Adjustment to clans/hideouts

[Phrosfire]

Pull Request

Multiple changes to clans/hideouts. Some changes are for admins and others are for the inner workings.

License

By making this pull request, I confirm that I have the right to waive copyright and related rights to my contribution, and agree that all copyright and related rights in my contributions are waived, and I acknowledge that the Studie-Tech ApS organization has the copyright to use and modify my contribution for perpetuity.

Summary by CodeRabbit

• New Features
  • Introduced a new way for users to instantly join a clan and assume leadership, enhancing the clan management experience.
  • Updated confirmation dialog to reflect the new instant joining and leadership functionality, including revised titles and button text.
  • Implemented toast notifications for successful clan joining and leadership transitions.
  • Expanded elemental names with the addition of "Boil" and introduced a visual representation for it.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
tnr	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 26, 2025 2:56am

[coderabbitai]

Walkthrough

A new mutation method instantJoinAndLead has been added to the clanRouter. This method allows a user to instantly join a clan and assume leadership after running several validations. It checks the existence of both the user and the clan, verifies proper permissions, and ensures the user is not already in another clan. If these conditions are met, an atomic database transaction updates the user's clan affiliation and leadership, returning a success message. Additionally, the ClanInfo component has been updated to integrate this functionality with a modified confirmation dialog.

Changes

File	Changes Summary
app/.../clan.ts	Added instantJoinAndLead mutation to allow instant clan join and leadership with input validation and atomic DB transaction.
app/.../Clan.tsx	Introduced instantJoinAndLead mutation in ClanInfo component, updated confirmation dialog logic, and altered button identifiers and text.
app/drizzle/constants.ts	Added "Boil" to ElementNames array and introduced constant IMG_ELEMENT_BOIL as a placeholder for an image.
app/.../ElementImage.tsx	Updated getElementImg function to include a case for the new "Boil" element, returning IMG_ELEMENT_BOIL.

Possibly related PRs

• Fix Issue #363: Allow admins to kick members from clans/factions as well as promote/demote #364: Modifications in clan management and permission checks in clanRouter that align with the updates introduced by this PR.

Suggested labels

Completed

Suggested reviewers

• MathiasGruber

Poem

In the code garden, I hop with delight,
Joining clans in a flash, with leadership in sight.
Validations and transactions, executed just right,
A bouncy new feature shining so bright—
Happy hops all around, from morning till night! 🐰✨

Tip

CodeRabbit's docstrings feature is now available as part of our Pro Plan! Simply use the command @coderabbitai generate docstrings to have CodeRabbit automatically generate docstrings for your pull request. We would love to hear your feedback on Discord.

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 22bf950 and 1176426.

📒 Files selected for processing (1)

• app/src/server/api/routers/clan.ts (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: analyze
• GitHub Check: build-test
• GitHub Check: Analyze (javascript)

[github-actions]

📦 Next.js Bundle Analysis for tnr

This analysis was generated by the Next.js Bundle Analysis action. 🤖

🎉 Global Bundle Size Decreased

Page	Size (compressed)
global	92.63 KB (-1 B)

Details

The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!

[theeneon]

@MathiasGruber Need you to approve this ASAP. We have some bad actors who are taking over clans kicking everyone and trying to sell the clan

[github-actions]

📦 Next.js Bundle Analysis for tnr

This analysis was generated by the Next.js Bundle Analysis action. 🤖

⚠️ Global Bundle Size Increased

Page	Size (compressed)
global	92.63 KB (🟡 +1 B)

Details

The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!

[github-actions]

📦 Next.js Bundle Analysis for tnr

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

app/src/server/api/routers/clan.ts (1)

1182-1210: 🛠️ Refactor suggestion

This implementation addresses the urgent security concern but lacks important safeguards.

