Nextjs Task System solution for microboxlabs

[Klaulara]

The solution was implemented with all requested use cases and functionalities.

Features
Task Creation and Assignment (Admin Only)

Admin users can create tasks with the following fields:
Title: The name of the task.
Description: Details of the task.
Assigned To: Either a specific user or a group of users.
Due Date: The date by which the task must be completed.
Priority: Low, Medium, High.
Tasks can be assigned to an individual user or a group (e.g., "Frontend Team").
Viewing Tasks

Admin users can view all tasks, filter by user, group, or status (e.g., completed, pending).
Regular users can only view tasks assigned to them or their group.
Managing Tasks (Regular Users)

Users can mark their assigned tasks as complete.
Users can add comments to a task for better communication (e.g., "Started working on this").
Task Status Tracking

Tasks can have statuses such as:
Pending: Task is newly created.
In Progress: Task is being worked on.
Completed: Task has been finished by the assignee.
Filtering and Sorting Tasks

Users can filter tasks by status, priority, or assigned user/group.
Admin users can also sort tasks by due date, priority, or creation date.
Responsive User Interface

Use Tailwind CSS and Flowbite components to create a simple and responsive UI.
The application should have:
A navbar to navigate between different sections.
A dashboard page for viewing and filtering tasks.
A task creation page for Admin users.
Basic Authorization

Admin users should be able to access the task creation and management pages, while regular users should only have access to the task list assigned to them.
Database

Use a lightweight database (e.g., SQLite) to store tasks.
Each task should be stored as a record in the database, with fields for title, description, assigned to, due date, priority, status, and comments.

Summary by CodeRabbit

Release Notes

• New Features

  • Introduced a new environment configuration template for database and authentication settings.
  • Added new components for task and team management, including dashboards and forms.
  • Implemented API routes for user authentication, task management, and comments.
  • Enhanced the README with installation and environment variable instructions.

• Bug Fixes

  • Improved error handling in various components and API routes.

• Documentation

  • Updated README to reflect changes in setup and usage.

• Chores

  • Added Jest configuration for testing and improved TypeScript settings.

[coderabbitai]

Walkthrough

The changes in this pull request introduce a comprehensive update to the Next.js task management system. Key modifications include the addition of new components for user and task management, the implementation of API routes for handling tasks, users, comments, and groups, and the introduction of a Prisma database schema. Environment configuration files and a detailed README have also been added or updated to guide developers. Furthermore, testing configurations and utility functions for mocking requests have been established to support testing frameworks.

Changes

File Path	Change Summary
.env.example	Added placeholders for DATABASE_URL, ADMIN_EMAIL, ADMIN_PASSWORD, and JWT_SECRET_KEY.
.gitignore	Added entry for .env to ignore environment variable files.
README.md	Restructured with new sections for installation, environment variables, PostgreSQL setup, and usage instructions.
app/(dashboard)/dashboard/[groupId]/page.tsx	Introduced GroupDashboardPage component to display dashboard for a specific group.
app/(dashboard)/dashboard/page.tsx	Added Dashboard component for the main dashboard interface.
app/(dashboard)/layout.tsx	Created DashboardLayout component for consistent layout with sidebar navigation.
app/(dashboard)/task/page.tsx	Added Task component for managing user tasks, including authentication checks.
app/(dashboard)/teams/create/page.tsx	Introduced CreateTeamPage component for team creation.
app/(dashboard)/teams/page.tsx	Added Teams component to display teams.
app/api/v1/comments/route.ts	Created API route for handling comments with GET and POST methods.
app/api/v1/groupmember/[groupId]/route.ts	Introduced API route to handle GET requests for group members by groupId.
app/api/v1/groups/[group]/route.ts	Added API route for fetching group details by group ID.
app/api/v1/groups/route.ts	Created API route for managing groups with GET and POST methods.
app/api/v1/login/route.ts	Implemented login API endpoint with authentication logic.
app/api/v1/logout/route.ts	Created logout API route to handle user logout.
app/api/v1/me/route.ts	Added API endpoint to return authenticated user details.
app/api/v1/tasks/[taskId]/route.ts	Introduced API route for managing tasks with GET, PUT, and DELETE methods.
app/api/v1/tasks/route.ts	Created API route for managing tasks with GET and POST methods.
app/api/v1/usergroup/[userId]/route.ts	Added API route for fetching user groups by userId.
app/api/v1/users/[userId]/route.ts	Introduced API route for managing user data with GET, PUT, and DELETE methods.
app/api/v1/users/route.ts	Created API route for managing user data with GET and POST methods.
app/components/AddComments.tsx	Added component for adding comments to tasks.
app/components/CreateTaskForm.tsx	Introduced component for creating tasks with form handling.
app/components/CreateTeam.tsx	Added component for creating teams.
app/components/Dashboard.tsx	Introduced DashBoard component for task management interface.
app/components/GroupDashboard.tsx	Created component for managing tasks within a specific group.
app/components/LoginForm.tsx	Added login form component for user authentication.
app/components/SideNavBar.tsx	Introduced sidebar navigation component with user role management.
app/components/TaskModal.tsx	Added modal component for displaying and managing task details.
app/components/TeamsPage.tsx	Created component for displaying user and group data.
app/lib/authMiddleware.ts	Introduced authentication middleware for handling JWT verification.
app/lib/cookies.ts	Added functions for managing authentication cookies.
app/page.tsx	Updated to render the LoginForm component.
app/types.d.ts	Introduced new TypeScript type definitions for Priority, TaskStatus, Task, User, and Comment.
app/utils/mockRequest.ts	Added utility function for mocking Next.js requests in tests.
jest.config.ts	Introduced Jest configuration for testing with TypeScript support.
middleware.ts	Added middleware for authentication on protected routes.
package.json	Updated scripts and dependencies for Prisma, testing, and other libraries.
prisma/migrations/...	Added initial migration script to set up database schema and relationships.
prisma/schema.prisma	Introduced Prisma schema defining models and relationships for the task management system.
prisma/seed.ts	Created seed script for populating the database with initial data.
tests/api/tasks/route.test.ts	Added test suite for the POST API endpoint for tasks.
tsconfig.json	Updated TypeScript configuration for improved type checking and module resolution.

