chore(apps): refactor jsonrpc request handlers parameter passing

[d-gubert]

Proposed changes (including videos or screenshots)

This refactor allows each handler to have access to the request object reference and consequently its ID. This is an enabler to fix an issue with logs in "nested" requests.

Issue(s)

Steps to test or reproduce

Further comments

Summary by CodeRabbit

• Refactor

  • Standardized runtime handlers to accept a unified JSON‑RPC request context.
  • Introduced a RequestContext type to carry request metadata (including logger).

• Style / Errors

  • Added named error codes to improve diagnostics for missing apps and missing handler functions.

• Tests

  • Added comprehensive upload-event tests and updated many handler tests to use JSON‑RPC requests.
  • Expanded test runner permissions to allow read/write in temporary directories.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label
• This PR is targeting the wrong base branch. It should target 8.2.0, but it targets 8.1.0

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[changeset-bot]

⚠️ No Changeset found

Latest commit: 585160e

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Refactors Deno runtime handlers to accept a consolidated RequestContext (JSON-RPC RequestObject + context) across handlers, updates tests to use jsonrpc.request(...), adds exported Errors constants in assertions, and expands Deno test permissions to allow read/write on /tmp.

Changes

Cohort / File(s)	Summary
Configuration & Permissions packages/apps-engine/deno-runtime/deno.jsonc	Extended test task permissions to add --allow-read=/tmp and --allow-write=/tmp.
RequestContext type packages/apps-engine/deno-runtime/lib/requestContext.ts	Added exported RequestContext type = RequestObject & { context: { logger: Logger; [key: string]: unknown } }.
Top-level router / ping packages/apps-engine/deno-runtime/main.ts	Construct and pass RequestContext to handlers; updated ping handler signature to accept RequestContext.
API / Outbound / Scheduler / Slash / Videoconf handlers packages/apps-engine/deno-runtime/handlers/api-handler.ts, .../outboundcomms-handler.ts, .../scheduler-handler.ts, .../slashcommand-handler.ts, .../videoconference-handler.ts	Switched public signatures to accept RequestContext; extract method/params from request and adapt logging/invocation accordingly.
App router & lifecycle handlers packages/apps-engine/deno-runtime/handlers/app/handler.ts, packages/.../handlers/app/*.ts	All app handlers now accept RequestContext, destructure params from it, and most pass additional accessors (http/persistence) where applicable; some handlers added param validation.
UIKit / Listener / Upload / Listener packages/apps-engine/deno-runtime/handlers/uikit/handler.ts, .../listener/handler.ts, .../app/handleUploadEvents.ts	Unified to receive RequestContext; derive method (e.g., split on ':'), validate params, create appropriate interaction contexts, and invoke app handlers with accessors.
Assertions & Error codes packages/apps-engine/deno-runtime/handlers/lib/assertions.ts	Added exported Errors constants (DRT_APP_NOT_AVAILABLE, DRT_EVENT_HANDLER_FUNCTION_MISSING) and attached code to thrown assertion errors.
Tests packages/apps-engine/deno-runtime/handlers/tests/*	Updated tests to build and pass jsonrpc.request(...) RequestObjects to handlers; added upload-event-handler.test.ts covering success and multiple failure scenarios.

Sequence Diagram(s)

(omitted — changes are a cross-cutting refactor to handler input shapes and tests; no single new multi-component sequential flow to visualize)

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• fix(apps): reduce memory usage on apps-engine IPreFileUpload event #38068 — related changes to apps-engine Deno runtime upload flow and handler signatures (overlap in upload handling, temp file access, and RequestObject usage).

Suggested labels

stat: ready to merge, stat: QA assured

Suggested reviewers

• ggazzo
• sampaiodiego

Poem

🐰 I hopped through handlers, neat and spry,

One Request carries method, params, and sky.
Tests now peek in /tmp with cheer,
Error codes named so troubles are clear.
A tiny rabbit's clap — the runtime's in gear! 🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 3.85% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore(apps): refactor jsonrpc request handlers parameter passing' directly and accurately describes the primary change: refactoring how JSON-RPC request handlers receive parameters by switching from separate method/params arguments to a unified RequestContext object.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/apps-logs-redirect

