Fix UI bugs

[devksingh4]

• Fix org info page being empty on first load for non-admins
• Store currently selected semester for room requests in query parameter

Summary by CodeRabbit

• New Features

  • Authorization now fetches core organization roles alongside app roles for more reliable access control.
  • Semester selections in room requests sync with the browser URL for sharing/bookmarking.

• Performance

  • Organization role cache duration shortened for timelier permission updates.

• Bug Fixes

  • Added null-guards and improved org-role loading to prevent incorrect page states.

• Tests

  • Added end-to-end coverage for editing and persisting Organization Info.

• Chores

  • Terraform provider versions pinned and Makefile targets updated for upgrades.

[coderabbitai]

Walkthrough

Adds a cache-backed accessor getCoreOrgRoles in AuthGuard (cache duration reduced to 30 minutes); updates OrgInfo to fetch core org roles explicitly and await both role sources; syncs semester selection to the URL in RoomRequestLanding; introduces RecursiveRecord typing and a new orgInfo e2e test; updates Makefile to support Terraform upgrade and pins AWS provider to 6.19.0 in qa/prod Terraform configs and lockfiles.

Changes

Cohort / File(s)	Summary
AuthGuard / Cache & API src/ui/components/AuthGuard/index.tsx	Imported OrgRoleDefinition; reduced CACHE_DURATION from 2 hours to 30 minutes; added `export const getCoreOrgRoles(): Promise<OrgRoleDefinition[]
Organization Info Page src/ui/pages/organization/OrgInfo.page.tsx	Removed useAuth usage; added getCoreOrgRoles import and replaced context-based org role access with explicit getCoreOrgRoles call. Now awaits getUserRoles and getCoreOrgRoles, guards for nulls, and changed useEffect dependency from [orgRoles] to [] (run on mount). Maintains ALL_ORG_MANAGER handling and LEAD filtering.
Room Request Landing Page src/ui/pages/roomRequest/RoomRequestLanding.page.tsx	Added URL synchronization for semester selection using useSearchParams; introduced setSemester wrapper to update state and semester query param; initialize semester from URL if valid, otherwise use fallback; updated change handlers to use setSemester.
E2E Test Types tests/e2e/base.ts	Added exported recursive type `export interface RecursiveRecord extends Record<string, any
E2E Test: Org Info tests/e2e/orgInfo.spec.ts	New end-to-end test that updates organization metadata via UI (description, website, optionally adds a link), asserts UI success, then verifies persistence through the organizations API response matching the timestamped values.
Makefile Makefile	Added -upgrade to Terraform init in test_unit for prod; added new upgrade_terraform target that runs terraform init -reconfigure -backend=false -upgrade for qa and prod.
Terraform: Provider Pin & Locks terraform/envs/prod/main.tf, terraform/envs/qa/main.tf, terraform/envs/prod/.terraform.lock.hcl, terraform/envs/qa/.terraform.lock.hcl	Bumped/pinned AWS provider to version 6.19.0 (= 6.19.0); updated corresponding .terraform.lock.hcl files with new provider checksums for 6.19.0.

Sequence Diagrams

sequenceDiagram
    participant User
    participant OrgInfoPage as OrgInfo Page
    participant AuthGuard
    participant Cache

    User->>OrgInfoPage: Mount
    par Fetch roles in parallel
        OrgInfoPage->>AuthGuard: getUserRoles()
        AuthGuard->>Cache: Read appRoles cache (app authCheckRoute)
        Cache-->>AuthGuard: appRoles | miss
        AuthGuard-->>OrgInfoPage: appRoles[] | null
    and
        OrgInfoPage->>AuthGuard: getCoreOrgRoles()
        AuthGuard->>Cache: Read orgRoles cache (core authCheckRoute)
        Cache-->>AuthGuard: orgRoles | miss
        AuthGuard-->>OrgInfoPage: OrgRoleDefinition[] | null
    end
    alt both non-null
        OrgInfoPage->>OrgInfoPage: Determine access (ALL_ORG_MANAGER / LEAD filter)
        OrgInfoPage->>User: Render authorized view
    else any null
        OrgInfoPage->>User: Halt / show authorization error
    end

Loading

sequenceDiagram
    participant User
    participant RoomRequest as RoomRequestLanding
    participant Router as Browser URL

