Skip to content

[IP-11]: Redirect to ivplv2 company dashboard after login#484

Closed
nielsdrost7 wants to merge 4 commits into
developfrom
claude/default-company-dashboard-redirect-wxfk3i
Closed

[IP-11]: Redirect to ivplv2 company dashboard after login#484
nielsdrost7 wants to merge 4 commits into
developfrom
claude/default-company-dashboard-redirect-wxfk3i

Conversation

@nielsdrost7

@nielsdrost7 nielsdrost7 commented Jun 13, 2026

Copy link
Copy Markdown
Collaborator

After authentication, both elevated and regular users are now sent to
the ivplv2 company dashboard. For elevated users the ivplv2 company is
looked up by search_code; for regular users it is preferred from their
attached companies. Both paths fall back gracefully when ivplv2 is absent.

Six PHPUnit tests cover the redirect behaviour across role types and
company attachment scenarios.

Summary by CodeRabbit

  • Bug Fixes

    • Improved tenant selection during login to prefer the designated company code (case-insensitive) with a reliable fallback to the earliest available company; clearer translated error messages on fallback failures.
  • Tests

    • Added comprehensive feature tests validating login redirects for elevated and regular users across scenarios (preferred company present, absent, and multi-company attachments).

    addresses [Core]: Company Switcher #138 [Core]: Login screen #11

Summary by CodeRabbit

  • Bug Fixes

    • Improved login redirection so elevated and regular users are sent to the correct company dashboard more reliably.
    • Added a consistent fallback to the first available company when the preferred company is unavailable.
    • Kept session handling aligned with user type to avoid incorrect company switching after sign-in.
  • Tests

    • Added coverage for elevated and regular user login redirects, including fallback behavior and company preference handling.

After authentication, both elevated and regular users are now sent to
the ivplv2 company dashboard. For elevated users the ivplv2 company is
looked up by search_code; for regular users it is preferred from their
attached companies. Both paths fall back gracefully when ivplv2 is absent.

Six PHPUnit tests cover the redirect behaviour across role types and
company attachment scenarios.

https://claude.ai/code/session_01KVV91ECY14zwgavRm99zPs
coderabbitai[bot]

This comment was marked as outdated.

Fixed 2 file(s) based on 3 unresolved review comments.

Co-authored-by: CodeRabbit <noreply@coderabbit.ai>
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 13, 2026
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 13, 2026
coderabbitai[bot]

This comment was marked as outdated.

Fixed 1 file(s) based on 1 unresolved review comment.

Co-authored-by: CodeRabbit <noreply@coderabbit.ai>
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 14, 2026
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 14, 2026
@InvoicePlane InvoicePlane deleted a comment from coderabbitai Bot Jun 14, 2026
This was linked to issues Jul 3, 2026
@coderabbitai

coderabbitai Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

📝 Walkthrough

Walkthrough

LoginResponse now differentiates elevated and non-elevated users when resolving tenant redirection, preferring a company matching a private DEFAULT_COMPANY_CODE constant (case-insensitive) with fallback to the oldest company. Session assignment and error handling were adjusted, and a new feature test suite validates the redirect behavior.

Changes

Login redirect with default company preference

Layer / File(s) Summary
Tenant selection with DEFAULT_COMPANY_CODE preference
Modules/Core/Filament/Responses/LoginResponse.php
Imports Company, adds private DEFAULT_COMPANY_CODE constant, and splits tenant resolution into elevated vs. non-elevated branches preferring a case-insensitive search_code match with fallback to oldest company; sets session only for non-elevated users and aborts with HTTP 500 using translation keys when no tenant is found.
Login redirect test suite
Modules/Core/Tests/Feature/LoginRedirectTest.php
New feature test class covering elevated (SUPER_ADMIN, ADMIN) and regular (CUSTOMER_ADMIN) user login redirects, including ivplv2 preference and fallback to the first available/attached company.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant LoginResponse
  participant Company
  participant Filament

  User->>LoginResponse: submit login credentials
  LoginResponse->>LoginResponse: check elevated role
  alt elevated user
    LoginResponse->>Company: query search_code = DEFAULT_COMPANY_CODE
    alt found
      Company-->>LoginResponse: return matching company
    else not found
      LoginResponse->>Company: fallback oldest company
      Company-->>LoginResponse: return oldest company
    end
    LoginResponse->>Filament: setTenant(tenant)
  else non-elevated user
    LoginResponse->>Company: query user's companies for search_code match
    alt found
      Company-->>LoginResponse: return matching company
    else not found
      LoginResponse->>Company: fallback oldest user company
      Company-->>LoginResponse: return oldest company
    end
    LoginResponse->>LoginResponse: session(['current_company_id' => tenant->id])
    LoginResponse->>Filament: setTenant(tenant)
  end
Loading

