AI Review Center
Commit Review Workspace ?
Select a commit on the left to inspect quality, security, business value, findings, and suggested code changes.
Project AI Score
?
62%
Quality Avg
?
63%
Security Avg
?
59%
Reviews
?
92
Review Result ?
solutionbowl/bet-service · 507ca0ea
The commit adds user betting block checks in the bet and multiBet controllers to prevent blocked users from placing bets. The approach is consistent and reuses an ensureBettingAllowed function. However, the duplication of the function in two files is a maintainability concern. Error handling for missing users and blocked status is clear, improving user experience and business logic enforcement. Security is improved by enforcing betting blocks, but there's no input validation or rate limiting visible here.
Quality
?
80%
Security
?
70%
Business Value
?
90%
Maintainability
?
80%
Issues & Suggested Fixes
?
1AI detects the issue
2Shows file, line, or evidence
3Suggests the fix to apply
Duplicate Logic
Where
src/controllers/bet.controller.js:14
Issue / Evidence
duplication of ensureBettingAllowed function
Suggested Fix
extract the function into a shared utility module and import it in both controllers to reduce code duplication and improve maintainability
Duplicate Logic
Where
src/controllers/multiBet.controller.js:13
Issue / Evidence
duplication of ensureBettingAllowed function
Suggested Fix
extract the function into a shared utility module and import it in both controllers to reduce code duplication and improve maintainability
Missing Validation
Where
src/controllers/bet.controller.js:15
Issue / Evidence
no input validation on userId
Suggested Fix
validate and sanitize userId to reduce potential injection or errors
Missing Validation
Where
src/controllers/multiBet.controller.js:14
Issue / Evidence
no input validation on userId
Suggested Fix
validate and sanitize userId to reduce potential injection or errors
Vague Description
Where
commit message
Issue / Evidence
vague description
Suggested Fix
improve commit message to clearly describe the feature and its purpose (e.g., 'Add user betting block checks to bet and multiBet controllers')
Code Change Preview · src/controllers/bet.controller.js
?
Removed / Before Commit
- diff --git a/src/controllers/bet.controller.js b/src/controllers/bet.controller.js - index 1a64a29..5511e17 100644 - const Ledger = require("../models/Ledger"); - const mongoose = require("mongoose"); - const Wallet = require("../models/Wallet"); - const { emitRaceOdds, emitBalanceUpdate } = require("../utils/socketClient"); - const Exposure = require("../models/Exposure"); - const { getTenantExposure, mergeExposure } = require("../utils/exposureHelper"); - const HorseRace = require("../models/HorseRace"); - const { getHierarchyIds } = require("../services/hierarchyService"); - - const recalculatePlacesExposure = async ({ - user_id, - tenant_id, - const tenant = req.tenant; - const user_id = req.user.userId; - const tenant_id = tenant ? tenant._id : null; -
Added / After Commit
+ diff --git a/src/controllers/bet.controller.js b/src/controllers/bet.controller.js + index 1a64a29..5511e17 100644 + const Ledger = require("../models/Ledger"); + const mongoose = require("mongoose"); + const Wallet = require("../models/Wallet"); + const User = require("../models/User"); + const { emitRaceOdds, emitBalanceUpdate } = require("../utils/socketClient"); + const Exposure = require("../models/Exposure"); + const { getTenantExposure, mergeExposure } = require("../utils/exposureHelper"); + const HorseRace = require("../models/HorseRace"); + const { getHierarchyIds } = require("../services/hierarchyService"); + + const ensureBettingAllowed = async (userId) => { + const user = await User.findById(userId).lean(); + + if (!user) { + return { allowed: false, statusCode: 404, message: "User not found" }; + }
Removed / Before Commit
- diff --git a/src/controllers/multiBet.controller.js b/src/controllers/multiBet.controller.js - index 21217e1..db0848d 100644 - const HorseRace = require("../models/HorseRace"); - const Ledger = require("../models/Ledger"); - const Wallet = require("../models/Wallet"); - const mongoose = require("mongoose"); - const { getHierarchyIds } = require("../services/hierarchyService"); - const { emitBalanceUpdate } = require("../utils/socketClient"); - const { calculateMultiBetExposures, updateExposuresAfterLegWin, clearMultiBetExposures } = require("../utils/multiBetExposure"); - - /** - * Place Multi-Bet (DOUBLE/TRIPLE) - * POST /api/bets/place-multi-bet - const tenant = req.tenant; - const user_id = req.user.userId; - const tenant_id = tenant ? tenant._id : null; - const { selections, stake } = req.body; -
Added / After Commit
+ diff --git a/src/controllers/multiBet.controller.js b/src/controllers/multiBet.controller.js + index 21217e1..db0848d 100644 + const HorseRace = require("../models/HorseRace"); + const Ledger = require("../models/Ledger"); + const Wallet = require("../models/Wallet"); + const User = require("../models/User"); + const mongoose = require("mongoose"); + const { getHierarchyIds } = require("../services/hierarchyService"); + const { emitBalanceUpdate } = require("../utils/socketClient"); + const { calculateMultiBetExposures, updateExposuresAfterLegWin, clearMultiBetExposures } = require("../utils/multiBetExposure"); + + const ensureBettingAllowed = async (userId) => { + const user = await User.findById(userId).lean(); + + if (!user) { + return { allowed: false, statusCode: 404, message: "User not found" }; + } +