Fix settings dialog to integrate with backend

[codegen-sh]

User description

This PR fixes the issue with the settings dialog by adding backend integration for the settings. The changes include:

1. Added a server-side storage mechanism for settings using a local JSON file
2. Created a new API endpoint /api/v1/settings to update settings from the UI
3. Modified the configuration loading to check the local settings file first
4. Updated the UI to send settings to the backend when saving or validating

These changes allow the settings configured in the UI to be used by the backend components, fixing the error "Required configuration 'SUPABASE_URL' not found" that was occurring when the application tried to connect to Supabase.

How it works

1. When a user enters settings in the UI dialog, they are saved both to localStorage (for UI persistence) and sent to the backend API
2. The backend stores these settings in a local JSON file (local_settings.json)
3. The configuration system now checks this file first when looking for configuration values
4. This allows the DatabaseService to find the Supabase URL and API key that were configured in the UI

Security considerations

• The settings are stored in a local file on the server, which is more secure than just localStorage
• However, sensitive credentials are still stored in plaintext, so proper file permissions should be set
• In a production environment, a more secure storage mechanism should be considered

---

💻 View my work • About Codegen

Summary by Sourcery

Integrate the settings UI with the backend, enabling server-side persistence and usage of UI-configured settings.

New Features:

• Add a /api/v1/settings endpoint to save application settings from the UI.
• Introduce server-side storage for settings using a local_settings.json file.

Bug Fixes:

• Resolve issue where backend services failed to load required configurations (e.g., Supabase credentials) entered via the settings dialog.

Enhancements:

• Update the configuration system to load settings from the local JSON file first.
• Modify the settings UI to send configuration values to the new backend endpoint upon saving or validation.

---

PR Type

Enhancement, Bug fix

---

Description

• Add backend API endpoint for updating settings from UI

• Implement server-side storage of settings in a local JSON file

• Prioritize loading configuration from local settings file in backend

• Update UI to send and validate settings via backend API

---

Changes walkthrough 📝

Relevant files

Enhancement

routes.py Add backend API endpoint for updating application settings pr_agent/execserver/api/routes.py Import update_local_settings for backend settings updates Add new POST endpoint /api/v1/settings to update settings from UI Return appropriate status based on update success +20/-1    config.py Implement server-side settings storage and retrieval logic pr_agent/execserver/config.py Add logic to load and update settings from local_settings.json Implement update_local_settings to persist settings to file Modify config retrieval to prioritize local settings file Ensure in-memory settings are updated after file write +58/-0    index.html Update settings UI to sync with backend and improve feedback pr_agent/execserver/ui/static/index.html Update settings dialog to send settings to backend API on save/validate Show success/error messages based on backend response Retain localStorage for UI persistence, but add backend sync Improve error handling and user feedback in settings dialog +62/-7

---

Need help?

Type /help how to ... in the comments thread for any questions about Qodo Merge usage.

Check out the documentation for more information.

[korbit-ai]

By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the /korbit-review command in a comment.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request integrates the settings dialog with the backend. It introduces a new API endpoint for receiving settings, implements server-side storage of settings in a local JSON file, modifies the configuration loading mechanism to prioritize these local settings, and updates the UI to send settings to the backend.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Add a new backend API endpoint to receive and process settings.	Import update_local_settings function. Add a new POST endpoint /api/v1/settings. Implement the endpoint handler to call update_local_settings. Return success or error response based on the update operation.	pr_agent/execserver/api/routes.py
Implement server-side storage and loading of settings using a local JSON file.	Define the path for the local settings file (local_settings.json). Add load_local_settings function to read settings from the JSON file. Initialize a global local_settings variable by loading settings on startup. Add update_local_settings function to update the in-memory settings and write them back to the file.	pr_agent/execserver/config.py
Modify the configuration loading logic to prioritize settings from the local settings file.	Update the get_config function to check the local_settings dictionary before looking at environment variables or defaults.	pr_agent/execserver/config.py
Update the UI's settings dialog to send settings to the new backend endpoint.	Change 'Validate' and 'Save' button event listeners to async functions. Add fetch calls to the /api/api/v1/settings endpoint on button clicks. Send the settings data (GitHub and Supabase credentials) as a JSON payload. Handle responses from the backend, updating the validation message with success or error details. Add basic client-side error handling for fetch operations. Modify the message display logic to keep error messages visible.	pr_agent/execserver/ui/static/index.html

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[korbit-ai]

By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the /korbit-review command in a comment.

[qodo-merge-pro]

PR Reviewer Guide 🔍

(Review updated until commit 25761b7)

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: The implementation stores sensitive credentials (GitHub token, Supabase API key) in a local JSON file in plaintext. While this is mentioned in the PR description as a known limitation, it's worth noting that this approach requires proper file permissions to be set on the server to prevent unauthorized access to these credentials. Additionally, there's no validation or sanitization of the input data before writing it to the file, which could potentially lead to injection attacks if the settings endpoint is accessible to untrusted users.

⚡ Recommended focus areas for review API Path Error The API endpoint URLs in the fetch requests use an incorrect path. They include '/api/api/v1/settings' instead of '/api/v1/settings' which would lead to 404 errors when trying to save or validate settings. const response = await fetch('/api/api/v1/settings', { method: 'POST', Error Handling The update_local_settings function catches all exceptions generically without logging the error details, making debugging difficult if something goes wrong with file operations. except Exception: return False

[qodo-merge-pro]

Qodo Merge was enabled for this repository. To continue using it, please link your Git account with your Qodo account here.

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	✅ Fix incorrect API endpoint The API endpoint URL has an incorrect path with a duplicated 'api' prefix. Based on the backend route definition, the correct endpoint should be '/api/v1/settings' instead of '/api/api/v1/settings'. pr_agent/execserver/ui/static/index.html [817-828] // Send settings to backend for validation -const response = await fetch('/api/api/v1/settings', { +const response = await fetch('/api/v1/settings', { method: 'POST', headers: { 'Content-Type': 'application/json', }, body: JSON.stringify({ 'GITHUB_TOKEN': githubApiKey, 'SUPABASE_URL': supabaseUrl, 'SUPABASE_ANON_KEY': supabaseApiKey }), }); [Suggestion has been applied] Suggestion importance[1-10]: 10 __ Why: This is a critical bug fix. The frontend code is using '/api/api/v1/settings' which has a duplicated 'api' prefix, while the backend route is defined as '/api/v1/settings'. This would cause all API calls to fail, breaking the settings functionality completely.	High
General	Improve error handling The function should handle all potential exceptions when reading the settings file, not just JSONDecodeError. File I/O operations can fail for various reasons (permissions, disk errors, etc.), and these exceptions should be caught to prevent application crashes. pr_agent/execserver/config.py [49-63] def load_local_settings(): """ Load settings from local settings file Returns: Dict containing local settings or empty dict if file doesn't exist """ if LOCAL_SETTINGS_FILE.exists(): try: with open(LOCAL_SETTINGS_FILE, 'r') as f: return json.load(f) - except json.JSONDecodeError: - # If the file is invalid JSON, return empty dict + except (json.JSONDecodeError, IOError, OSError) as e: + # If the file is invalid JSON or can't be read, return empty dict return {} return {} Apply this suggestion Suggestion importance[1-10]: 7 __ Why: This suggestion improves error handling by catching additional exceptions (IOError, OSError) that could occur during file operations. This enhancement prevents potential application crashes when the settings file exists but cannot be read due to permission issues or other I/O errors.	Medium
More

[codiumai-pr-agent-free]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Fix incorrect API endpoint The API endpoint URL has a duplicate 'api/' prefix. The correct endpoint should be '/api/v1/settings' based on the router definition in routes.py. pr_agent/execserver/ui/static/index.html [818] -const response = await fetch('/api/api/v1/settings', { +const response = await fetch('/api/v1/settings', { Apply this suggestion Suggestion importance[1-10]: 9 __ Why: The API endpoint has a duplicate 'api/' prefix which would cause requests to fail. The correct endpoint should be '/api/v1/settings' as defined in routes.py. This is a critical fix that would prevent the settings functionality from working properly.	High
General	✅ Ensure directory exists Consider creating the parent directory for the settings file if it doesn't exist to prevent file write errors in the update_local_settings function. pr_agent/execserver/config.py [46-47] # