AI Review Center
Commit Review Workspace ?
Select a commit on the left to inspect quality, security, business value, findings, and suggested code changes.
Project AI Score
?
59%
Quality Avg
?
64%
Security Avg
?
45%
Reviews
?
57
Review Result ?
jattin01/avriti-backend · 8b3bb6df
This commit introduces a new Wishlist feature with well-structured API endpoints and Eloquent model relationships. Validation is properly used and code style is consistent. The AdminCustomerController provides basic CRUD for customers. The wishlist API covers all necessary CRUD operations and provides data formatting. However, the commit message is vague and uninformative. Security could be improved by ensuring authorization checks are in place beyond user identification via request. Minor validation or error handling checks could enhance robustness. The Wishlist formatItem method assumes thumbnail is an array, which could break if data is malformed.
Quality
?
80%
Security
?
60%
Business Value
?
75%
Maintainability
?
80%
Issues & Suggested Fixes
?
1AI detects the issue
2Shows file, line, or evidence
3Suggests the fix to apply
Vague Commit Message
Where
commit message
Issue / Evidence
vague commit message
Suggested Fix
provide a more descriptive and clear commit message explaining what data and APIs were fixed or added
Assumption That Product Thumbnail Is Array
Where
app/Http/Controllers/Api/WishlistController.php:102
Issue / Evidence
assumption that product thumbnail is array
Suggested Fix
add validation or fallback if thumbnail is not an array to prevent runtime errors
Querying With User() >Id For Customer Id
Where
app/Http/Controllers/Api/WishlistController.php:15
Issue / Evidence
querying with user()->id for customer_id
Suggested Fix
verify authorization policies are enforced to secure API endpoints
Missing Validation
Where
app/Http/Controllers/Api/WishlistController.php:59
Issue / Evidence
no try/catch around validation
Suggested Fix
consider adding error handling to return meaningful errors for invalid input
Delete Action
Where
app/Http/Controllers/AdminCustomerController.php:20
Issue / Evidence
delete action
Suggested Fix
consider adding authorization or confirmation to reduce risk of accidental deletion
Code Change Preview · app/Http/Controllers/AdminCustomerController.php
?
Removed / Before Commit
Added / After Commit
+ <?php + + namespace App\Http\Controllers; + + use App\Models\Customer; + use Illuminate\Http\RedirectResponse; + use Illuminate\Http\Request; + use Illuminate\View\View; + + class AdminCustomerController extends Controller + { + public function index(): View + { + $customers = Customer::latest()->get(); + + return view('admin.customers', compact('customers')); + } +
Removed / Before Commit
- $request->validate([ - 'full_name' => ['required', 'string', 'max:150'], - 'email' => ['required', 'email', 'unique:customers,email'], - 'phone' => ['nullable', 'string', 'max:20'], - 'password' => ['required', 'string', 'min:8'], - ]); - - 'success' => true, - 'message' => 'Login successful.', - 'token' => $customer->createToken('customer-token')->plainTextToken, - 'customer' => ['id' => $customer->id, 'full_name' => $customer->full_name, 'email' => $customer->email], - ]); - }
Added / After Commit
+ $request->validate([ + 'full_name' => ['required', 'string', 'max:150'], + 'email' => ['required', 'email', 'unique:customers,email'], + 'phone' => ['required', 'string', 'max:20'], + 'password' => ['required', 'string', 'min:8'], + ]); + + 'success' => true, + 'message' => 'Login successful.', + 'token' => $customer->createToken('customer-token')->plainTextToken, + 'customer' => [ + 'id' => $customer->id, + 'full_name' => $customer->full_name, + 'email' => $customer->email, + 'phone' => $customer->phone, + ], + ]); + }
Removed / Before Commit
- 'product_image' => $imageUrl, - ]; - })->values(), - 'created_at' => $order->created_at?->toDateTimeString(), - ]; - } - }
Added / After Commit
+ 'product_image' => $imageUrl, + ]; + })->values(), + 'created_at' => $order->created_at?->toISOString(), + ]; + } + }
Removed / Before Commit
Added / After Commit
+ <?php + + namespace App\Http\Controllers\Api; + + use App\Http\Controllers\Controller; + use App\Models\Product; + use App\Models\Wishlist; + use Illuminate\Http\JsonResponse; + use Illuminate\Http\Request; + + class WishlistController extends Controller + { + public function index(Request $request): JsonResponse + { + $items = Wishlist::with('product.variant', 'product.category') + ->where('customer_id', $request->user()->id) + ->latest() + ->get()
Removed / Before Commit
Added / After Commit
+ <?php + + namespace App\Models; + + use Illuminate\Database\Eloquent\Model; + use Illuminate\Database\Eloquent\Relations\BelongsTo; + + class Wishlist extends Model + { + protected $fillable = [ + 'customer_id', + 'product_id', + 'attribute_name', + 'attribute_value', + ]; + + public function product(): BelongsTo + {
Removed / Before Commit
Added / After Commit