Poem

In the garden of code where rabbits play,
New features bloom bright, come what may.
With tasks and teams, we hop and cheer,
A dashboard of dreams, our vision is clear.
So let’s build and grow, with every new line,
In this world of code, everything will shine! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Experiment)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 79

🧹 Outside diff range and nitpick comments (38)

nextjs-task-system/README.md (2)

3-3: Improve title formatting and consistency

Consider updating the title to follow conventional documentation style:

-## NEXTJS PRISMA TASK MANAGEMENT SYSTEM
+## Next.js Prisma Task Management System

🧰 Tools

🪛 LanguageTool

[uncategorized] ~3-~3: The official spelling of this programming framework is “NEXT.js”.
Context: ...e/canary/packages/create-next-app). ## NEXTJS PRISMA TASK MANAGEMENT SYSTEM ## Insta...

(NODE_JS)

---

15-34: Improve database setup instructions and fix grammar

The database setup section needs better structure and explanation of each step.

 ## Database PostgreSQL

-This project is configure to use PostgreSQL, you need to configure the information in the .env.local file. 
-There is already a migration file in the project and a seeder. To get your database ready, run the following script.
+This project is configured to use PostgreSQL. Follow these steps to set up your database:
+
+1. Ensure PostgreSQL is running and configure the connection in `.env.local`
+
+2. Run database migrations to create the schema:
 ```bash
 npm run migrate

-This should also generate the client for the project. In case you encounter an issue, run the following scripts.
+3. Generate Prisma client (if not generated by migrations):

npm run generate

-And finally, I have some dummy data you can seed if you wish to do it.
+4. (Optional) Seed the database with sample data:

npx prisma db seed

+The seeding process will create:
+- Sample admin and regular users
+- Example tasks with various priorities and statuses
+- Default user groups

<details>
<summary>🧰 Tools</summary>

<details>
<summary>🪛 LanguageTool</summary>

[grammar] ~17-~17: Consider using either the past participle “configured” or the present participle “configuring” here.
Context: ...## Database PostgreSQL  This project is configure to use PostgreSQL, you need to configur...

(BEEN_PART_AGREEMENT)

</details>

</details>

</blockquote></details>
<details>
<summary>nextjs-task-system/package.json (2)</summary><blockquote>

`29-30`: **Consider consolidating JWT libraries.**

Both `jose` and `jsonwebtoken` are included for JWT handling. Consider using just one of them to reduce bundle size and maintain consistency.

---

`33-33`: **Consider alternatives to react-beautiful-dnd.**

`react-beautiful-dnd` hasn't been updated in 2 years and might have compatibility issues with React 18. Consider using more actively maintained alternatives like `@hello-pangea/dnd` (a maintained fork) or `@dnd-kit/core`.

</blockquote></details>
<details>
<summary>nextjs-task-system/prisma/seed.ts (4)</summary><blockquote>

`1-5`: **Add error handling for PrismaClient initialization**

Consider wrapping the PrismaClient initialization in a try-catch block to handle potential connection errors gracefully.

```diff
-const prisma = new PrismaClient();
+let prisma: PrismaClient;
+try {
+  prisma = new PrismaClient();
+} catch (error) {
+  console.error('Failed to initialize Prisma Client:', error);
+  process.exit(1);
+}

---

40-49: Refactor groups creation for better maintainability

Similar to the users creation, consider refactoring the groups creation to reduce duplication and improve maintainability.

+const defaultGroups = ["Team developer", "Team QA"];
+
+const groups = await Promise.all(
+  defaultGroups.map((groupName) =>
+    prisma.groups.create({
+      data: { name: groupName },
+    })
+  )
+);

---

50-65: Add type safety to group members association

Consider adding TypeScript interfaces for better type safety and code documentation.

+interface GroupMember {
+  userId: string;
+  groupId: string;
+}
+
+const groupAssignments: GroupMember[] = [
+  { userId: users[0].id, groupId: groups[0].id },
+  { userId: users[1].id, groupId: groups[0].id },
+  { userId: users[2].id, groupId: groups[1].id },
+];
+
 const usersGroups = await prisma.groupMembers.createMany({
-  data: [
-    {
-      userId: user.id,
-      groupId: group1.id,
-    },
-    // ... other assignments
-  ],
+  data: groupAssignments,
 });

---

97-105: Enhance error handling and logging

Consider improving the error handling with better error messages and cleanup procedures.

