DGI9-593: Perform user swapping during batch invocation.

[adam-vessey]

Alternate approach to #32 , since it was realized that we already do similar things elsewhere.

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • Enhanced error handling and recovery for batch fixity check operations, with improved logging for troubleshooting
  • Increased robustness of fixity operations through better exception handling and graceful error management

[coderabbitai]

📝 Walkthrough

Walkthrough

Admin context switching for fixity operations is introduced, where the admin user (ID 1) is loaded, account context is switched to perform fixity operations, then switched back using a finally block. Error handling added for admin load and view load failures. The batch_size parameter is cast to integer and its public signature relaxed to accept null values.

Changes

Cohort / File(s)	Summary
Admin Context Switching for Fixity Operations src/FixityCheckBatchCheck.php	Adds admin user loading and account context switching wrapping fixity operations with finally-block cleanup. Introduces error handling for admin load and view load failures, per-row exception handling with logging, and batch_size type casting from config/input to integer.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• SUP-6848: Misc fixes #27: Broadens nullable signatures and centralizes switch-back behavior for account context management in the same file, complementing the explicit admin user switching pattern introduced here.

Suggested reviewers

• jordandukart

Poem

🐰 Hops through the fixity fields with admin's might,
Switching contexts left and right,
Finally blocks ensure the path is clear,
Error handling brings us cheer,
Admin ops secure and tight! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: performing user swapping during batch invocation, which aligns with the code modifications adding admin context switching.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/controlled-file-enumeration-via-user-switch

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• JIRA integration encountered authorization issues. Please disconnect and reconnect the integration in the CodeRabbit UI.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In `@src/FixityCheckBatchCheck.php`:
- Around line 134-137: When the admin account fails to load in
FixityCheckBatchCheck (i.e., $admin_user is not an instance of
AccountInterface), set $context['finished'] = TRUE before returning so the batch
runner does not retry indefinitely; update the failure branch that currently
calls $logger->error('Failed to load the admin account to switch.') to also
assign $context['finished'] = TRUE (and then return) so the operation is marked
finished.
- Around line 28-29: build() currently casts the configured batch size to int
which can yield 0 or negative and thus create a limit:0; validate $batch_size
after casting (from SettingsForm::CONFIG_NAME / SettingsForm::BATCH_SIZE or the
passed $batch_size) and enforce a sensible minimum (e.g. if ((int)$batch_size <
1) $batch_size = <default>), ensuring $batch_size is at least 1 before it is
used by FixityCheckBatchCheck::build and any view query.
- Around line 147-150: When the view fails to load in FixityCheckBatchCheck (the
branch where if (!$view) { ... return; }), set $context['finished'] to a
completed value before returning to avoid Drupal batch retries; e.g. assign
$context['finished'] = 1 (or true) and optionally record an error in
$context['results'] (e.g. increment an errors counter or add a message) so the
batch marks the operation finished and the failure is visible in logs; update
the early-return branch that references $view and $logger to perform these
assignments before returning.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Consider adding validation for zero/negative batch_size.

If the config value is missing or invalid, the (int) cast could result in batch_size = 0, which would cause the view to return no results (due to limit: 0) and operations to complete immediately without processing anything.

🛡️ Suggested validation

-    $batch_size = (int) (is_null($batch_size) ? \Drupal::config(SettingsForm::CONFIG_NAME)->get(SettingsForm::BATCH_SIZE) : $batch_size);
+    $batch_size = (int) (is_null($batch_size) ? \Drupal::config(SettingsForm::CONFIG_NAME)->get(SettingsForm::BATCH_SIZE) : $batch_size);
+    if ($batch_size <= 0) {
+      throw new \InvalidArgumentException("Batch size must be a positive integer.");
+    }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	public static function build(?array $fids = NULL, bool $force = FALSE, ?int $batch_size = NULL) {
	$batch_size = is_null($batch_size) ? \Drupal::config(SettingsForm::CONFIG_NAME)->get(SettingsForm::BATCH_SIZE) : $batch_size;
	$batch_size = (int) (is_null($batch_size) ? \Drupal::config(SettingsForm::CONFIG_NAME)->get(SettingsForm::BATCH_SIZE) : $batch_size);
	public static function build(?array $fids = NULL, bool $force = FALSE, ?int $batch_size = NULL) {
	$batch_size = (int) (is_null($batch_size) ? \Drupal::config(SettingsForm::CONFIG_NAME)->get(SettingsForm::BATCH_SIZE) : $batch_size);
	if ($batch_size <= 0) {
	throw new \InvalidArgumentException("Batch size must be a positive integer.");
	}

🤖 Prompt for AI Agents

In `@src/FixityCheckBatchCheck.php` around lines 28 - 29, build() currently casts
the configured batch size to int which can yield 0 or negative and thus create a
limit:0; validate $batch_size after casting (from SettingsForm::CONFIG_NAME /
SettingsForm::BATCH_SIZE or the passed $batch_size) and enforce a sensible
minimum (e.g. if ((int)$batch_size < 1) $batch_size = <default>), ensuring
$batch_size is at least 1 before it is used by FixityCheckBatchCheck::build and
any view query.

[adam-vessey]

Few fixes that static analysis/my IDE was flagging that caught my attention.

[adam-vessey]

Unsure if this would ever be seen, given oddities with batches run via Drush and logs, but given this may be used outside of Drush, could make sense?

Should be a rare error condition, in any case.

[github-actions]

Tag generated by PR: v1.4.3