fix: Enable/disable ecosystem

[pranalidhanavade]

What

• fix: Enable disable ecosystem.
• Delete intent API issue for userId.
• Refactored get all ecosystems endpoint to support fetching ecosystems by platform admin and ecosystem lead.

Summary by CodeRabbit

• New Features

  • API to enable/disable the ecosystem feature with persistent platform config and DB migration.
  • Swagger UI now hides ecosystem endpoints when the feature is disabled.

• Other Changes

  • Runtime feature-gate enforced across ecosystem endpoints.
  • Stricter ID validation on deletion flows; operations now use userId.
  • Toggle action validates input and returns a confirmation message with new standardized texts.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

📝 Walkthrough

Walkthrough

Adds an ecosystem feature-flag: API DTO and platform endpoint to toggle it, NATS propagation to ecosystem microservice, DB migration and seed for the flag, a request-scoped guard and Swagger filter to hide/deny ecosystem endpoints when disabled, and updates to ecosystem intent/get flows and repository methods.

Changes

Cohort / File(s)	Summary
DTO apps/api-gateway/src/ecosystem/dtos/enable-ecosystem.ts	New EnableEcosystemDto with isEcosystemEnabled: boolean, @ApiProperty, and @IsBoolean.
Platform API (gateway) apps/api-gateway/src/platform/platform.controller.ts, apps/api-gateway/src/platform/platform.service.ts, apps/api-gateway/src/platform/platform.module.ts	New PUT /config/ecosystem endpoint; PlatformService adds updateEcosystemConfig that publishes update-ecosystem-config over NATS; PlatformModule imports/exports EcosystemServiceModule.
Gateway bootstrap & Swagger apps/api-gateway/src/authz/guards/ecosystem-swagger.filter.ts, apps/api-gateway/src/app.module.ts, apps/api-gateway/src/main.ts	Adds EcosystemSwaggerFilter and registers/applies it during Swagger generation (safe-guarded with try/catch) to remove operations tagged ecosystem when disabled.
API Gateway — Ecosystem endpoints & guards apps/api-gateway/src/ecosystem/ecosystem.controller.ts, apps/api-gateway/src/ecosystem/ecosystem.module.ts, apps/api-gateway/src/ecosystem/ecosystem.service.ts, apps/api-gateway/src/authz/guards/ecosystem-feature-guard.ts	Adds EcosystemFeatureGuard (request-scoped) that queries platform config; controller/service signatures updated: getAllEcosystems → getEcosystems(userId), deleteIntent uses userId and UUID parsing; module exports adjusted to include service module.
Ecosystem microservice — controller/service/repository apps/ecosystem/src/ecosystem.controller.ts, apps/ecosystem/src/ecosystem.service.ts, apps/ecosystem/repositories/ecosystem.repository.ts	New NATS handler updateEcosystemConfig in ecosystem service/controller; service validates and delegates to repository; repository adds upsertEcosystemConfig and getPlatformConfig; deleteIntent signature extended to include userId.
Database / Prisma libs/prisma-service/prisma/schema.prisma, libs/prisma-service/prisma/migrations/.../migration.sql, libs/prisma-service/prisma/data/credebl-master-table.json	Adds isEcosystemEnabled Boolean @default(false) to platform_config, migration SQL adds column default false, and seed data includes isEcosystemEnabled: false.
Common messages libs/common/src/response-messages/index.ts	Adds messages: updateEcosystemConfig, featureIsDisabled, and invalidEcosystemEnabledFlag.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant PlatformController
    participant PlatformService
    participant NATS
    participant EcosystemController
    participant EcosystemService
    participant EcosystemRepository
    participant Database

    Client->>PlatformController: PUT /config/ecosystem (EnableEcosystemDto)
    PlatformController->>PlatformService: updateEcosystemConfig(isEcosystemEnabled, adminId)
    PlatformService->>NATS: publish "update-ecosystem-config" {isEcosystemEnabled, platformAdminId}
    NATS->>EcosystemController: deliver "update-ecosystem-config"
    EcosystemController->>EcosystemService: updateEcosystemConfig(payload)
    EcosystemService->>EcosystemService: validate payload
    EcosystemService->>EcosystemRepository: upsertEcosystemConfig({isEcosystemEnabled, userId})
    EcosystemRepository->>Database: select/update platform_config
    Database-->>EcosystemRepository: ack
    EcosystemRepository-->>EcosystemService: ack
    EcosystemService-->>EcosystemController: { message }
    EcosystemController-->>NATS: response
    PlatformController-->>Client: 200 OK { message }

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• feat: ecosystem service and create ecosystem invitation API route #1540 — Prior work that introduced related ecosystem feature baseline (guards, flags, config flow).
• feat: create intent API endpoints and intent template mapping APIs #1547 — Shares changes to deleteIntent signatures and ecosystem repository updates.
• feat: ecosystem member invitation and management API's #1545 — Touches the same repository/controller/service surface and related DTOs/methods.