 main()
   .then(async () => {
     await prisma.$disconnect();
+    console.log('Database seeding completed successfully');
   })
   .catch(async (error) => {
-    console.error(error);
+    console.error('Failed to seed database:', error);
     await prisma.$disconnect();
+    // Attempt to clean up any partially created data
+    try {
+      // Add cleanup logic here if needed
+      console.log('Cleanup completed');
+    } catch (cleanupError) {
+      console.error('Failed to clean up:', cleanupError);
+    }
     process.exit(1);
   });

nextjs-task-system/prisma/migrations/20241212202419_initial_migration/migration.sql (3)

4-6: Consider expanding TaskStatus enum for better workflow management

The current status options (PENDING, IN_PROGRESS, COMPLETED) are good starting points, but consider adding more granular statuses to better reflect real-world task workflows:

• BLOCKED: For tasks waiting on dependencies
• REVIEW: For tasks requiring approval
• ON_HOLD: For temporarily suspended tasks

---

24-31: Enhance groups table with additional management fields

Consider adding these fields to improve group management capabilities:

• description: For group details
• max_members: To limit group size
• owner_id: To track group ownership
• is_active: To manage group state

 CREATE TABLE "groups" (
     "id" TEXT NOT NULL,
     "name" TEXT NOT NULL,
+    "description" TEXT,
+    "max_members" INTEGER,
+    "owner_id" TEXT NOT NULL,
+    "is_active" BOOLEAN NOT NULL DEFAULT true,
     "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
     "updated_at" TIMESTAMP(3) NOT NULL,
     CONSTRAINT "groups_pkey" PRIMARY KEY ("id")
 );
+ALTER TABLE "groups" ADD CONSTRAINT "groups_owner_id_fkey" 
+    FOREIGN KEY ("owner_id") REFERENCES "users"("id") 
+    ON DELETE RESTRICT ON UPDATE CASCADE;

---

58-67: Enhance comment system for better collaboration

Consider adding:

1. Parent-child relationship for threaded discussions
2. Edit history tracking
3. Comment type (e.g., general, status update, review)

 CREATE TABLE "comments" (
     "id" TEXT NOT NULL,
     "task_id" TEXT NOT NULL,
     "user_id" TEXT NOT NULL,
     "comment" TEXT NOT NULL,
+    "parent_id" TEXT,
+    "comment_type" VARCHAR(50) DEFAULT 'general',
+    "is_edited" BOOLEAN DEFAULT FALSE,
     "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
     "updated_at" TIMESTAMP(3) NOT NULL,
     CONSTRAINT "comments_pkey" PRIMARY KEY ("id")
 );
+ALTER TABLE "comments" ADD CONSTRAINT "comments_parent_id_fkey"
+    FOREIGN KEY ("parent_id") REFERENCES "comments"("id")
+    ON DELETE CASCADE ON UPDATE CASCADE;

nextjs-task-system/prisma/schema.prisma (2)

62-63: Standardize foreign key field naming to snake_case

The foreign key fields groupId and userId in the GroupMembers model use camelCase naming conventions, while other models use snake_case (e.g., group_id, user_id). For consistency across the schema, consider renaming these fields to group_id and user_id.

Apply this diff to rename the fields:

 model GroupMembers {
-  groupId    String
-  userId     String
+  group_id   String
+  user_id    String
   user       Users     @relation(fields: [userId], references: [id])
   group      Groups    @relation(fields: [groupId], references: [id])

Also, update the relation definitions accordingly:

   user       Users     @relation(fields: [userId], references: [id])
   group      Groups    @relation(fields: [groupId], references: [id])
+  user       Users     @relation(fields: [user_id], references: [id])
+  group      Groups    @relation(fields: [group_id], references: [id])

---

75-75: Rename assigned_to field to user_id for clarity

To maintain consistency with other models and clearly indicate that this field is a foreign key referencing the Users model, consider renaming assigned_to to user_id.

Apply this diff to rename the field:

 model Tasks {
-  assigned_to String
+  user_id     String

Update the relation definition accordingly:

   user        Users     @relation(fields: [assigned_to], references: [id])
+  user        Users     @relation(fields: [user_id], references: [id])

nextjs-task-system/app/(dashboard)/teams/create/page.tsx (1)

6-8: Enhance layout and responsiveness

The flex container lacks proper styling for responsive design. Consider adding padding, width constraints, and responsive classes.

-        <div className="flex">
+        <div className="flex w-full max-w-4xl mx-auto p-4 sm:p-6 lg:p-8">

nextjs-task-system/app/page.tsx (1)

6-9: Improve layout and dark mode toggle placement

The current layout could be enhanced for better user experience.

-    <main className="flex min-h-screen items-center justify-center gap-2 dark:bg-gray-800">
-      <DarkThemeToggle />
-      <LoginForm />
+    <main className="min-h-screen bg-gray-50 dark:bg-gray-900">
+      <div className="absolute top-4 right-4">
+        <DarkThemeToggle />
+      </div>
+      <div className="flex min-h-screen items-center justify-center p-4">
+        <div className="w-full max-w-md">
+          <LoginForm />
+        </div>
+      </div>

nextjs-task-system/app/(dashboard)/dashboard/[groupId]/page.tsx (1)

4-11: Add error handling and loading states

While the component structure is clean, consider adding:

1. Error boundary to handle potential failures in GroupDashboard
2. Loading state while group data is being fetched
3. Type validation for groupId parameter

 const GroupDashboardPage = ({ params }: { params: { groupId: string } }) => {
+  if (!params.groupId) {
+    return <div>Invalid group ID</div>;
+  }
+
   return (
-    <div className="flex">
+    <ErrorBoundary fallback={<div>Something went wrong</div>}>
+      <Suspense fallback={<div>Loading...</div>}>
         <GroupDashboard groupId={params.groupId} />
-    </div>
+      </Suspense>
+    </ErrorBoundary>
   )
 }

nextjs-task-system/app/api/v1/groupmember/[groupId]/route.ts (2)

8-8: Remove debug console.log statement

Remove the console.log statement as it's not suitable for production code.

