feat(condo): DOMA-13192 do not send push message based on appId + messageType + messageData validator

[YEgorLu]

Summary by CodeRabbit

• New Features

  • Push notifications now validate message content against app-specific rules before sending, helping prevent malformed deliveries.

• Bug Fixes

  • Improved VoIP call message delivery so recipients only receive payloads allowed for their app type, with clearer failure reporting when content is invalid.

• Tests

  • Added coverage for multiple-message VoIP delivery scenarios and app-specific routing behavior.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds per-app-id Zod-based push data validation to the push transport's send() function. Validators are built at startup from conf.PUSH_ADAPTER_SETTINGS.pushDataValidatorsByAppId JSON schemas. Tokens failing validation are removed from pushTokens and recorded as failures. A new integration test covers this filtering behavior for VoIP call start messages.

Changes

Per-app Zod push data validation for VoIP

Layer / File(s)	Summary
Push transport Zod validator filtering apps/condo/domains/notification/transports/push.js	Imports zod, builds PUSH_DATA_VALIDATORS_BY_APP_ID at module load from conf.PUSH_ADAPTER_SETTINGS.pushDataValidatorsByAppId by converting JSON schemas with z.fromJSONSchema. In send(), changes pushTokens to let and adds a pre-send filter that calls safeParse(data) per token; failing tokens are dropped, container.failureCount is incremented, and a failure response entry is appended.
VoIP call start message integration test apps/condo/domains/miniapp/schema/SendVoIPCallStartMessageService.spec.js, apps/condo/domains/miniapp/utils/testSchema/index.js	Mocks push adapter settings to register a native-VoIP-only Zod validator (requires voipType: 'sip') for one fixed appId. Sets up fixtures (B2C app, resident org/property, service user with execute permission, message settings). Test syncs remote clients for two appIds, sends native-VoIP and B2C call messages, asserts verified/created/errored counts, polls delivery metadata, and verifies per-message which appIds appear in success vs. failure recipients. prepareVoIPUser is updated to also return userClient.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• open-condo-software/condo#7725: Modifies the VoIP incoming-call payload shape and validators in SendVoIPCallStartMessageService, directly affecting which tokens pass the new safeParse filter in push.js.

Suggested reviewers

• SavelevMatthew
• abshnko

Poem

🐇 Hop, hop! A validator guards the gate,
Each push token checked before it's too late.
Zod parses the data with schemas so keen,
Bad VoIP payloads won't slip past unseen.
Only the worthy shall ring in the call,
The rest get a failure response — that's all! 📵

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly matches the main change: filtering push delivery by appId, message type, and message data validation.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/condo/DOMA-13192/ability-to-validate-push-data-for-specific-remote-clients

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint install failed. For unrecoverable errors, disable the tool in CodeRabbit configuration.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 0dc54267df

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Validate only message meta data against app schemas

When a validator is configured with a strict JSON Schema (for example one produced from a plain z.object(...).toJSONSchema(), which rejects unknown keys), this parses the push transport data object rather than the original message payload. prepareMessageToSend adds transport-only fields such as notificationId, type, and messageCreatedAt to that object, so otherwise valid app payloads fail validation and the token is removed before sending. Validate message.meta.data or strip those transport fields so app validators do not have to be loose.

Useful? React with 👍 / 👎.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@apps/condo/domains/miniapp/schema/SendVoIPCallStartMessageService.spec.js`:
- Around line 163-165: Remove the leftover debug logging from the waitFor
polling in SendVoIPCallStartMessageService.spec.js: the console.error call after
Message.getOne is spamming CI on every retry. Delete that debug statement and
keep the polling logic intact, using the existing Message.getOne/admin waitFor
flow to locate the change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7bc86bb5-ab32-476a-a552-01aed6bd4e19

📥 Commits

Reviewing files that changed from the base of the PR and between dc24678 and 0dc5426.

📒 Files selected for processing (3)

• apps/condo/domains/miniapp/schema/SendVoIPCallStartMessageService.spec.js
• apps/condo/domains/miniapp/utils/testSchema/index.js
• apps/condo/domains/notification/transports/push.js

[coderabbitai]

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Remove leftover debug logging. The console.error('Message', ...) inside the waitFor poll runs on every retry and spams CI output; it looks like a debugging artifact.

🧹 Proposed fix

                         const sentOldNativeMessage = await Message.getOne(admin, { id: messageId })
-                        console.error('Message', JSON.stringify(sentOldNativeMessage, null, 2))
-                        
                         const responses = sentOldNativeMessage.processingMeta.transportsMeta?.[0]?.deliveryMetadata?.responses ?? []

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const sentOldNativeMessage = await Message.getOne(admin, { id: messageId })
	console.error('Message', JSON.stringify(sentOldNativeMessage, null, 2))
	const sentOldNativeMessage = await Message.getOne(admin, { id: messageId })
	const responses = sentOldNativeMessage.processingMeta.transportsMeta?.[0]?.deliveryMetadata?.responses ?? []

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@apps/condo/domains/miniapp/schema/SendVoIPCallStartMessageService.spec.js`
around lines 163 - 165, Remove the leftover debug logging from the waitFor
polling in SendVoIPCallStartMessageService.spec.js: the console.error call after
Message.getOne is spamming CI on every retry. Delete that debug statement and
keep the polling logic intact, using the existing Message.getOne/admin waitFor
flow to locate the change.

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[SavelevMatthew]

lgtm

[abshnko]

👍🏻