The new instantJoinAndLead mutation provides administrators with a way to take over problematic clans, which directly addresses the issue mentioned in the PR comments about bad actors. However, this implementation is missing several critical components that were suggested in previous reviews:

1. No logging of admin actions
2. No notifications to clan members
3. No handling of existing leadership transition
4. Inconsistent terminology between "faction" and "clan"

Consider implementing these improvements:

  instantJoinAndLead: protectedProcedure
  .input(z.object({ clanId: z.string() }))
  .output(baseServerResponse)
  .mutation(async ({ ctx, input }) => {
    const [user, fetchedClan] = await Promise.all([
      fetchUser(ctx.drizzle, ctx.userId),
      fetchClan(ctx.drizzle, input.clanId),
    ]);
    if (!fetchedClan) return errorResponse("Faction not found");
    if (!user) return errorResponse("User not found");
    if (!canEditClans(user.role)) return errorResponse("Permission denied");
    if (user.clanId) return errorResponse("Already in a faction");
+   const groupLabel = user?.isOutlaw ? "faction" : "clan";
+   const prevLeaderId = fetchedClan.leaderId;

    await ctx.drizzle.transaction(async (tx) => {
      await tx
        .update(userData)
        .set({ clanId: fetchedClan.id, villageId: fetchedClan.village?.id })
        .where(eq(userData.userId, user.userId));
      await tx
        .update(clan)
        .set({ leaderId: user.userId })
        .where(eq(clan.id, fetchedClan.id));
+     
+     // Log the action
+     await tx.insert(actionLog).values({
+       id: nanoid(),
+       userId: user.userId,
+       tableName: "clan",
+       changes: [`Admin ${user.username} took leadership of ${fetchedClan.name}`],
+       relatedId: fetchedClan.id,
+       relatedMsg: `Admin forced leadership change for ${groupLabel}: ${fetchedClan.name}`,
+       relatedImage: fetchedClan.image,
+     });
    });

+   // Notify clan members of the leadership change
+   fetchedClan.members.forEach((member) => {
+     void pusher.trigger(member.userId, "event", {
+       type: "userMessage",
+       message: `Admin ${user.username} has taken leadership of your ${groupLabel}.`,
+       route: "/clanhall",
+       routeText: `To ${groupLabel} Hall`,
+     });
+   });
+
+   // Notify previous leader if exists
+   if (prevLeaderId && prevLeaderId !== user.userId) {
+     void pusher.trigger(prevLeaderId, "event", {
+       type: "userMessage",
+       message: `Admin ${user.username} has taken over your leadership of ${fetchedClan.name}.`,
+       route: "/clanhall",
+       routeText: `To ${groupLabel} Hall`,
+     });
+   }

    return {
      success: true,
-     message: `You have instantly joined and taken leadership of ${fetchedClan.name}`,
+     message: `You have instantly joined and taken leadership of the ${groupLabel}: ${fetchedClan.name}`,
    };
  }),

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 33b6f53 and ef66d13.

📒 Files selected for processing (1)

• app/src/server/api/routers/clan.ts (2 hunks)

🧰 Additional context used

🪛 Biome (1.9.4)

app/src/server/api/routers/clan.ts

[error] 1531-1531: This code is unreachable

... because this statement will return from the function beforehand

(lint/correctness/noUnreachable)

---

[error] 1532-1562: This code is unreachable

... because this statement will return from the function beforehand

(lint/correctness/noUnreachable)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: analyze
• GitHub Check: build-test
• GitHub Check: Analyze (javascript)

[github-actions]

📦 Next.js Bundle Analysis for tnr

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

app/src/server/api/routers/clan.ts (1)

1182-1210: 🛠️ Refactor suggestion

Improve the instantJoinAndLead mutation with proper logging and notifications.

The new clan administration method lacks several important features present in other clan management functions:

1. No action logging to the actionLog table
2. No notifications to clan members about the leadership change
3. No check if the clan already has a leader before overwriting
4. Inconsistent terminology between "faction" and "clan"