-  console.log(groupId);

---

1-19: Consider implementing rate limiting

To prevent abuse, consider implementing rate limiting for these API endpoints.

You can use a package like @upstash/ratelimit with Redis:

import { Ratelimit } from '@upstash/ratelimit'
import { Redis } from '@upstash/redis'

const ratelimit = new Ratelimit({
  redis: Redis.fromEnv(),
  limiter: Ratelimit.slidingWindow(20, '1 m'),
})

// In your route handler:
const identifier = request.ip // or session.user.id
const { success } = await ratelimit.limit(identifier)

if (!success) {
  return Response.json(
    { error: 'Too many requests' },
    { status: 429 }
  )
}

nextjs-task-system/app/types.d.ts (2)

1-2: Consider using an enum instead of union types

For better type safety and maintainability, consider using TypeScript enums for Priority and TaskStatus.

export enum Priority {
  LOW = 'LOW',
  MEDIUM = 'MEDIUM',
  HIGH = 'HIGH'
}

export enum TaskStatus {
  PENDING = 'PENDING',
  IN_PROGRESS = 'IN_PROGRESS',
  COMPLETED = 'COMPLETED'
}

---

22-27: Add timestamps to Comment type

Comments should track creation and update times for better audit trails.

/**
 * Represents a comment on a task
 */
export type Comment = {
  id: string
  comment: string
  task_id: string
  user_id: string
  created_at: Date
  updated_at: Date
}

nextjs-task-system/app/lib/authMiddleware.ts (1)

2-2: Remove commented out code

The commented out jwt import is not being used and should be removed to maintain clean code.

nextjs-task-system/app/(dashboard)/task/page.tsx (1)

31-40: Simplify the role check logic

The nested if-else structure can be simplified for better readability.

 useEffect(() => {
-  if (!user) {
-    return;
-  } else {
-    if (user?.role !== "ADMIN") {
-      router.push("/dashboard");
-      return;
-    }
+  if (user && user.role !== "ADMIN") {
+    router.push("/dashboard");
   }
 }, [user]);

nextjs-task-system/tests/api/tasks/route.test.ts (1)

18-26: Validate task data structure

Add type checking for the mock data to ensure it matches the expected schema.

+interface TaskInput {
+  title: string;
+  description: string;
+  assigned_to: string;
+  status: 'pending' | 'in_progress' | 'completed';
+  group_id: number;
+  due_date: string;
+  priority: 'low' | 'medium' | 'high';
+}

-    const mockData = {
+    const mockData: TaskInput = {
       title: 'Test Task',
       description: 'Description',
       assigned_to: 'user123',
       status: 'pending',
       group_id: 1,
       due_date: '2024-12-31',
       priority: 'high',
     };

nextjs-task-system/app/components/CreateTeam.tsx (1)

1-50: Consider separating data fetching logic from UI

The component mixes UI rendering with data fetching logic. Consider implementing a more maintainable architecture.

Suggested approach:

1. Create a custom hook for team creation logic:

// hooks/useCreateTeam.ts
import { useState } from 'react'
import { useRouter } from 'next/navigation'

interface CreateTeamInput {
    name: string
}

export const useCreateTeam = () => {
    const [isLoading, setIsLoading] = useState(false)
    const [error, setError] = useState('')
    const router = useRouter()

    const createTeam = async (input: CreateTeamInput) => {
        setIsLoading(true)
        setError('')
        
        try {
            const response = await fetch('/api/v1/groups', {
                method: 'POST',
                headers: { 'Content-Type': 'application/json' },
                body: JSON.stringify({ name: input.name })
            })
            
            if (!response.ok) {
                const data = await response.json()
                throw new Error(data.message || 'Failed to create team')
            }
            
            await router.push('/teams')
        } catch (err) {
            setError(err.message)
            throw err
        } finally {
            setIsLoading(false)
        }
    }

    return { createTeam, isLoading, error }
}

2. Simplify the component to focus on UI:

import { useCreateTeam } from '@/hooks/useCreateTeam'

export const CreateTeam = () => {
    const [groupName, setGroupName] = useState('')
    const { createTeam, isLoading, error } = useCreateTeam()

    const handleSubmit = async (e: React.FormEvent<HTMLFormElement>) => {
        e.preventDefault()
        if (groupName.trim() === '') {
            setError('The team name is required')
            return
        }
        
        try {
            await createTeam({ name: groupName.trim() })
        } catch (err) {
            // Error is handled by the hook
        }
    }

    // ... rest of the component
}

nextjs-task-system/app/components/AddComments.tsx (1)

1-8: Add prop validation and error handling

Consider enhancing the component's robustness:

1. Add prop validation using PropTypes or Zod
2. Implement error boundaries to gracefully handle rendering failures

nextjs-task-system/app/components/LoginForm.tsx (1)

7-11: Improve form state management

Consider enhancing the form implementation:

1. Use a form management library (e.g., React Hook Form)
2. Add loading state
3. Implement proper validation

+import { useForm } from 'react-hook-form';
+import { z } from 'zod';
+import { zodResolver } from '@hookform/resolvers/zod';
+
+const loginSchema = z.object({
+  email: z.string().email('Invalid email address'),
+  password: z.string().min(8, 'Password must be at least 8 characters'),
+});
+
 export const LoginForm = () => {
-  const [email, setEmail] = useState("");
-  const [password, setPassword] = useState("");
   const [error, setError] = useState("");
+  const [isLoading, setIsLoading] = useState(false);
   const router = useRouter();
+  
+  const {
+    register,
+    handleSubmit,
+    formState: { errors },
+  } = useForm({
+    resolver: zodResolver(loginSchema),
+  });

nextjs-task-system/app/components/TeamsPage.tsx (1)

7-20: Enhance type definitions and add documentation

Consider improving the type definitions:

1. Add readonly modifiers for immutable properties
2. Add JSDoc documentation
3. Consider optional properties
4. Add validation rules

+/**
+ * Represents a team or department group
+ */
 interface Group {
-    id: string;
-    name: string;
+    readonly id: string;
+    readonly name: string;
+    readonly description?: string;
+    readonly createdAt: Date;
 }

+/**
+ * Represents a user in the system
+ */
 interface User {
-    id: string;
-    email: string;
-    role: string;
+    readonly id: string;
+    readonly email: string;
+    readonly role: 'ADMIN' | 'USER';
+    readonly name?: string;
+    readonly lastLogin?: Date;
 }

+/**
+ * Represents a user's association with a group
+ */
 interface UserGroup {
-    group: Group;
+    readonly group: Group;
+    readonly role?: 'MEMBER' | 'LEADER';
+    readonly joinedAt: Date;
 }

nextjs-task-system/app/components/TaskModal.tsx (2)

33-33: Remove console.log statement

Remove debugging console.log statement before production deployment.

-  console.log(dayjs(task.due_date).utcOffset(8))

---

51-56: Add aria-label to status select

Improve accessibility by adding an aria-label to the status select element.

-  <Select id="status" value={task?.status} onChange={handleStatusChange} className="w-1/2">
+  <Select 
+    id="status" 
+    value={task?.status} 
+    onChange={handleStatusChange} 
+    className="w-1/2"
+    aria-label="Task status"
+  >

nextjs-task-system/app/components/SideNavBar.tsx (1)

65-77: Add client-side role validation

While server-side validation is crucial, adding client-side validation improves UX by preventing unauthorized access attempts.

+ const isAdmin = user?.role === "ADMIN";
+ 
+ useEffect(() => {
+   if (!isAdmin && window.location.pathname.match(/\/(teams\/create|users|task)$/)) {
+     router.push('/dashboard');
+   }
+ }, [isAdmin, router]);

- {user?.role === "ADMIN" && (
+ {isAdmin && (

nextjs-task-system/app/components/GroupDashboard.tsx (2)

69-71: Remove commented code

Remove commented out useEffect block as it's no longer needed.

-    // useEffect(() => {
-    //     fetchTasks()
-    // }, [showModal])

---

58-58: Remove console.log statements

Remove debugging console.log statements before production deployment.

-        console.log(data)
-        console.log(data.tasks)

Also applies to: 65-65

nextjs-task-system/app/components/CreateTaskForm.tsx (2)

7-19: Consider moving types to a separate file for better reusability.

The types defined here might be used across different components. Consider moving them to a separate types file (e.g., types/task.ts) to promote code reuse and maintainability.

---

23-31: Consider consolidating form state management.

Multiple useState hooks could be consolidated into a single form state object to reduce complexity and potential re-renders.

Example refactor:

-  const [title, setTitle] = useState('')
-  const [description, setDescription] = useState('')
-  const [status, setStatus] = useState<TaskStatus>('PENDING')
-  const [assignedTo, setAssignedTo] = useState('')
-  const [dueDate, setDueDate] = useState('')
-  const [priority, setPriority] = useState<Priority>('MEDIUM')
+  const [formData, setFormData] = useState({
+    title: '',
+    description: '',
+    status: 'PENDING' as TaskStatus,
+    assignedTo: '',
+    dueDate: '',
+    priority: 'MEDIUM' as Priority,
+  })

nextjs-task-system/app/api/v1/login/route.ts (1)

23-24: Correct the error message to match the variable name

The error message refers to SECRET_WORD, but the variable is SECRET_KEY. This inconsistency can lead to confusion during debugging. Update the error message to reflect the correct variable name.

Apply this diff to fix the error message:

if (!SECRET_KEY) {
-  throw new Error("SECRET_WORD is not defined");
+  throw new Error("SECRET_KEY is not defined");
}

nextjs-task-system/app/components/Dashboard.tsx (3)

136-136: Typo in Label: Change 'Due Date' to 'Create Date'

The label for the createDate input is incorrectly set to "Due Date". This could confuse users.

Apply this diff to correct the label:

<Label htmlFor="createDate">
-  Due Date
+  Create Date
</Label>

---

78-79: Remove console.log statements in production

The console.log statements at lines 78 and 85 are useful for debugging but should be removed in production code to avoid cluttering the console and potentially leaking sensitive information.

Apply this diff to remove the console.log statements:

      const data = await res.json();
-     console.log(data.filter((user: any) => user.role === 'USER'));
      setUsers(data.filter((user: any) => user.role === 'USER'));

      const data = await res.json();
-     console.log(data);
      setGroups(data);

Also applies to: 85-85

---

101-104: Handle empty filter parameters to avoid unnecessary query parameters

When constructing the filter URL, if any of the filter values (userId, groupId, priority, dueDate, createDate) are empty strings, they will still be appended to the URL as empty query parameters, which might not be necessary and could lead to unintended API calls. Consider building the query string dynamically to include only the parameters that have values.

Here's how you can adjust the code:

const handleFilters = async () => {
  console.log('filters', userId, groupId, priority, dueDate, createDate);
+ const queryParams = new URLSearchParams();
+ if (userId) queryParams.append('assigned_to', userId);
+ if (groupId) queryParams.append('group_id', groupId);
+ if (priority) queryParams.append('priority', priority);
+ if (dueDate) queryParams.append('due_date', dueDate);
+ if (createDate) queryParams.append('create_date', createDate);
+ const res = await fetch(`/api/v1/tasks?${queryParams.toString()}`);
  const data = await res.json();
  setTasks(data);
};

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 111e4dd and 5644169.

⛔ Files ignored due to path filters (1)

• nextjs-task-system/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (44)

• nextjs-task-system/.env.example (1 hunks)
• nextjs-task-system/.gitignore (1 hunks)
• nextjs-task-system/README.md (1 hunks)
• nextjs-task-system/app/(dashboard)/dashboard/[groupId]/page.tsx (1 hunks)
• nextjs-task-system/app/(dashboard)/dashboard/page.tsx (1 hunks)
• nextjs-task-system/app/(dashboard)/layout.tsx (1 hunks)
• nextjs-task-system/app/(dashboard)/task/page.tsx (1 hunks)
• nextjs-task-system/app/(dashboard)/teams/create/page.tsx (1 hunks)
• nextjs-task-system/app/(dashboard)/teams/page.tsx (1 hunks)
• nextjs-task-system/app/api/v1/comments/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/groupmember/[groupId]/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/groups/[group]/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/groups/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/login/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/logout/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/me/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/tasks/[taskId]/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/tasks/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/usergroup/[userId]/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/users/[userId]/route.ts (1 hunks)
• nextjs-task-system/app/api/v1/users/route.ts (1 hunks)
• nextjs-task-system/app/components/AddComments.tsx (1 hunks)
• nextjs-task-system/app/components/CreateTaskForm.tsx (1 hunks)
• nextjs-task-system/app/components/CreateTeam.tsx (1 hunks)
• nextjs-task-system/app/components/Dashboard.tsx (1 hunks)
• nextjs-task-system/app/components/GroupDashboard.tsx (1 hunks)
• nextjs-task-system/app/components/LoginForm.tsx (1 hunks)
• nextjs-task-system/app/components/SideNavBar.tsx (1 hunks)
• nextjs-task-system/app/components/TaskModal.tsx (1 hunks)
• nextjs-task-system/app/components/TeamsPage.tsx (1 hunks)
• nextjs-task-system/app/lib/authMiddleware.ts (1 hunks)
• nextjs-task-system/app/lib/cookies.ts (1 hunks)
• nextjs-task-system/app/page.tsx (1 hunks)
• nextjs-task-system/app/types.d.ts (1 hunks)
• nextjs-task-system/app/utils/mockRequest.ts (1 hunks)
• nextjs-task-system/jest.config.ts (1 hunks)
• nextjs-task-system/middleware.ts (1 hunks)
• nextjs-task-system/package.json (2 hunks)
• nextjs-task-system/prisma/migrations/20241212202419_initial_migration/migration.sql (1 hunks)
• nextjs-task-system/prisma/migrations/migration_lock.toml (1 hunks)
• nextjs-task-system/prisma/schema.prisma (1 hunks)
• nextjs-task-system/prisma/seed.ts (1 hunks)
• nextjs-task-system/tests/api/tasks/route.test.ts (1 hunks)
• nextjs-task-system/tsconfig.json (1 hunks)

✅ Files skipped from review due to trivial changes (4)

• nextjs-task-system/.gitignore
• nextjs-task-system/.env.example
• nextjs-task-system/jest.config.ts
• nextjs-task-system/prisma/migrations/migration_lock.toml

🧰 Additional context used

🪛 LanguageTool

nextjs-task-system/README.md

[uncategorized] ~3-~3: The official spelling of this programming framework is “NEXT.js”.
Context: ...e/canary/packages/create-next-app). ## NEXTJS PRISMA TASK MANAGEMENT SYSTEM ## Insta...

(NODE_JS)

---

[misspelling] ~13-~13: Did you mean the article “the”?
Context: ...vironmental variables After installing de dependencies of the project, create the...

(DE_THE)

---

[grammar] ~17-~17: Consider using either the past participle “configured” or the present participle “configuring” here.
Context: ...## Database PostgreSQL This project is configure to use PostgreSQL, you need to configur...

(BEEN_PART_AGREEMENT)

🔇 Additional comments (9)

nextjs-task-system/package.json (1)

5-7: LGTM! Prisma configuration is properly set up.

The Prisma configuration with TypeScript seed script is correctly implemented.

nextjs-task-system/prisma/schema.prisma (1)

9-9: Caution with using preview features

The relationJoins feature specified in previewFeatures is currently a preview feature in Prisma. Using preview features in a production environment may lead to unexpected behavior or future breaking changes. Ensure that this aligns with your project's stability requirements.

nextjs-task-system/app/(dashboard)/teams/create/page.tsx (1)

1-2: Add type safety for imported component

Consider adding TypeScript type definitions for the CreateTeam component props.

nextjs-task-system/app/api/v1/comments/route.ts (1)

4-4: Move PrismaClient instantiation to a shared utility file

Same issue as in the groups route - creating a new PrismaClient instance for each request.

