordering for enum consolidation.
Backend E2E tests backend/test/ava-tests/non-saas-tests/non-saas-s3-widget-e2e.test.ts	Test environment setup and widget creation tests updated to use new credential fields; new negative test case verifies rejection when access_key_id is missing.
Frontend component and test fixtures frontend/src/app/components/dashboard/db-table-view/db-table-widgets/db-table-widgets.component.ts, frontend/src/app/components/ui-components/record-edit-fields/s3/s3.component.spec.ts, frontend/src/app/components/ui-components/record-view-fields/s3/s3.component.spec.ts, frontend/src/app/components/ui-components/table-display-fields/s3/s3.component.spec.ts	Dashboard widget default params documentation updated with new credential field placeholders; all S3 component test fixtures and assertions updated to use new field structure.
Import cleanup frontend/src/main.ts	Minor reordering of ngx-markdown named imports.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

This is a straightforward interface contract change applied consistently across backend and frontend. All alterations follow the same pattern: replacing two secret-name-based fields with two direct credential fields. The change is homogeneous (repetitive application of the same refactor across multiple files) with clear semantic intent and no behavioral complexity beyond credential field name substitution. Validation, tests, and documentation are updated in parallel.

Possibly related PRs

• rocket-admin/rocketadmin#1760: Updates BucketWidgetParams contract and S3 credential handling in use cases to switch from secret-name-based references to direct credential values.

Suggested reviewers

• lyubov-voloshko
• gugu

---

🐰 Whiskers twitch with glee—credentials now flow direct and free!
No more secret names to chase through the trees,
Just access_key_id and access_key, if you please. ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: updating S3 widget parameters from secret-name references to direct credential fields across backend and frontend.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch backend_frontend_update_s3_widget_params

Warning

Tools execution failed with the following error:

Failed to run tools: 14 UNAVAILABLE: read ECONNRESET

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

backend/test/ava-tests/non-saas-tests/non-saas-s3-widget-e2e.test.ts (1)

721-749: ⚡ Quick win

Add a regression test for legacy widget param keys.

Current coverage checks the new keys only. Please add one case with access_key_id_secret_name / secret_access_key_secret_name to lock expected migration behavior and prevent silent breakage.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/test/ava-tests/non-saas-tests/non-saas-s3-widget-e2e.test.ts` around
lines 721 - 749, Add a regression test that verifies legacy S3 widget param keys
are accepted: create a new test (e.g., test.serial(`${currentTest} - widget
creation accepts legacy S3 params`)) in the same file using
createConnectionAndTableWithS3Field(), build widget_params JSON with
access_key_id_secret_name and secret_access_key_secret_name (instead of the
newer keys), POST to /widget/${connectionId}?tableName=${testTableName} like the
existing tests, and assert the widget creation is accepted (expect the same
success status used by other creation tests, e.g., 201) to ensure migration
behavior remains supported.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@backend/src/entities/s3-widget/use-cases/get-s3-file-url.use.case.ts`:
- Around line 83-90: The code currently always treats params.access_key_id and
params.access_key as secret slugs when calling
userSecretRepository.findSecretBySlugAndCompanyId; instead, detect legacy/direct
credentials first and only call findSecretBySlugAndCompanyId when the value is a
slug/secret reference. Update the logic around accessKeySecret and
secretKeySecret to: 1) check params.access_key_id and params.access_key for
legacy/direct patterns (e.g., AWS key format or non-slug indicator) and use them
directly as credentials if they match, otherwise 2) call
findSecretBySlugAndCompanyId(params.access_key_id, user.company.id) and
findSecretBySlugAndCompanyId(params.access_key, user.company.id) to resolve
secrets; ensure the resulting credential source (direct vs secret) is clearly
documented in the surrounding get-s3-file-url.use.case.ts flow and used
consistently downstream.

---

Nitpick comments:
In `@backend/test/ava-tests/non-saas-tests/non-saas-s3-widget-e2e.test.ts`:
- Around line 721-749: Add a regression test that verifies legacy S3 widget
param keys are accepted: create a new test (e.g., test.serial(`${currentTest} -
widget creation accepts legacy S3 params`)) in the same file using
createConnectionAndTableWithS3Field(), build widget_params JSON with
access_key_id_secret_name and secret_access_key_secret_name (instead of the
newer keys), POST to /widget/${connectionId}?tableName=${testTableName} like the
existing tests, and assert the widget creation is accepted (expect the same
success status used by other creation tests, e.g., 201) to ensure migration
behavior remains supported.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d73460bf-7619-4daf-b6fc-df87d5439ffd

📥 Commits

Reviewing files that changed from the base of the PR and between 7b279d7 and 679a628.