Suggested labels

feature

Suggested reviewers

• sujitaw
• GHkrishna
• shitrerohit

Poem

🐰
I hopped through code with nimble paws,
Toggled a flag and changed the laws,
From gateway hop to DB bed,
Ecosystem wakes ahead,
Tiny rabbit cheers—applause! 🎉

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: Enable/disable ecosystem' accurately describes the main objective of the changeset—adding functionality to enable or disable the ecosystem feature across multiple layers (API, service, repository, database).

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/enable-disable-ecosystem

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pranalidhanavade]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[pranalidhanavade]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[pranalidhanavade]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@apps/api-gateway/src/authz/guards/ecosystem-feature-guard.ts`:
- Around line 1-19: Replace the hardcoded ForbiddenException message in
EcosystemFeatureGuard.canActivate with the existing constant
ResponseMessages.ecosystem.error.ecosystemNotEnabled: import ResponseMessages
and throw new
ForbiddenException(ResponseMessages.ecosystem.error.ecosystemNotEnabled) in the
same location where the current string is used so the guard uses the
standardized message.

In `@apps/api-gateway/src/main.ts`:
- Around line 85-89: Wrap the call to ecosystemFilter.filterDocument(document)
in a try/catch so a thrown error doesn't stop bootstrap: after creating the
Swagger document with SwaggerModule.createDocument and retrieving
EcosystemSwaggerFilter via app.get(EcosystemSwaggerFilter), call
filterDocument(document) inside a try block and on error log a warning
(including the error) and continue using the original unfiltered document
variable as the fallback; ensure the variable name document is preserved so
subsequent code uses the fallback when filtering fails.

🧹 Nitpick comments (4)

apps/api-gateway/src/authz/guards/ecosystem-feature-guard.ts (1)

5-5: Consider caching or default scope for performance.

Scope.REQUEST creates a new guard instance per request, which means a database call via getPlatformConfig() on every protected route. If the ecosystem enabled/disabled state changes infrequently, consider:

1. Using default singleton scope with a short TTL cache, or
2. Leveraging NestJS CacheModule (already imported in AppModule) to cache the config.

This would reduce database load on high-traffic routes.

apps/ecosystem/repositories/ecosystem.repository.ts (2)

1149-1169: Unused userId parameter in deleteIntent.

The userId field is included in the data parameter but is never used in the method body. If it's intended for future audit logging (e.g., deletedBy), consider implementing it now or removing the parameter to avoid confusion.

---

1171-1190: Method name upsertEcosystemConfig is misleading - it only performs update.

The method throws an exception when no config exists rather than creating one, which contradicts the "upsert" semantics. Consider:

1. Renaming to updateEcosystemConfig to accurately reflect behavior
2. Or implementing true upsert behavior using Prisma's upsert

Additionally, the userId parameter is destructured but never used in the update operation.

♻️ Option 1: Rename to updateEcosystemConfig

-  async upsertEcosystemConfig(payload: { isEcosystemEnabled: boolean; userId: string }): Promise<void> {
+  async updateEcosystemConfig(payload: { isEcosystemEnabled: boolean }): Promise<void> {
     const { isEcosystemEnabled } = payload;

♻️ Option 2: Implement true upsert with audit trail

   async upsertEcosystemConfig(payload: { isEcosystemEnabled: boolean; userId: string }): Promise<void> {
-    const { isEcosystemEnabled } = payload;
-
-    const existingConfig = await this.prisma.platform_config.findFirst();
-
-    if (!existingConfig) {
-      throw new RpcException({
-        statusCode: 500,
-        message: 'Platform config not found'
-      });
-    }
-
-    await this.prisma.platform_config.update({
-      where: { id: existingConfig.id },
-      data: { isEcosystemEnabled }
-    });
+    const { isEcosystemEnabled, userId } = payload;
+
+    const existingConfig = await this.prisma.platform_config.findFirst();
+
+    if (existingConfig) {
+      await this.prisma.platform_config.update({
+        where: { id: existingConfig.id },
+        data: { isEcosystemEnabled, lastChangedBy: userId }
+      });
+    } else {
+      await this.prisma.platform_config.create({
+        data: { isEcosystemEnabled, createdBy: userId, lastChangedBy: userId }
+      });
+    }
   }

apps/ecosystem/src/ecosystem.service.ts (1)

682-700: Consider using the userId parameter for audit trail tracking in the platform config updates.

The platformAdminId is passed to upsertEcosystemConfig as userId, but examining the repository implementation (lines 1174-1190), this parameter is destructured but never used in the update operation. The platform_config model has lastChangedBy and lastChangedDateTime fields available for audit tracking, but they currently default to static values. Consider updating the implementation to track who made configuration changes:

♻️ Suggested fix to use userId for audit trail

   async upsertEcosystemConfig(payload: { isEcosystemEnabled: boolean; userId: string }): Promise<void> {
-    const { isEcosystemEnabled } = payload;
+    const { isEcosystemEnabled, userId } = payload;

     const existingConfig = await this.prisma.platform_config.findFirst();

     if (!existingConfig) {
       throw new RpcException({
         statusCode: 500,
         message: 'Platform config not found'
       });
     }

     await this.prisma.platform_config.update({
       where: { id: existingConfig.id },
-      data: { isEcosystemEnabled }
+      data: { isEcosystemEnabled, lastChangedBy: userId }
     });
   }

[pranalidhanavade]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[pranalidhanavade]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

apps/api-gateway/src/platform/platform.module.ts (1)

14-26: ⚠️ Potential issue | 🟠 Major

Extract a provider-only module from the ecosystem module to prevent controller registration in the API gateway.
The imported EcosystemServiceModule declares EcosystemController, which will be mounted in the API gateway when the module is imported. This exposes internal endpoints and may bypass gateway guards. Extract the service and repository into a separate, provider-only module and import that instead.