Apply these improvements to properly track changes and notify affected users:

  instantJoinAndLead: protectedProcedure
  .input(z.object({ clanId: z.string() }))
  .output(baseServerResponse)
  .mutation(async ({ ctx, input }) => {
    const [user, fetchedClan] = await Promise.all([
      fetchUser(ctx.drizzle, ctx.userId),
      fetchClan(ctx.drizzle, input.clanId),
    ]);
    if (!fetchedClan) return errorResponse("Faction not found");
    if (!user) return errorResponse("User not found");
    if (!canEditClans(user.role)) return errorResponse("Permission denied");
    if (user.clanId) return errorResponse("Already in a faction");
+   const groupLabel = user?.isOutlaw ? "faction" : "clan";
+   const prevLeaderId = fetchedClan.leaderId;

    await ctx.drizzle.transaction(async (tx) => {
      await tx
        .update(userData)
        .set({ clanId: fetchedClan.id, villageId: fetchedClan.village?.id })
        .where(eq(userData.userId, user.userId));
      await tx
        .update(clan)
        .set({ leaderId: user.userId })
        .where(eq(clan.id, fetchedClan.id));
+     
+     // Log the action
+     await tx.insert(actionLog).values({
+       id: nanoid(),
+       userId: user.userId,
+       tableName: "clan",
+       changes: [`Admin ${user.username} took leadership of ${fetchedClan.name}`],
+       relatedId: fetchedClan.id,
+       relatedMsg: `Admin forced leadership change for ${groupLabel}: ${fetchedClan.name}`,
+       relatedImage: fetchedClan.image,
+     });
    });

+   // Notify clan members of the leadership change
+   fetchedClan.members.forEach((member) => {
+     void pusher.trigger(member.userId, "event", {
+       type: "userMessage",
+       message: `Admin ${user.username} has taken leadership of your ${groupLabel}.`,
+       route: "/clanhall",
+       routeText: `To ${groupLabel} Hall`,
+     });
+   });
+
+   // Notify previous leader if exists
+   if (prevLeaderId && prevLeaderId !== user.userId) {
+     void pusher.trigger(prevLeaderId, "event", {
+       type: "userMessage",
+       message: `Admin ${user.username} has taken over your leadership of ${fetchedClan.name}.`,
+       route: "/clanhall",
+       routeText: `To ${groupLabel} Hall`,
+     });
+   }

    return {
      success: true,
-     message: `You have instantly joined and taken leadership of ${fetchedClan.name}`,
+     message: `You have instantly joined and taken leadership of the ${groupLabel}: ${fetchedClan.name}`,
    };
  }),

🧹 Nitpick comments (2)

app/src/server/api/routers/clan.ts (2)

1192-1193: Add permission verification message.

The error message "Permission denied" is generic. It would be better to provide more specific information about the required permissions.

- if (!canEditClans(user.role)) return errorResponse("Permission denied");
+ if (!canEditClans(user.role)) return errorResponse("Admin permissions required to use this function");

---

1195-1204: Add error handling for the transaction.

The current transaction implementation lacks proper error handling. If one of the updates fails, there's no explicit rollback or error reporting.

-  await ctx.drizzle.transaction(async (tx) => {
-    await tx
-      .update(userData)
-      .set({ clanId: fetchedClan.id, villageId: fetchedClan.village?.id })
-      .where(eq(userData.userId, user.userId));
-    await tx
-      .update(clan)
-      .set({ leaderId: user.userId })
-      .where(eq(clan.id, fetchedClan.id));
-  });
+  try {
+    await ctx.drizzle.transaction(async (tx) => {
+      const userResult = await tx
+        .update(userData)
+        .set({ clanId: fetchedClan.id, villageId: fetchedClan.village?.id })
+        .where(eq(userData.userId, user.userId));
+        
+      if (userResult.rowsAffected === 0) {
+        throw new Error("Failed to update user data");
+      }
+      
+      const clanResult = await tx
+        .update(clan)
+        .set({ leaderId: user.userId })
+        .where(eq(clan.id, fetchedClan.id));
+        
+      if (clanResult.rowsAffected === 0) {
+        throw new Error("Failed to update clan leadership");
+      }
+      
+      // Log the action here
+    });
+  } catch (error) {
+    console.error("Transaction failed:", error);
+    return errorResponse(`Failed to join and lead clan: ${error.message}`);
+  }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5cdb3b5 and f3a6332.