    User->>RoomRequest: Mount
    RoomRequest->>Router: read ?semester
    alt valid semester in URL
        Router-->>RoomRequest: semester value
        RoomRequest->>RoomRequest: set semester state from URL
    else no/invalid semester
        Router-->>RoomRequest: (none)
        RoomRequest->>RoomRequest: set semester state to default next semester
        RoomRequest->>Router: update ?semester=default
    end

    User->>RoomRequest: change semester selection
    RoomRequest->>RoomRequest: setSemester(new)
    RoomRequest->>Router: update ?semester=new
    Router-->>User: URL updated

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~30 minutes

• Inspect async coordination and null-handling between getUserRoles and getCoreOrgRoles in src/ui/pages/organization/OrgInfo.page.tsx.
• Verify cache key/route and session-missing error behaviour for getCoreOrgRoles in src/ui/components/AuthGuard/index.tsx.
• Confirm useEffect dependency change in OrgInfo does not break dynamic updates.
• Check URL parsing/validation and useSearchParams sync logic in src/ui/pages/roomRequest/RoomRequestLanding.page.tsx.
• Review new e2e test (tests/e2e/orgInfo.spec.ts) for flakiness and confirm RecursiveRecord typing in tests/e2e/base.ts.
• Validate Terraform provider pinning and updated lockfile checksums in terraform/envs/* and the new Makefile upgrade_terraform target.

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The pull request title 'Fix UI bugs' is vague and generic, using non-descriptive language that fails to convey meaningful information about the changeset. While the PR objectives do mention fixing the org info page and storing semester selection, the title itself does not reference these specific improvements or provide actionable clarity about what UI bugs are being addressed.	Revise the title to be more specific and descriptive. For example, 'Fix org info page visibility and persist semester selection in URL' would clearly communicate the main changes and help reviewers understand the purpose of the PR at a glance.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dsingh14/fix-ui-papercuts

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 6e76620 and 7479a0c.

📒 Files selected for processing (5)

• Makefile (2 hunks)
• terraform/envs/prod/.terraform.lock.hcl (1 hunks)
• terraform/envs/prod/main.tf (1 hunks)
• terraform/envs/qa/.terraform.lock.hcl (1 hunks)
• terraform/envs/qa/main.tf (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Build Application
• GitHub Check: Run Unit Tests

🔇 Additional comments (6)

terraform/envs/prod/main.tf (1)

5-5: Verify intent of exact version pinning.

The AWS provider constraint was changed from ~> 6.18.0 (allows patches) to = 6.19.0 (exact version). While this ensures reproducibility, it requires explicit updates for any future patches or security fixes. Consider whether ~> 6.19.0 would be more appropriate unless exact pinning is a team policy.

terraform/envs/prod/.terraform.lock.hcl (1)

28-51: Lockfile update is appropriate.

The AWS provider hashes have been correctly updated to reflect version 6.19.0. This is an expected auto-generated change that aligns with the version constraint update in main.tf.

Makefile (2)

75-80: Clarify purpose of -upgrade flag in test_unit.

Adding -upgrade to both qa and prod Terraform init commands in the test_unit target is unusual. The -upgrade flag tells Terraform to upgrade provider versions within the constraints, which in routine test runs could cause unexpected behavior or version changes. Typically, -upgrade is reserved for deliberate upgrade workflows (like the new upgrade_terraform target).

Consider whether -upgrade should be removed from test_unit and only used in the explicit upgrade_terraform target, or clarify the intent if this change is intentional.

---

100-102: Approve new upgrade_terraform target.

The addition of a dedicated upgrade_terraform target is good practice and provides a clear, intentional path for upgrading Terraform provider versions across environments.

terraform/envs/qa/main.tf (1)

5-5: Verify exact version pinning intent (consistent with prod).

The AWS provider constraint was changed to = 6.19.0 (exact version) in both qa and prod. While consistency between environments is good, ensure this restrictive pinning strategy aligns with team policy.

terraform/envs/qa/.terraform.lock.hcl (1)

28-51: Lockfile update is appropriate and consistent with prod.