Possibly related PRs

  • InvoicePlane/InvoicePlane-v2#550: Both PRs update Modules/Core/Filament/Responses/LoginResponse.php to fix elevated-user tenant selection preferring DEFAULT_COMPANY_CODE via case-insensitive search_code lookup.
  • InvoicePlane/InvoicePlane-v2#553: Both PRs modify the same LoginResponse::toResponse() tenant selection logic, including the DEFAULT_COMPANY_CODE/ivplv2 behavior.
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 16.67% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change: login redirects to the ivplv2 company dashboard.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch claude/default-company-dashboard-redirect-wxfk3i

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@nielsdrost7 nielsdrost7 changed the title Redirect to ivplv2 company dashboard after login [IP-11]: Redirect to ivplv2 company dashboard after login Jul 3, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Modules/Core/Filament/Responses/LoginResponse.php`:
- Around line 45-46: Remove the unconditional session(['current_company_id' =>
$tenant->id]) and filament()->setTenant($tenant) calls in LoginResponse so the
method respects the existing elevated vs non-elevated branches; keep session
writes only in the non-elevated path and avoid duplicating setTenant after the
branch-specific logic has already finalized tenant state.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d7c94fa0-2278-448d-86ac-c7587bd92fa7

📥 Commits

Reviewing files that changed from the base of the PR and between 388309f and 8cdc147.

📒 Files selected for processing (1)
  • Modules/Core/Filament/Responses/LoginResponse.php

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Inline review comments failed to post. This is likely due to GitHub's internal server error or limits when posting large numbers of comments. If you are seeing this consistently it is likely a permissions issue. Please check "Moderation" -> "Code review limits" under your organization settings.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Modules/Core/Filament/Responses/LoginResponse.php`:
- Around line 45-46: Remove the unconditional session(['current_company_id' =>
$tenant->id]) and filament()->setTenant($tenant) calls in LoginResponse so the
method respects the existing elevated vs non-elevated branches; keep session
writes only in the non-elevated path and avoid duplicating setTenant after the
branch-specific logic has already finalized tenant state.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d7c94fa0-2278-448d-86ac-c7587bd92fa7

📥 Commits

Reviewing files that changed from the base of the PR and between 388309f and 8cdc147.

📒 Files selected for processing (1)
  • Modules/Core/Filament/Responses/LoginResponse.php
🛑 Comments failed to post (1)
Modules/Core/Filament/Responses/LoginResponse.php (1)

45-46: 🗄️ Data Integrity & Integration | 🟠 Major | ⚡ Quick win

Redundant tenant/session writes leak current_company_id for elevated users.

Both branches already finalize their own state: the elevated branch calls filament()->setTenant($tenant) (Line 30) and intentionally omits any session write, while the non-elevated branch sets both the session and tenant (Lines 41–42). Lines 45–46 repeat these unconditionally, which (a) duplicates the setTenant call and (b) writes current_company_id into the session for elevated users too — contradicting the design where session assignment is scoped to non-elevated users only. Removing these lines restores the intended contract.

🔧 Proposed fix
             session(['current_company_id' => $tenant->id]);
             filament()->setTenant($tenant);
         }

-        session(['current_company_id' => $tenant->id]);
-        filament()->setTenant($tenant);
-
         return redirect()->route('filament.company.pages.dashboard', [
             'tenant' => Str::lower($tenant->search_code),
         ]);
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.


🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Modules/Core/Filament/Responses/LoginResponse.php` around lines 45 - 46,
Remove the unconditional session(['current_company_id' => $tenant->id]) and
filament()->setTenant($tenant) calls in LoginResponse so the method respects the
existing elevated vs non-elevated branches; keep session writes only in the
non-elevated path and avoid duplicating setTenant after the branch-specific
logic has already finalized tenant state.

@nielsdrost7 nielsdrost7 marked this pull request as draft July 3, 2026 16:32
@nielsdrost7 nielsdrost7 closed this Jul 3, 2026
@nielsdrost7 nielsdrost7 deleted the claude/default-company-dashboard-redirect-wxfk3i branch July 3, 2026 19:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Core]: Company Switcher [Core]: Login screen

2 participants