📒 Files selected for processing (3)

• app/drizzle/constants.ts (2 hunks)
• app/src/layout/Clan.tsx (2 hunks)
• app/src/server/api/routers/clan.ts (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: analyze
• GitHub Check: build-test
• GitHub Check: Analyze (javascript)

🔇 Additional comments (3)

app/drizzle/constants.ts (1)

347-362:

❓ Verification inconclusive

Element consistency validation needed.

The "Boil" element has been added to the ElementNames array, but the additions seem incomplete. Most elements have corresponding image constants and possibly other related values.

Ensure that all required constants for the new "Boil" element have been defined and initialized properly throughout the codebase.

---

🏁 Script executed:

#!/bin/bash
# Check for any other references to elements that might need updating
grep -r "ElementNames" --include="*.ts" --include="*.tsx" .

Length of output: 1868

---

Action: Validate Complete Integration of "Boil" Element

• In app/drizzle/constants.ts (lines 347–362), "Boil" has been added to the ElementNames array.
• Our grep search confirms that this array is imported and used across combat types, UI components, and schema definitions.
• However, there’s no evidence in the codebase (e.g., in files like app/src/layout/ElementImage.tsx) that corresponding image constants or additional properties have been defined for "Boil"—unlike the other elements that likely have associated assets and configurations.

Please verify that:

• The "Boil" element also has its related image constant or configuration defined in the appropriate module(s).
• All parts of the code (such as zod schemas in app/drizzle/schema.ts and UI components) that depend on complete element definitions are updated accordingly.

app/src/layout/Clan.tsx (2)

798-807: Well-implemented mutation function.

The instantJoinAndLead mutation is properly structured with appropriate cache invalidation for user profile and clan data after successful operations. It also includes proper redirection to the clan hall page.

---

1160-1175: Good security enhancement using role-based access control.

Replacing the previous condition with canEditClans(userData.role) ensures that only users with proper administrative permissions can perform this action. The confirmation dialog is well designed with clear messaging about the action being taken.

This implementation addresses the urgent issue mentioned in the PR objectives regarding bad actors taking control of clans. The ability for administrators to instantly take leadership will help safeguard clan communities.

[github-actions]

📦 Next.js Bundle Analysis for tnr

This analysis was generated by the Next.js Bundle Analysis action. 🤖

⚠️ Global Bundle Size Increased

Page	Size (compressed)
global	92.63 KB (🟡 +2 B)

Details

The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f3a6332 and 2a13628.

📒 Files selected for processing (2)

• app/drizzle/constants.ts (2 hunks)
• app/src/layout/ElementImage.tsx (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: analyze
• GitHub Check: build-test
• GitHub Check: Analyze (javascript)

🔇 Additional comments (3)

app/src/layout/ElementImage.tsx (2)

37-37: New element constant added.

The IMG_ELEMENT_BOIL constant is correctly imported from the constants file to support the new Boil element.

---

87-88: New element case handled in switch statement.

A case for the "Boil" element has been added to the getElementImg function, which correctly returns the imported IMG_ELEMENT_BOIL constant. This follows the same pattern used for other elements.

app/drizzle/constants.ts (1)

361-361: Added "Boil" to ElementNames array.

"Boil" has been correctly added to the ElementNames array, which defines the available element types in the application. The placement is logical and consistent with the existing array structure.

[github-actions]

📦 Next.js Bundle Analysis for tnr

This analysis was generated by the Next.js Bundle Analysis action. 🤖

⚠️ Global Bundle Size Increased

Page	Size (compressed)
global	92.63 KB (🟡 +2 B)

Details

The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!

[MathiasGruber]

We should avoid using transactions on the database; they work with planetscale, but I've consistently experienced when we introduce transactions we also start seeing deadlocks popping up. As for this specific case, I think simply putting the two transactions into a Promise.all is fine :)

[MathiasGruber]

Uploadthing url: https://ui0arpl8sm.ufs.sh/f/Hzww9EQvYURJ5qAGAlo797jl4ubX8xrRqTZasyMp2WA5eLGU

[MathiasGruber]

Also add to assets/elements/ folder for future recoverability :)