The AWS provider hashes have been correctly updated to reflect version 6.19.0, maintaining parity between qa and prod environments.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

💰 Infracost report

Monthly estimate generated

_{This comment will be updated when code changes.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 400bba9 and ca8c88d.

📒 Files selected for processing (3)

• src/ui/components/AuthGuard/index.tsx (2 hunks)
• src/ui/pages/organization/OrgInfo.page.tsx (2 hunks)
• src/ui/pages/roomRequest/RoomRequestLanding.page.tsx (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Build Application
• GitHub Check: Run Unit Tests

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

tests/e2e/base.ts (1)

7-9: Consider replacing any with unknown for better type safety.

The any type bypasses TypeScript's type checking entirely. For test data structures where the shape may vary, unknown provides safety by requiring explicit type narrowing at usage sites.

Apply this diff to improve type safety:

-export interface RecursiveRecord
-  extends Record<string, any | RecursiveRecord> {}
+export interface RecursiveRecord
+  extends Record<string, unknown> {}

Alternatively, if you need explicit recursive nesting support:

-export interface RecursiveRecord
-  extends Record<string, any | RecursiveRecord> {}
+export interface RecursiveRecord {
+  [key: string]: unknown | RecursiveRecord | RecursiveRecord[];
+}

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between ca8c88d and afbaf48.

📒 Files selected for processing (2)

• tests/e2e/base.ts (2 hunks)
• tests/e2e/orgInfo.spec.ts (1 hunks)

🧰 Additional context used

🪛 ESLint

tests/e2e/orgInfo.spec.ts

[error] 1-1: Resolve error: EACCES: permission denied, open '/dXWFallTck'
at Object.writeFileSync (node:fs:2409:20)
at l (/home/jailuser/git/node_modules/get-tsconfig/dist/index.cjs:7:13685)
at createFilesMatcher (/home/jailuser/git/node_modules/get-tsconfig/dist/index.cjs:7:14437)
at Object.resolve (/home/jailuser/git/node_modules/eslint-import-resolver-typescript/lib/index.cjs:298:107)
at withResolver (/home/jailuser/git/node_modules/eslint-module-utils/resolve.js:180:23)
at fullResolve (/home/jailuser/git/node_modules/eslint-module-utils/resolve.js:201:22)
at relative (/home/jailuser/git/node_modules/eslint-module-utils/resolve.js:217:10)
at resolve (/home/jailuser/git/node_modules/eslint-module-utils/resolve.js:233:12)
at checkFileExtension (/home/jailuser/git/node_modules/eslint-plugin-import/lib/rules/extensions.js:205:53)
at checkSourceValue (/home/jailuser/git/node_modules/eslint-module-utils/moduleVisitor.js:32:5)

(import/extensions)

---

[error] 2-2: Unexpected use of file extension "js" for "./base.js"

(import/extensions)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Run Unit Tests
• GitHub Check: Build Application

🔇 Additional comments (4)

tests/e2e/orgInfo.spec.ts (4)

6-28: LGTM!

The test setup, authentication, navigation, and form population logic is well-structured. The use of ISO timestamps for uniqueness is a good practice for parallel test execution and avoiding data conflicts.

---

29-43: LGTM!

The conditional logic for handling the "Other" link demonstrates good test design—checking for existing state before modification ensures the test is idempotent and won't fail on repeated runs.

---

55-70: LGTM!

The API verification logic is thorough and correctly validates that the UI changes are persisted. The use of RecursiveRecord type assertions aligns with the type changes in base.ts, and the checks for description, website, and links are comprehensive.

---

52-54: Let me re-run the verification with a different approach that doesn't require sha256sum:

Verify whether the date query parameter actually busts cache, or remove it if unnecessary.

CloudFront can cache query parameters separately, but whether this works depends on CloudFront's configuration. If the API ignores unrecognized query parameters, CloudFront may still cache them separately (though the origin returns identical objects). However, S3 origins ignore query parameters entirely, so they don't work as cache busters there.

Since this test calls a backend API endpoint (not S3), cache busting could work if CloudFront is configured to forward and cache based on query parameters. However, without confirmation that the date parameter actually serves a purpose in this test—or that the API uses it—consider whether this parameter is necessary or if it's redundant overhead.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify that API responses contain nested structures.