📒 Files selected for processing (13)

• backend/src/entities/s3-widget/application/data-structures/s3-widget-params.ds.ts
• backend/src/entities/s3-widget/use-cases/get-s3-file-url.use.case.ts
• backend/src/entities/s3-widget/use-cases/get-s3-upload-url.use.case.ts
• backend/src/entities/widget/utils/validate-create-widgets-ds.ts
• backend/test/ava-tests/non-saas-tests/non-saas-s3-widget-e2e.test.ts
• frontend/src/app/components/dashboard/db-table-view/db-table-widgets/db-table-widgets.component.ts
• frontend/src/app/components/ui-components/record-edit-fields/s3/s3.component.spec.ts
• frontend/src/app/components/ui-components/record-edit-fields/s3/s3.component.ts
• frontend/src/app/components/ui-components/record-view-fields/s3/s3.component.spec.ts
• frontend/src/app/components/ui-components/record-view-fields/s3/s3.component.ts
• frontend/src/app/components/ui-components/table-display-fields/s3/s3.component.spec.ts
• frontend/src/app/components/ui-components/table-display-fields/s3/s3.component.ts
• frontend/src/main.ts

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Handle legacy keys (and clarify credential source) before secret lookup.

On Line 84 and Line 89, the code now assumes new keys only, but still treats values as secret slugs. This can break existing stored widgets using legacy keys and conflicts with the “direct credentials” contract.

Proposed compatibility patch

-		const accessKeySecret = await this._dbContext.userSecretRepository.findSecretBySlugAndCompanyId(
-			params.access_key_id,
+		const rawParams = params as Record<string, string | undefined>;
+		const accessKeySlug = rawParams.access_key_id ?? rawParams.access_key_id_secret_name;
+		const secretKeySlug = rawParams.access_key ?? rawParams.secret_access_key_secret_name;
+
+		if (!accessKeySlug || !secretKeySlug) {
+			throw new HttpException({ message: 'Bucket credentials params are missing' }, HttpStatus.BAD_REQUEST);
+		}
+
+		const accessKeySecret = await this._dbContext.userSecretRepository.findSecretBySlugAndCompanyId(
+			accessKeySlug,
 			user.company.id,
 		);
 
 		const secretKeySecret = await this._dbContext.userSecretRepository.findSecretBySlugAndCompanyId(
-			params.access_key,
+			secretKeySlug,
 			user.company.id,
 		);

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/src/entities/s3-widget/use-cases/get-s3-file-url.use.case.ts` around
lines 83 - 90, The code currently always treats params.access_key_id and
params.access_key as secret slugs when calling
userSecretRepository.findSecretBySlugAndCompanyId; instead, detect legacy/direct
credentials first and only call findSecretBySlugAndCompanyId when the value is a
slug/secret reference. Update the logic around accessKeySecret and
secretKeySecret to: 1) check params.access_key_id and params.access_key for
legacy/direct patterns (e.g., AWS key format or non-slug indicator) and use them
directly as credentials if they match, otherwise 2) call
findSecretBySlugAndCompanyId(params.access_key_id, user.company.id) and
findSecretBySlugAndCompanyId(params.access_key, user.company.id) to resolve
secrets; ensure the resulting credential source (direct vs secret) is clearly
documented in the surrounding get-s3-file-url.use.case.ts flow and used
consistently downstream.

[Copilot]

Pull request overview

This PR renames S3 widget credential parameter fields across backend validation/use cases, frontend widget typing/examples, and related tests.

Changes:

• Renamed S3 widget params from access_key_id_secret_name / secret_access_key_secret_name to access_key_id / access_key.
• Updated backend S3 URL generation and widget validation to use the new names.
• Updated frontend examples and tests to match the new parameter names.

Reviewed changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
frontend/src/main.ts	Reorders ngx-markdown named imports.
frontend/src/app/components/ui-components/table-display-fields/s3/s3.component.ts	Updates S3 widget params interface.
frontend/src/app/components/ui-components/table-display-fields/s3/s3.component.spec.ts	Updates S3 display test params/import order.
frontend/src/app/components/ui-components/record-view-fields/s3/s3.component.ts	Updates S3 widget params interface.
frontend/src/app/components/ui-components/record-view-fields/s3/s3.component.spec.ts	Updates record-view S3 test params/import order.
frontend/src/app/components/ui-components/record-edit-fields/s3/s3.component.ts	Updates S3 widget params interface.
frontend/src/app/components/ui-components/record-edit-fields/s3/s3.component.spec.ts	Updates record-edit S3 test params.
frontend/src/app/components/dashboard/db-table-view/db-table-widgets/db-table-widgets.component.ts	Updates S3 widget configuration comments/example.
backend/test/ava-tests/non-saas-tests/non-saas-s3-widget-e2e.test.ts	Updates S3 widget e2e test params.
backend/src/entities/widget/utils/validate-create-widgets-ds.ts	Validates new S3 credential parameter names.
backend/src/entities/s3-widget/use-cases/get-s3-upload-url.use.case.ts	Uses new params for upload credential lookup.
backend/src/entities/s3-widget/use-cases/get-s3-file-url.use.case.ts	Uses new params for file URL credential lookup.
backend/src/entities/s3-widget/application/data-structures/s3-widget-params.ds.ts	Updates backend S3 params interface.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.