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.83%. Comparing base (5650b78) to head (585160e).
⚠️ Report is 1 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #38322      +/-   ##
===========================================
+ Coverage    70.77%   70.83%   +0.06%     
===========================================
  Files         3159     3159              
  Lines       109384   109364      -20     
  Branches     19644    19693      +49     
===========================================
+ Hits         77412    77469      +57     
+ Misses       29939    29868      -71     
+ Partials      2033     2027       -6     

Flag	Coverage Δ
e2e	60.36% <ø> (+0.01%)	⬆️
e2e-api	49.08% <ø> (+1.04%)	⬆️
unit	71.97% <ø> (+0.06%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

📦 Docker Image Size Report

➡️ Changes

Service	Current	Baseline	Change	Percent
sum of all images	0B	0B	0B
account-service	0B	0B	0B
authorization-service	0B	0B	0B
ddp-streamer-service	0B	0B	0B
omnichannel-transcript-service	0B	0B	0B
presence-service	0B	0B	0B
queue-worker-service	0B	0B	0B
rocketchat	0B	0B	0B

📊 Historical Trend

---
config:
  theme: "dark"
  xyChart:
    width: 900
    height: 400
---
xychart
  title "Image Size Evolution by Service (Last 30 Days + This PR)"
  x-axis ["11/18 22:53", "11/19 23:02", "11/21 16:49", "11/24 17:34", "11/27 22:32", "11/28 19:05", "12/01 23:01", "12/02 21:57", "12/03 21:00", "12/04 18:17", "12/05 21:56", "12/08 20:15", "12/09 22:17", "12/10 23:26", "12/11 21:56", "12/12 22:45", "12/13 01:34", "12/15 22:31", "12/16 22:18", "12/17 21:04", "12/18 23:12", "12/19 23:27", "12/20 21:03", "12/22 18:54", "12/23 16:16", "12/24 19:38", "12/25 17:51", "12/26 13:18", "12/29 19:01", "12/30 20:52", "01/26 21:33 (PR)"]
  y-axis "Size (GB)" 0 --> 0.5
  line "account-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "authorization-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "ddp-streamer-service" [0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.12, 0.00]
  line "omnichannel-transcript-service" [0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.00]
  line "presence-service" [0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.11, 0.00]
  line "queue-worker-service" [0.14, 0.14, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.13, 0.00]
  line "rocketchat" [0.35, 0.35, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.34, 0.00]

Loading

Statistics (last 30 days):

• 📊 Average: 1.5GiB
• ⬇️ Minimum: 1.4GiB
• ⬆️ Maximum: 1.6GiB
• 🎯 Current PR: 0B

ℹ️ About this report

This report compares Docker image sizes from this build against the develop baseline.

• Tag: pr-38322
• Baseline: develop
• Timestamp: 2026-01-26 21:33:47 UTC
• Historical data points: 30

---

Updated: Mon, 26 Jan 2026 21:33:48 GMT

[cubic-dev-ai]

No issues found across 27 files

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (5)

packages/apps-engine/deno-runtime/handlers/app/handleOnPreSettingUpdate.ts (1)

17-23: Validate params length and first element shape before destructuring.

Array.isArray(params) allows [], which yields setting === undefined and can surface as a harder-to-debug runtime error inside the app handler. Consider guarding for length and a non-null object before calling the hook.

🔧 Suggested fix

-	if (!Array.isArray(params)) {
+	if (!Array.isArray(params) || params.length < 1 || typeof params[0] !== 'object' || params[0] === null) {
 		throw new Error('Invalid params', { cause: 'invalid_param_type' });
 	}
 
-	const [setting] = params as [Record<string, unknown>];
+	const [setting] = params as [Record<string, unknown>];

packages/apps-engine/deno-runtime/handlers/app/handleOnSettingUpdated.ts (1)

17-21: Missing validation for empty params array.

If params is an empty array, setting will be undefined after destructuring, and app.onSettingUpdated will be called with an undefined setting. Consider validating that the setting exists.