Please refer to the previous comment about creating a shared PrismaClient instance.

nextjs-task-system/tsconfig.json (1)

15-15: LGTM! Well-structured path aliases.

The TypeScript configuration is well organized with:

• Proper types for Node.js and Jest testing
• Clear path aliases that match the project structure

Also applies to: 22-26

nextjs-task-system/app/api/v1/tasks/route.ts (1)

1-4: Optimize PrismaClient initialization

Same issue as identified in the users route regarding PrismaClient initialization.

Please refer to the previous comment about moving PrismaClient initialization to a shared module.

nextjs-task-system/app/components/LoginForm.tsx (1)

13-39: ⚠️ Potential issue

Fix critical security vulnerabilities in authentication

Several security issues need immediate attention:

1. No CSRF protection
2. No rate limiting
3. Incorrect error handling logic
4. Immediate redirect without checking response body

Apply these security improvements:

 const handleSubmit = async (e: React.FormEvent) => {
     e.preventDefault();
     setError("");
+    setIsLoading(true);
 
     if (!email || !password) {
       setError("Please fill in all fields");
+      setIsLoading(false);
       return;
     }
 
     try {
       const login = await fetch("/api/v1/login", {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
+          // Add CSRF token header
+          'X-CSRF-Token': await getCsrfToken(),
         },
         body: JSON.stringify({ email, password }),
       });
-      console.log(login);
-      if (login.status !== 200) {
-        console.log("Login unsuccessful");
+      
+      const data = await login.json();
+      
+      if (!login.ok) {
+        setError(data.message || "Login failed");
+        setIsLoading(false);
+        return;
       }
+      
+      // Verify successful authentication before redirect
+      if (data.authenticated) {
         router.push("/teams");
         router.refresh();
+      } else {
+        setError("Authentication failed");
+      }
     } catch (err) {
       setError("Invalid email or password");
+    } finally {
+      setIsLoading(false);
     }
   };

nextjs-task-system/app/(dashboard)/teams/page.tsx (1)

1-12: Component Implementation Looks Good

The Teams component is correctly implemented, importing and rendering TeamsPage as expected. The structure is clear and follows best practices.

nextjs-task-system/app/(dashboard)/dashboard/page.tsx (1)

8-8: ⚠️ Potential issue

Incorrect Attribute: Use 'className' instead of 'class' in JSX

In React JSX, the class attribute should be className. Using class will not apply the CSS class correctly. Additionally, since the className is empty, you can remove it altogether.

Apply this diff to fix the attribute:

-    <div class="">
+    <div>

Likely invalid or redundant comment.

[coderabbitai]

🛠️ Refactor suggestion

Enhance installation instructions

The installation section should be expanded to include:

• Node.js version requirements
• Prerequisites (Git, PostgreSQL)
• Global dependencies
• Step-by-step setup process

 ## Installation

+### Prerequisites
+
+- Node.js 16.x or higher
+- PostgreSQL 13.x or higher
+- Git
+
+### Steps
+
 ```bash
+# Clone the repository
+git clone <repository-url>
+cd nextjs-task-system
+
+# Install dependencies
 npm install

<!-- This is an auto-generated comment by CodeRabbit -->

[coderabbitai]

🛠️ Refactor suggestion

Fix grammar and add environment variable details

There's a typo and missing information about required environment variables.

 ## Environmental variables

-After installing de dependencies of the project, create the file .env.local in the root of your project. Copy the content of the .env.example in the .env.local and configure the variables. 
+After installing the dependencies, create a `.env.local` file in the project root. Copy the content from `.env.example` and configure the following required variables:
+
+```env
+# Database Configuration
+DATABASE_URL="postgresql://user:password@localhost:5432/taskdb"
+
+# Authentication
+ADMIN_EMAIL="admin@example.com"
+ADMIN_PASSWORD="secure_password"
+JWT_SECRET_KEY="your-secret-key"
+```
+
+### Variable Descriptions
+
+- `DATABASE_URL`: PostgreSQL connection string
+- `ADMIN_EMAIL`: Default admin user email
+- `ADMIN_PASSWORD`: Default admin user password
+- `JWT_SECRET_KEY`: Secret key for JWT token generation

🧰 Tools

🪛 LanguageTool

[misspelling] ~13-~13: Did you mean the article “the”?
Context: ...vironmental variables After installing de dependencies of the project, create the...

(DE_THE)

[coderabbitai]

🛠️ Refactor suggestion

Add feature documentation and available endpoints

The development section should include information about the task management system's features and API endpoints.

 ## Run in development
+
+### Available Features
+
+#### Admin Features
+- Task Creation and Assignment
+- User and Group Management
+- Task Filtering and Sorting
+
+#### User Features
+- View Assigned Tasks
+- Update Task Status
+- Add Task Comments
+
+### API Endpoints
+
+```typescript
+// Task Management
+POST   /api/tasks           // Create new task (Admin only)
+GET    /api/tasks           // List tasks (filtered by user role)
+PUT    /api/tasks/:id       // Update task status
+POST   /api/tasks/:id/comments // Add task comment
+
+// User Management
+GET    /api/users          // List users (Admin only)
+POST   /api/groups         // Create user group (Admin only)
+```

[coderabbitai]

⚠️ Potential issue

Fix incorrect Prisma client version.

The specified version ^6.0.1 for @prisma/client is incorrect as the latest major version is 5.x. This will cause installation failures.

-    "@prisma/client": "^6.0.1",
+    "@prisma/client": "^5.10.2",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"@prisma/client": "^6.0.1",
	"@prisma/client": "^5.10.2",

[coderabbitai]

⚠️ Potential issue

Fix incorrect @testing-library/react version.

The specified version ^16.1.0 for @testing-library/react is incorrect as the latest version is 14.x. This will cause installation failures.

-    "@testing-library/react": "^16.1.0",
+    "@testing-library/react": "^14.2.1",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"@testing-library/react": "^16.1.0",
	"@testing-library/react": "^14.2.1",

[coderabbitai]

🛠️ Refactor suggestion

Add cleanup function to prevent memory leaks.

Consider adding cleanup functions to the useEffect hooks to handle component unmounting and prevent potential memory leaks or race conditions.

   useEffect(() => {
+    let isSubscribed = true;
     if(groupId !== ''){
-       userFromGroup(groupId);
+       const fetchUsers = async () => {
+         try {
+           const res = await fetch(`/api/v1/groupmember/${groupId}`);
+           if (!res.ok) throw new Error('Failed to fetch users');
+           const data = await res.json();
+           if (isSubscribed) {
+             setUsers(data);
+           }
+         } catch (error) {
+           console.error('Error:', error);
+         }
+       };
+       fetchUsers();
     }
+    return () => {
+      isSubscribed = false;
+    };
   }, [groupId])

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

⚠️ Potential issue

Enhance form submission handling and user feedback.

The form submission needs improvements in error handling, loading state, and date handling.

+  const [isSubmitting, setIsSubmitting] = useState(false);
+
   const handleSubmit = async(e: React.FormEvent<HTMLFormElement>) => {
     e.preventDefault()
+    setIsSubmitting(true);
     try {
       const res = await fetch('/api/v1/tasks', {
         method: 'POST',
         headers: {
           'Content-Type': 'application/json'
         },
         body: JSON.stringify({
           title: title,
           description: description,
           status: status,
           assigned_to: assignedTo,
-          due_date: new Date(dueDate),
+          due_date: new Date(dueDate + 'T00:00:00.000Z'),
           priority: priority,
           group_id: groupId
         })
       });
-      if(!res.ok){
-        console.error('Failed to create task');
-        return;
+      if (!res.ok) {
+        const error = await res.json();
+        throw new Error(error.message || 'Failed to create task');
       }
       router.push('/dashboard')
+    } catch (error) {
+      console.error('Error creating task:', error);
+      // Add user feedback (toast/alert)
+    } finally {
+      setIsSubmitting(false);
     }
   }

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

⚠️ Potential issue

Import and use NextResponse instead of Response

The code uses Response.json(), but Response is not imported, and in Next.js API route handlers, you should use NextResponse from 'next/server'. This ensures you're using the correct response methods and can manage headers and cookies appropriately.

Apply this diff to import NextResponse and update response usages:

-import { NextRequest } from "next/server";
+import { NextRequest, NextResponse } from "next/server";

Then, replace all instances of Response.json() with NextResponse.json():

-return Response.json({ error: "User not found" }, { status: 404 });
+return NextResponse.json({ error: "User not found" }, { status: 404 });

Repeat this change for all similar lines where Response.json() is used.

Also applies to: 11-11, 17-17, 21-21, 37-37, 40-40

[coderabbitai]

⚠️ Potential issue

Security Issue: Avoid using default secret keys

Using a default secret key ("your-secret-key") when process.env.JWT_SECRET_KEY is not set poses a significant security risk. An attacker could exploit this default value if it's used in production. It's crucial to ensure that the secret key is always provided via environment variables and to throw an error if it's missing.

Apply this diff to enforce the presence of the secret key:

-const SECRET_KEY = new TextEncoder().encode(process.env.JWT_SECRET_KEY || "your-secret-key");
+if (!process.env.JWT_SECRET_KEY) {
+  throw new Error("JWT_SECRET_KEY is not defined in environment variables.");
+}
+const SECRET_KEY = new TextEncoder().encode(process.env.JWT_SECRET_KEY);

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const SECRET_KEY = new TextEncoder().encode(process.env.JWT_SECRET_KEY || "your-secret-key");
	if (!process.env.JWT_SECRET_KEY) {
	throw new Error("JWT_SECRET_KEY is not defined in environment variables.");
	}
	const SECRET_KEY = new TextEncoder().encode(process.env.JWT_SECRET_KEY);

[coderabbitai]

⚠️ Potential issue

Ensure the authentication cookie is set in the response

The setAuthCookie function is called without passing a response object, and it's unclear how the cookie is being attached to the response. In Next.js API routes, you need to modify the NextResponse object to include cookies.

Modify the code to set the cookie on the NextResponse object:

        const id = checkUser.id;
-       setAuthCookie(token);
-       return NextResponse.json({ token, id }, { status: 200 });
+       let response = NextResponse.json({ token, id }, { status: 200 });
+       response = setAuthCookie(response, token);
+       return response;

Ensure that the setAuthCookie function is updated to accept and modify the response:

-export function setAuthCookie(token) {
-  // existing code
+export function setAuthCookie(response, token) {
+  response.cookies.set('auth', token, { httpOnly: true, secure: true });
+  return response;
}

Committable suggestion skipped: line range outside the PR's diff.