Feat: Check entity slide issue

[Ashutosh619-sudo]

Description

Please add PR description here, add screenshots if needed

Clickup

Please add link here
https://app.clickup.com/

In general, to fix information exposure via exceptions, avoid sending raw exception objects or their messages to the client. Instead, log the full details on the server (possibly with stack trace) and return a generic, non-sensitive message to the user. If you need to signal specific conditions to the client, use predefined safe codes/flags instead of arbitrary exception text.

For this specific view (EntitySlideCheckView.post in apps/sage_intacct/views.py), the best minimal fix is:

• Keep logging the exception server-side (possibly upgrading to logger.exception so a stack trace is captured for debugging).
• Stop including str(e) in the response body.
• Replace it with a generic, non-sensitive message such as "An internal error occurred while checking entity slide error" while still returning 'entity_slide_error': True so the client can react correctly.
• Do not change the HTTP status code or structure of the JSON other than the textual message, to avoid breaking clients.

Changes needed:

• In apps/sage_intacct/views.py, within EntitySlideCheckView.post, modify the final except Exception as e: block so that:
  • The log line no longer needs str(e) explicitly if we use logger.exception; otherwise, we can keep the current log but that is not required for the CodeQL fix.
  • The Response data uses a generic message string independent of e.

No new imports or helper methods are required; logging is already imported and configured.

[github-actions]

Tests	Skipped	Failures	Errors	Time
842	0 💤	0 ❌	0 🔥	1m 13s ⏱️

[github-actions]

Failure. Coverage is below 90%.

Diff Coverage
Diff: origin/master..HEAD, staged and unstaged changes

apps/sage_intacct/helpers.py (28.6%): Missing lines 184-185,187-189,197-199,203,212
apps/sage_intacct/views.py (15.8%): Missing lines 353-354,356,358-360,364-366,370-373,377-378,382

Total: 33 lines
Missing: 26 lines
Coverage: 21%

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1f6fea8 and a1d88a3.

📒 Files selected for processing (1)

• apps/sage_intacct/connector.py

✅ Files skipped from review due to trivial changes (1)

• apps/sage_intacct/connector.py

---

📝 Walkthrough

Walkthrough

A helper function check_entity_slide_error(workspace_id, entity_id) was added to validate entity-level access by detecting REST API migration, creating the appropriate Intacct connection (REST or SDK with decrypted credentials), and calling locations.count() to confirm entity scope. A new POST API view EntitySlideCheckView and route /check_entity_slide/ expose this validation and return structured error responses for missing credentials, invalid tokens, or other failures.

Poem

✨ A check for entities, clear and bright,
Two connection paths set just right,
Secrets gently freed, a count begun,
Locations tallied—one by one,
A tiny endpoint sings, "All done!"

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is incomplete; it contains only placeholder text without actual details about what was changed, why, or implementation specifics.	Replace placeholder text with a concrete description of the entity slide check feature, explain the purpose/context, and provide a valid ClickUp ticket link instead of the generic placeholder.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Feat: Check entity slide issue' clearly summarizes the main feature added: a new entity slide error check functionality across helpers, views, and URL routing.
Docstring Coverage	✅ Passed	Docstring coverage is 80.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/sage_intacct/views.py`:
- Line 356: The current validation uses assert_valid(entity_id is not None,
'Entity ID is required') which allows empty strings/whitespace; update the check
to ensure entity_id is a non-empty, non-whitespace string by validating
entity_id and entity_id.strip() before calling assert_valid so that empty or
whitespace-only values fail with the same 'Entity ID is required' message
(target the entity_id variable and the assert_valid call).
- Around line 377-384: The except block that currently logs and returns raw
exception text should be changed to avoid exposing internal errors: replace
logger.info(...) with logger.exception(...) to record the stack trace, and in
the Response (the block returning {'entity_slide_error': True, 'message': ...})
remove str(e) and return a generic message (e.g., "Internal server error
processing entity slide") and an appropriate error status (e.g.,
status.HTTP_500_INTERNAL_SERVER_ERROR) instead of HTTP 200; update the code
around the except handler in apps/sage_intacct/views.py where
workspace_id/entity_id are handled to implement these changes.

---

ℹ️ Review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 03ad147 and 1f6fea8.

📒 Files selected for processing (3)

• apps/sage_intacct/helpers.py
• apps/sage_intacct/urls.py
• apps/sage_intacct/views.py

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Validate entity_id is non-empty, not just non-null.

Line 356 accepts "" / whitespace, which can lead to invalid SDK calls instead of a clean request validation failure.

Proposed fix

-        assert_valid(entity_id is not None, 'Entity ID is required')
+        assert_valid(
+            entity_id is not None and str(entity_id).strip() != '',
+            'Entity ID is required'
+        )

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	assert_valid(entity_id is not None, 'Entity ID is required')
	assert_valid(
	entity_id is not None and str(entity_id).strip() != '',
	'Entity ID is required'
	)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/sage_intacct/views.py` at line 356, The current validation uses
assert_valid(entity_id is not None, 'Entity ID is required') which allows empty
strings/whitespace; update the check to ensure entity_id is a non-empty,
non-whitespace string by validating entity_id and entity_id.strip() before
calling assert_valid so that empty or whitespace-only values fail with the same
'Entity ID is required' message (target the entity_id variable and the
assert_valid call).

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Do not expose raw exceptions in API responses.

Line 383 returns str(e) to clients, which can leak internal details. Also, Line 384 reports unexpected failures as HTTP 200.

Proposed fix

-        except Exception as e:
-            logger.info(
-                'Entity slide error for workspace_id - %s, entity_id - %s: %s',
-                workspace_id, entity_id, str(e)
-            )
-            return Response(
-                data={'entity_slide_error': True, 'message': str(e)},
-                status=status.HTTP_200_OK
-            )
+        except Exception:
+            logger.exception(
+                'Unexpected error while checking entity slide for workspace_id - %s, entity_id - %s',
+                workspace_id, entity_id
+            )
+            return Response(
+                data={'message': 'Unable to validate entity access at this time'},
+                status=status.HTTP_500_INTERNAL_SERVER_ERROR
+            )

🧰 Tools

🪛 GitHub Check: CodeQL

[warning] 383-383: Information exposure through an exception
Stack trace information flows to this location and may be exposed to an external user.

🪛 Ruff (0.15.2)

[warning] 377-377: Do not catch blind exception: Exception

(BLE001)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/sage_intacct/views.py` around lines 377 - 384, The except block that
currently logs and returns raw exception text should be changed to avoid
exposing internal errors: replace logger.info(...) with logger.exception(...) to
record the stack trace, and in the Response (the block returning
{'entity_slide_error': True, 'message': ...}) remove str(e) and return a generic
message (e.g., "Internal server error processing entity slide") and an
appropriate error status (e.g., status.HTTP_500_INTERNAL_SERVER_ERROR) instead
of HTTP 200; update the code around the except handler in
apps/sage_intacct/views.py where workspace_id/entity_id are handled to implement
these changes.

[github-actions]

Tests	Skipped	Failures	Errors	Time
842	0 💤	0 ❌	0 🔥	1m 11s ⏱️

[github-actions]

Failure. Coverage is below 90%.

Diff Coverage
Diff: origin/master..HEAD, staged and unstaged changes

apps/sage_intacct/helpers.py (28.6%): Missing lines 184-185,187-189,197-199,203,212
apps/sage_intacct/views.py (15.8%): Missing lines 353-354,356,358-360,364-366,370-373,377-378,382

Total: 33 lines
Missing: 26 lines
Coverage: 21%