+ <?php + + use Illuminate\Database\Migrations\Migration; + use Illuminate\Database\Schema\Blueprint; + use Illuminate\Support\Facades\Schema; + + return new class extends Migration + { + public function up(): void + { + Schema::create('wishlists', function (Blueprint $table) { + $table->id(); + $table->foreignId('customer_id')->constrained('customers')->onDelete('cascade'); + $table->foreignId('product_id')->constrained('products')->onDelete('cascade'); + $table->string('attribute_name')->nullable(); + $table->string('attribute_value')->nullable(); + $table->timestamps(); +
Removed / Before Commit
Added / After Commit
+ @extends('layouts.app') + + @section('title', 'Customers | Avriti Dashboard') + @section('content') + + <div class="mb-6 flex flex-col gap-4 sm:flex-row sm:items-center sm:justify-between"> + <div> + <h1 class="text-2xl font-semibold text-[#0b3dba]">Customers List</h1> + </div> + </div> + + @if (session('success')) + <div class="mb-6 rounded-2xl border border-emerald-200 bg-emerald-50 px-4 py-3 text-sm font-semibold text-emerald-700"> + {{ session('success') }} + </div> + @endif + + <div class="overflow-hidden rounded-[32px] bg-white shadow-sm">
Removed / Before Commit
- Users List - </a> - - <a href="{{ route('profile') }}" class="flex items-center gap-3 px-3 py-2.5 rounded-xl {{ request()->routeIs('profile') ? $activeClass : $inactiveClass }}"> - <i class="fa-solid fa-address-book"></i> - Profile
Added / After Commit
+ Users List + </a> + + <a href="{{ route('customers.index') }}" class="flex items-center gap-3 px-3 py-2.5 rounded-xl {{ request()->routeIs('customers.*') ? $activeClass : $inactiveClass }}"> + <i class="fa-solid fa-users"></i> + Customers List + </a> + + <a href="{{ route('profile') }}" class="flex items-center gap-3 px-3 py-2.5 rounded-xl {{ request()->routeIs('profile') ? $activeClass : $inactiveClass }}"> + <i class="fa-solid fa-address-book"></i> + Profile
Removed / Before Commit
- use App\Http\Controllers\Api\ContactController; - use App\Http\Controllers\Api\AddressController; - use App\Http\Controllers\Api\OrderController; - - Route::post('/register', [AuthController::class, 'apiRegister'])->name('api.register'); - Route::post('/login', [AuthController::class, 'apiLogin'])->name('api.login'); - Route::put('/cart/item/{id}', [CartController::class, 'update']); - Route::delete('/cart/item/{id}', [CartController::class, 'remove']); - Route::delete('/cart/clear', [CartController::class, 'clear']); - }); - }); - \ No newline at end of file
Added / After Commit
+ use App\Http\Controllers\Api\ContactController; + use App\Http\Controllers\Api\AddressController; + use App\Http\Controllers\Api\OrderController; + use App\Http\Controllers\Api\WishlistController; + + Route::post('/register', [AuthController::class, 'apiRegister'])->name('api.register'); + Route::post('/login', [AuthController::class, 'apiLogin'])->name('api.login'); + Route::put('/cart/item/{id}', [CartController::class, 'update']); + Route::delete('/cart/item/{id}', [CartController::class, 'remove']); + Route::delete('/cart/clear', [CartController::class, 'clear']); + + Route::get('/wishlist', [WishlistController::class, 'index']); + Route::post('/wishlist', [WishlistController::class, 'store']); + Route::post('/wishlist/toggle', [WishlistController::class, 'toggle']); + Route::delete('/wishlist/{id}', [WishlistController::class, 'destroy']); + }); + \ No newline at end of file + });
Removed / Before Commit
- use App\Http\Controllers\AdminFaqController; - use App\Http\Controllers\AdminContactController; - use App\Http\Controllers\AdminServiceController; - use Illuminate\Support\Facades\Route; - - Route::get('/', function () { - Route::middleware('auth')->group(function (): void { - Route::view('/dashboard', 'admin.dashboard')->name('dashboard'); - Route::get('/users', [AdminUserController::class, 'index'])->name('users.index'); - Route::get('/users/{user}/edit', [AdminUserController::class, 'edit'])->name('users.edit'); - Route::put('/users/{user}', [AdminUserController::class, 'update'])->name('users.update'); - Route::delete('/users/{user}', [AdminUserController::class, 'destroy'])->name('users.destroy');
Added / After Commit
+ use App\Http\Controllers\AdminFaqController; + use App\Http\Controllers\AdminContactController; + use App\Http\Controllers\AdminServiceController; + use App\Http\Controllers\AdminCustomerController; + use Illuminate\Support\Facades\Route; + + Route::get('/', function () { + Route::middleware('auth')->group(function (): void { + Route::view('/dashboard', 'admin.dashboard')->name('dashboard'); + Route::get('/users', [AdminUserController::class, 'index'])->name('users.index'); + Route::get('/customers', [AdminCustomerController::class, 'index'])->name('customers.index'); + Route::delete('/customers/{customer}', [AdminCustomerController::class, 'destroy'])->name('customers.destroy'); + Route::get('/users/{user}/edit', [AdminUserController::class, 'edit'])->name('users.edit'); + Route::put('/users/{user}', [AdminUserController::class, 'update'])->name('users.update'); + Route::delete('/users/{user}', [AdminUserController::class, 'destroy'])->name('users.destroy');