fix: sorting for completed and scheduled maintenance entries

[zebrapurring]

What type of PR is this?

• bug

What this PR does / why we need it:

Maintenance entries are expected to sorted from closest to the current date to furthest away in time. That means, for scheduled entries the user would expect to see the next entry that will be scheduled first, and for completed entries the user would expect to see the last completed entry first in the list.

Which issue(s) this PR fixes:

No tracking issue.

Special notes for your reviewer:

• Completed entries are sorted by descending completion date
• Scheduled entries are sorted by ascending scheduling date
• Selecting both entries shall sort them by scheduling and then completion date in descending order

Testing

1. Create scheduled and completed maintenance entries on different dates
2. Verify that the sorting matches the expected behavior as specified in the PR description

Summary by CodeRabbit

• New Features
  • Enhanced sorting capabilities for maintenance entries based on their status in the maintenance management system.
  • Entries can now be sorted by scheduled and completion dates depending on their status.
  • Improved query logic for retrieving maintenance entries based on filters.

[coderabbitai]

Walkthrough

The changes in this pull request primarily focus on enhancing the GetMaintenanceByItemID method within the MaintenanceEntryRepository class in the repo_maintenance_entry.go file. Modifications include the addition of an import statement for the sql package and the implementation of sorting functionality based on the status of maintenance entries. The sorting behavior is adjusted depending on whether the status is Scheduled, Completed, or other statuses, improving the method's overall query execution.

Changes

File Path	Change Summary
backend/internal/data/repo/repo_maintenance_entry.go	- Added import statement for sql package. - Updated GetMaintenanceByItemID method to implement sorting based on maintenance entry status. - Removed default sorting by scheduled date in the query execution.

Possibly related PRs

• Improve filter for maintenances #367: The changes in this PR directly modify the GetMaintenanceByItemID method in the same MaintenanceEntryRepository class, enhancing the filtering logic based on maintenance entry status, which is closely related to the sorting functionality introduced in the main PR.

Security Recommendations

• Ensure that the updated sorting logic does not introduce any vulnerabilities, such as SQL injection, especially since the method now dynamically alters the query based on input parameters. Consider validating and sanitizing all input values before use in the query.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2e20832 and c5ffa0e.

📒 Files selected for processing (1)

• backend/internal/data/repo/repo_maintenance_entry.go (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• backend/internal/data/repo/repo_maintenance_entry.go

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Experiment)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments.

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (1)

backend/internal/data/repo/repo_maintenance_entry.go (1)

162-162: Security Recommendation: Add rate limiting for large queries

While the implementation is secure using the Ent ORM, consider adding rate limiting or pagination for the query execution to prevent potential DoS attacks through excessive data retrieval.

Consider implementing:

1. Pagination using Ent's Limit() and Offset()
2. Request rate limiting at the API layer
3. Maximum result set size constraints

🛑 Comments failed to post (1)

backend/internal/data/repo/repo_maintenance_entry.go (1)

140-160: 💡 Codebase verification

Add indexes to optimize query performance and enhance security

The maintenance entry schema lacks indexes for the sorting operations. To ensure optimal performance and prevent potential DoS vectors through unindexed sorting, please add:

• An index on (item_id, scheduled_date) for scheduled entries queries
• An index on (item_id, date) for completed entries queries

Add this to the schema in backend/internal/data/ent/schema/maintenance_entry.go:

func (MaintenanceEntry) Indexes() []ent.Index {
    return []ent.Index{
        index.Fields("item_id", "scheduled_date"),
        index.Fields("item_id", "date"),
    }
}

Security recommendations:

• Monitor query execution times in production
• Set appropriate query timeouts
• Consider implementing rate limiting for these endpoints

🔗 Analysis chain

Implementation aligns with sorting requirements

The sorting logic correctly implements the specified requirements:

• Scheduled entries: ascending by scheduled date
• Completed entries: descending by completion date
• Mixed status: descending by both dates

Let's verify the database indexes for optimal query performance:

Consider adding the following indexes if not already present:

1. (item_id, scheduled_date) - for scheduled entries queries
2. (item_id, date) - for completed entries queries

These indexes will optimize the sorting operations, especially for large datasets.

---

Let me check the schema definition for maintenance entries to verify if appropriate indexes exist.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for index definitions on maintenance_entries table

# Search for index definitions in schema files
rg -A 5 "Index\(|CreateIndex" --type go

# Search for any existing performance-related comments
rg -i "performance|index" --type go

Length of output: 4322

---

Script:

#!/bin/bash
# Search for maintenance entry schema definition and indexes
rg -A 20 "type MaintenanceEntry struct" --type go

# Also check for any existing index definitions in the maintenance entry schema
ast-grep --pattern 'func (MaintenanceEntry) Indexes() []ent.Index {
  $$$
}'

Length of output: 3621