Proposed fix

 if (!Array.isArray(params)) {
   throw new Error('Invalid params', { cause: 'invalid_param_type' });
 }

 const [setting] = params as [Record<string, unknown>];

+if (!setting) {
+  throw new Error('Setting is required', { cause: 'invalid_param_type' });
+}
+
 await app.onSettingUpdated(setting, AppAccessorsInstance.getConfigurationModify(), AppAccessorsInstance.getReader(), AppAccessorsInstance.getHttp());

packages/apps-engine/deno-runtime/handlers/outboundcomms-handler.ts (1)

8-18: Add validation for params shape before spreading.
In JSON-RPC 2.0, params can be either an Array (positional) or an Object (named). The current code casts params to Array<unknown> without validation, which silently fails when params is an object—the spread operator produces an empty array, causing the provider method to receive incorrect arguments. Add a guard to validate params is array-shaped and return a controlled error for invalid shapes, consistent with patterns already used in scheduler-handler.ts and construct.ts.

Proposed fix

 export default async function outboundMessageHandler(request: RequestObject): Promise<JsonRpcError | Defined> {
 	const { method: call, params } = request;
 	const [, providerName, methodName] = call.split(':');
 
+	if (params !== undefined && !Array.isArray(params)) {
+		return new JsonRpcError('error-invalid-params', -32000);
+	}
 	const provider = AppObjectRegistry.get<IOutboundMessageProviders>(`outboundCommunication:${providerName}`);
 	if (!provider) {
 		return new JsonRpcError('error-invalid-provider', -32000);
 	}
 	const method = provider[methodName as keyof IOutboundMessageProviders];
 	const logger = AppObjectRegistry.get<Logger>('logger');
 	const args = (params as Array<unknown>) ?? [];

packages/apps-engine/deno-runtime/handlers/videoconference-handler.ts (1)

27-27: Consider handling undefined params.

In jsonrpc-lite, RequestObject.params is optional. If a request arrives without params, this line will throw when attempting to destructure undefined. Consider defaulting to an empty array.

Suggested fix

-	const [videoconf, user, options] = params as Array<unknown>;
+	const [videoconf, user, options] = (params ?? []) as Array<unknown>;

packages/apps-engine/deno-runtime/handlers/api-handler.ts (1)

2-32: Validate params shape before destructuring.

If params is missing or not an array, requestData/endpointInfo become undefined and the endpoint call can fail with an internal error instead of a JSON‑RPC invalid‑params response. Other handlers in this codebase validate this consistently.

🔧 Proposed fix

-	const [requestData, endpointInfo] = params as Array<unknown>;
+	if (!Array.isArray(params) || params.length < 2) {
+		return JsonRpcError.invalidParams(null);
+	}
+	const [requestData, endpointInfo] = params as [unknown, unknown];

🤖 Fix all issues with AI agents

In `@packages/apps-engine/deno-runtime/handlers/app/handleUploadEvents.ts`:
- Around line 28-33: The destructuring of params happens outside the try and can
throw if params is missing or malformed; move parsing of params into the try
block inside handleUploadEvents, validate that request.params is an array and
has at least one element (and that the first element is an object) before doing
const [{ file, path }] = params, and if validation fails return a JsonRpcError
or appropriate error object; keep the rawMethod -> method parsing (rawMethod and
method derived from uploadEvents) but perform the params checks first to ensure
safe destructuring and proper JSON-RPC error flow.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/apps-engine/deno-runtime/handlers/api-handler.ts (1)

8-27: Add params validation before destructuring to prevent uncaught exceptions.

Line 25 destructures params without guarding against undefined, null, or non-array values. If params is invalid, destructuring throws and bypasses error handling. Add an early Array.isArray check, consistent with scheduler-handler.ts and listener/handler.ts:

Suggested fix

 export default async function apiHandler(request: RequestObject): Promise<JsonRpcError | Defined> {
 	const { method: call, params } = request;
 	const [, path, httpMethod] = call.split(':');
 
 	const endpoint = AppObjectRegistry.get<IApiEndpoint>(`api:${path}`);
 	const logger = AppObjectRegistry.get<Logger>('logger');
 
 	if (!endpoint) {
 		return new JsonRpcError(`Endpoint ${path} not found`, -32000);
 	}
 
 	const method = endpoint[httpMethod as keyof IApiEndpoint];
 
 	if (typeof method !== 'function') {
 		return new JsonRpcError(`${path}'s ${httpMethod} not exists`, -32000);
 	}
 
+	if (!Array.isArray(params)) {
+		return JsonRpcError.invalidParams(null);
+	}
+
 	const [requestData, endpointInfo] = params as Array<unknown>;

[cubic-dev-ai]

No issues found across 28 files