The return type was broadened from Record<string, string>[] to RecursiveRecord[], allowing nested objects. Ensure this change accurately reflects the actual API response structure.

Run the following script to inspect the actual API response shape:

Also applies to: 82-82

---

🏁 Script executed:

#!/bin/bash
# Fetch sample API responses to verify nested structure

echo "=== Upcoming Events Response ==="
curl -s "https://core.aws.qa.acmuiuc.org/api/v1/events?upcomingOnly=true" | jq 'if type == "array" then .[0] else . end | .. | select(type == "object" or type == "array") | type' | sort | uniq -c

echo -e "\n=== All Events Response ==="
curl -s "https://core.aws.qa.acmuiuc.org/api/v1/events" | jq 'if type == "array" then .[0] else . end | .. | select(type == "object" or type == "array") | type' | sort | uniq -c

Length of output: 95

---

I need to inspect the actual API response structure more directly. Let me gather additional information:

Now let me inspect the codebase to find the RecursiveRecord definition and verify the actual API response:

---

🏁 Script executed:

```shell
#!/bin/bash
# Find RecursiveRecord type definition
rg -n "RecursiveRecord" --type ts --type tsx -B2 -A5

Length of output: 27

---

🏁 Script executed:

#!/bin/bash
# Get actual API response to inspect structure
echo "=== Upcoming Events Response (pretty-printed) ==="
curl -s "https://core.aws.qa.acmuiuc.org/api/v1/events?upcomingOnly=true" | jq '.[0]' 2>/dev/null | head -50

echo -e "\n=== Response type info ==="
curl -s "https://core.aws.qa.acmuiuc.org/api/v1/events?upcomingOnly=true" | jq 'type'

Length of output: 361

---

Let me search for the RecursiveRecord definition and check the test file context:

---

🏁 Script executed:

#!/bin/bash
# Find RecursiveRecord type definition (fix file type error)
rg -n "RecursiveRecord" --type ts -B2 -A5

Length of output: 2826

---

🏁 Script executed:

#!/bin/bash
# Check the test file for context around the type change
cat tests/e2e/base.ts | head -100

Length of output: 2793

---

Revert type to more specific definition for events responses.

The events API responses are flat structures containing only primitive values (strings, booleans), not nested objects. The change to RecursiveRecord[] is overly broad and reduces type safety. Use a more specific type like Record<string, string | boolean>[] that accurately reflects the actual API response structure.

🤖 Prompt for AI Agents

In tests/e2e/base.ts around line 77, the return type is overly broad
(RecursiveRecord[]) for events API responses which are flat primitives; change
the type to a specific array of records containing only string or boolean values
by replacing RecursiveRecord[] with Record<string, string | boolean>[] so the
function returns (await data.json()) as Record<string, string | boolean>[] and
restores stricter type safety.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Avoid mixing node:test with Playwright's test framework.

Importing describe from node:test while using Playwright's test fixture can lead to unexpected behavior. Playwright provides its own test organization primitives.

Apply this diff to use Playwright's built-in test organization:

-import { expect } from "@playwright/test";
+import { expect, test } from "@playwright/test";
-import { RecursiveRecord, test } from "./base.js";
+import { RecursiveRecord } from "./base.js";
-import { describe } from "node:test";

-describe("Organization Info Tests", () => {
-  test("A user can update org metadata", async ({ page, becomeUser }) => {
+test.describe("Organization Info Tests", () => {
+  test("A user can update org metadata", async ({ page, becomeUser }) => {

Or simply remove describe if grouping is not essential:

-import { expect } from "@playwright/test";
+import { expect, test } from "@playwright/test";
-import { RecursiveRecord, test } from "./base.js";
+import { RecursiveRecord } from "./base.js";
-import { describe } from "node:test";

-describe("Organization Info Tests", () => {
-  test("A user can update org metadata", async ({ page, becomeUser }) => {
+test("A user can update org metadata", async ({ page, becomeUser }) => {

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In tests/e2e/orgInfo.spec.ts around line 3, the file imports describe from
node:test which conflicts with Playwright's test framework; remove the node:test
import and either use Playwright's test.describe (i.e., import { test } from
'@playwright/test' and call test.describe(...)) or import describe from
'@playwright/test' if you prefer that API, ensuring all test groups use
Playwright primitives consistently.