fix: sync Salesforce project links#716
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2c139f22b5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| where provider='salesforce' | ||
| and status in ('connected','degraded') | ||
| and (external_id=$1 or metadata->>'orgId'=$1 or metadata->>'organizationId'=$1) | ||
| order by connected_at desc |
There was a problem hiding this comment.
When the same Salesforce org is installed in more than one Exponential workspace, this resolver ignores any workspace slug/integration id and selects only by org id, ordered by the latest connection. A signed case action from one workspace can therefore search, create, or link issues/projects in whichever workspace connected that Salesforce org most recently; the action payload needs to carry and filter by a workspace/integration identifier.
Useful? React with 👍 / 👎.
| "issueId": after.ID, | ||
| "identifier": after.Identifier, | ||
| "priority": after.Priority, | ||
| "issueUrl": strings.TrimRight(configuredIssueAppURL(), "/") + "/team/" + url.PathEscape(link.TeamKey) + "/issue/" + url.PathEscape(after.Identifier), |
There was a problem hiding this comment.
When only project_id changes on a Salesforce-linked issue, projectChanged makes this path enqueue a job, but the payload still has no projectUrl. Since salesforceCasePatchBody only writes the Salesforce project custom field from projectUrl, assigning or moving the issue to a project leaves the Case's project URL blank/stale until a separate project link or project status/priority edit happens.
Useful? React with 👍 / 👎.
| if got := setupRequirement("zendesk"); got != nil { | ||
| t.Fatalf("zendesk should be configurable from admin setup, got %#v", got) |
There was a problem hiding this comment.
This newly added assertion now fails because setupRequirement("zendesk") still returns a configuration_required object in handler.go, so the integrations Go test suite will fail in CI once the Go toolchain is available. Either update setupRequirement to allow the admin Zendesk setup flow or adjust this expectation.
Useful? React with 👍 / 👎.
|
Controller disposition for current head Evidence:
Required before merge: rebuild/rebase this branch onto current |
…from code review - Validate fetchSalesforceUserInfo endpoint against salesforceOAuthBaseURL() before making the outbound HTTP request to prevent SSRF via a crafted token.ID in the OAuth response. - Remove the Authorization: Bearer fallback in salesforceSignedAction so HMAC signature verification is mandatory for every request; no static secret bypass is accepted. - Move HTTP status checks before json.Decode in exchangeSalesforceOAuth and fetchSalesforceUserInfo; include response body in error messages so non-2xx failures are surfaced accurately. - Assign getSalesforceSourceLink(event) to a const in the render path of issue-detail-view.tsx to avoid calling the function twice per render. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
jaeyunha
force-pushed
the
issue-578-p2-salesforce-link-cases-to-issues
branch
from
2c139f2 to
82613fc
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 82613fc9ca
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| problem.Write(w, 500, "Update issue failed", err.Error()) | ||
| return | ||
| } | ||
| if err := h.queueSalesforceAutomations(r.Context(), tx, p.WorkspaceID, existing, updated); err != nil { |
There was a problem hiding this comment.
For Salesforce-linked issues, queueSalesforceAutomations already runs immediately above this block; this second call walks the same links and blindly inserts another provider_job for each one. When a user changes an issue's status, priority, or project, the worker will PATCH the same Salesforce Case twice and record duplicate jobs/events, so the repeated call should be removed.
Useful? React with 👍 / 👎.
|
Controller disposition for current head Current blocker:
Required before merge: either narrow this PR so it no longer claims to close #578, or extend it to cover the remaining #578 acceptance contract with focused Go/OpenAPI/SDK/web tests and mocked Playwright coverage. |
1 participant
Summary
Verification