🧹 Nitpick comments (1)

apps/ecosystem/repositories/ecosystem.repository.ts (1)

1171-1190: Consider aligning method name with behavior (update vs upsert).
This throws if the config is missing, so “upsert” may mislead callers. Either rename to an update-only name or implement a real upsert with a create fallback.

[coderabbitai]

Actionable comments posted: 5

🤖 Fix all issues with AI agents

In `@apps/api-gateway/src/authz/guards/ecosystem-swagger.filter.ts`:
- Around line 12-26: The iteration over document.paths can throw when
document.paths is undefined; add a guard at the top of the block that checks
whether document.paths exists (and is an object) before calling
Object.keys(document.paths) — i.e., when enabled is false, return/skip if
!document.paths; keep the existing logic that inspects operation.tags
(operation.tags?.includes('ecosystem')) and deletes methods/paths as before so
only proceed when document.paths is present.

In `@apps/ecosystem/repositories/ecosystem.repository.ts`:
- Around line 1171-1189: The upsertEcosystemConfig function updates
isEcosystemEnabled but doesn't persist audit fields; modify the
prisma.platform_config.update call in upsertEcosystemConfig to also set
lastChangedBy to payload.userId and lastChangedDateTime to the current timestamp
(e.g., new Date()), so the update includes data: { isEcosystemEnabled,
lastChangedBy: userId, lastChangedDateTime: new Date() } and ensure you
import/format Date in a way compatible with Prisma.

In `@apps/ecosystem/src/ecosystem.service.ts`:
- Around line 687-704: The updateEcosystemConfig method currently allows missing
or invalid platformAdminId which can cause upsertEcosystemConfig to record an
invalid userId; add validation in updateEcosystemConfig to ensure
platformAdminId is a non-empty string (e.g., typeof platformAdminId === 'string'
&& platformAdminId.trim() !== '') and throw a BadRequestException with an
appropriate ResponseMessages.ecosystem error if it fails, then pass the
validated platformAdminId into ecosystemRepository.upsertEcosystemConfig
(referencing updateEcosystemConfig and
ecosystemRepository.upsertEcosystemConfig).
- Around line 674-681: In deleteIntent, validate that ecosystemId, intentId and
userId are present and non-empty before calling
ecosystemRepository.deleteIntent; in the deleteIntent method perform guards
(e.g., check for undefined/null/empty string) on the parameters and throw a
descriptive error or return a structured validation error if any are missing, so
the repository is never called with incomplete identifiers.
- Around line 283-290: Add a defensive userId guard at the top of getEcosystems:
if userId is falsy throw the same validation error used elsewhere (e.g., match
pattern from getInvitationsByUserId/createNewEcosystem). Then resolve behavior
by role: fetch the user's roles (or call the existing user/role helper) and if
the user is PLATFORM_ADMIN return this.ecosystemRepository.getAllEcosystems(),
if the user is ECOSYSTEM_LEAD return
this.ecosystemRepository.getEcosystemsForEcosystemLead(userId), otherwise return
an empty list or a forbidden error per the service convention; ensure you
reference getEcosystemsForEcosystemLead and getAllEcosystems when implementing
the role-based branching.

🧹 Nitpick comments (2)

apps/api-gateway/src/ecosystem/dtos/enable-ecosystem.ts (1)

4-11: Consider adding @IsDefined() for explicit required field validation.

While @IsBoolean() will fail if the field is omitted, adding @IsDefined() makes the required nature explicit and provides a clearer validation error message.

♻️ Suggested improvement

 import { ApiProperty } from '@nestjs/swagger';
-import { IsBoolean } from 'class-validator';
+import { IsBoolean, IsDefined } from 'class-validator';
 
 export class EnableEcosystemDto {
   `@ApiProperty`({
     example: true,
     description: 'Enable or disable ecosystem creation'
   })
+  `@IsDefined`()
   `@IsBoolean`()
   isEcosystemEnabled: boolean;
 }

apps/api-gateway/src/platform/platform.controller.ts (1)

285-310: Consider adding @ApiTags decorator for Swagger organization.

The new updateEcosystemConfig endpoint lacks an @ApiTags decorator. Other endpoints in this controller use @ApiTags (e.g., 'schemas', 'credential-definitions', 'ledgers'). Adding a tag like 'platform-config' or 'ecosystem' would improve Swagger documentation organization.

♻️ Suggested improvement

   `@Put`('/config/ecosystem')
   `@Roles`(OrgRoles.PLATFORM_ADMIN)
+  `@ApiTags`('platform-config')
   `@ApiOperation`({
     summary: 'Enable or disable ecosystem feature',

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud