fix(pathSupport): fix the permission check for path support of agent api

[naSim087]

Description

earlier when in agent Integration we add a collection and use the consumer api with path , it was giving access denied,
fix now it checks correctly and allow user to select collection in agent integration and use the agent consumer api.

Testing

Additional Notes

Summary by CodeRabbit

• Bug Fixes

  • Fixed item type classification so collections, folders, and files are identified and handled correctly.

• Improvements

  • Expanded search/index resolution to return more complete results across collections, folders, and files.
  • Improved backend lookup and error handling to reduce failures and ensure more consistent retrieval of related items.

[gemini-code-assist]

Summary of Changes

Hello @naSim087, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical access denied issue within the agent API's path support when integrating collections. Previously, users encountered permission errors when attempting to select collections and utilize the consumer API. The changes refactor the item ID processing logic to correctly differentiate between collections, folders, and files, ensuring that the system accurately identifies and retrieves the necessary Vespa document IDs for all item types, thereby resolving the access restrictions and enabling proper functionality.

Highlights

• Enhanced Permission Check Logic: The system now correctly distinguishes between collection, folder, and file IDs when processing prefixed item IDs, resolving an 'access denied' error for agent API path support.
• Improved Item Type Retrieval: The getAllCollectionAndFolderItems function has been updated to explicitly retrieve the type of collection items (folder/file), ensuring accurate processing of children.
• Dedicated Collection Vespa ID Retrieval: A new utility function, getCollectionVespaIds, has been introduced to specifically fetch Vespa document IDs for collections, streamlining the permission and access flow.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

The diff updates collection/folder item resolution and Vespa ID aggregation: roots queries now return id and type and split into folder/file IDs; search utilities add collection-to-Vespa lookup and refactor prefixed-ID resolution to expand collections, folders/files, and their children into a combined Vespa ID list.

Changes

Cohort / File(s)	Summary
Knowledge base queries server/db/knowledgeBase.ts	getAllCollectionAndFolderItems now selects { id, type } for roots and categorizes results into folderIds and fileIds based on type instead of collecting IDs uniformly.
Search utilities server/search/utils.ts	Added getCollectionVespaIds(collectionDbIds: string[]): Promise<string[]>. Refactored getVespaIdsFromPrefixedItemIds to parse prefixes (collections vs folder/file IDs), resolve collection DB IDs to Vespa IDs, clean/resolve folder/file IDs, call getAllCollectionAndFolderItems to obtain child fileIds/folderIds, then fetch and aggregate Vespa IDs for collections, folder/files, and their children. Expanded imports to include collections and drizzle helpers; added defensive error handling returning empty arrays on failures.

Sequence Diagram(s)

sequenceDiagram
    participant Caller
    participant Resolver as getVespaIdsFromPrefixedItemIds
    participant ColResolver as getCollectionVespaIds
    participant FileResolver as getCollectionFoldersItemIds
    participant Kids as getAllCollectionAndFolderItems
    participant DB

    Caller->>Resolver: prefixed item IDs
    Note over Resolver: parse prefixes → collectionIds vs folderFileIds

    Resolver->>ColResolver: collection DB IDs
    ColResolver->>DB: select vespaDocId where deletedAt IS NULL
    DB-->>ColResolver: collection vespa IDs
    ColResolver-->>Resolver: collection vespa IDs

    Resolver->>FileResolver: folder/file DB IDs
    FileResolver->>DB: select vespaDocId for given IDs
    DB-->>FileResolver: folder/file vespa IDs
    FileResolver-->>Resolver: folder/file vespa IDs

    rect rgb(230,245,240)
    Note over Resolver,Kids: fetch children for folders/files (new)
    Resolver->>Kids: roots (folder/file IDs)
    Kids->>DB: select id, type for roots
    DB-->>Kids: roots with {id, type}
    Kids-->>Resolver: {fileIds, folderIds}
    end

    Resolver->>DB: fetch vespa IDs for child fileIds/folderIds
    DB-->>Resolver: child vespa IDs

    Resolver-->>Caller: aggregated vespa IDs

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• fix(agentApiPathSupport): integrate RAG for path-based source passing #956 — Directly touches the same knowledgeBase and search utility flows (folder/file classification and prefixed ID → Vespa ID resolution).

Suggested reviewers

• zereraz
• shivamashtikar
• kalpadhwaryu
• devesh-juspay

Poem

🐰 I hopped through roots and tidied the trail,

IDs sorted from clumps down to tail.
Collections, folders, files in a row,
Vespa IDs gathered, ready to go—
A carrot for code, then off I sail! 🥕

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title Check	⚠️ Warning	The provided title refers to fixing a permissions check for path support in the agent API, but the diff shows changes to collection/folder item classification and vespa ID resolution in search utilities and the knowledge base, with no pathSupport or permission check modifications. This mismatch indicates the title does not summarize the actual changes.	Please update the PR title to accurately reflect the refactoring of getAllCollectionAndFolderItems to categorize items by type and the enhancements to getVespaIdsFromPrefixedItemIds in the search utils.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/pathSupport

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6e0c3d0 and 105280c.

📒 Files selected for processing (1)

• server/db/knowledgeBase.ts (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• server/db/knowledgeBase.ts

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request addresses an access denied issue in the agent integration when using the consumer API with a path. The fix involves correctly checking permissions, allowing users to select collections in agent integration and use the agent consumer API. The changes include modifications to knowledgeBase.ts and utils.ts to improve permission checks and Vespa ID retrieval.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

server/db/knowledgeBase.ts (1)

611-611: Root item classification adds needed precision; dedup to avoid duplicates

Selecting type and pushing roots into folderIds/fileIds is correct. However, combined with BFS and multi-seed inputs, this can accumulate duplicates and cause redundant lookups downstream. Dedup before returning (or track visited) to prevent double-counting and reduce I/O.

You can dedup at the end without altering traversal:

// before return
const uniqueFileIds = Array.from(new Set(fileIds))
const uniqueFolderIds = Array.from(new Set(folderIds))
return { fileIds: uniqueFileIds, folderIds: uniqueFolderIds }

Optionally, track visited to skip re-processing:

const visited = new Set<string>()
// when dequeuing
if (visited.has(itemId)) continue
visited.add(itemId)

Also applies to: 621-624

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 066b844 and 27c785f.

📒 Files selected for processing (2)

• server/db/knowledgeBase.ts (2 hunks)
• server/search/utils.ts (3 hunks)

🧰 Additional context used

🧬 Code graph analysis (2)

server/db/knowledgeBase.ts (1)

server/db/schema/knowledgeBase.ts (1)

• collectionItems (69-140)

server/search/utils.ts (3)

server/db/connector.ts (1)

• db (3-3)

server/db/schema/knowledgeBase.ts (1)

• collections (20-66)

server/db/knowledgeBase.ts (3)

• getCollectionFoldersItemIds (791-813)
• getAllCollectionAndFolderItems (590-685)
• getCollectionFilesVespaIds (734-756)

🔇 Additional comments (2)

server/search/utils.ts (2)

46-49: No-op formatting change

No functional impact.

Also applies to: 52-52, 57-57

---

76-97: Helper to fetch collection vespa IDs looks good

Query filters soft-deleted rows and returns clean string array. LGTM.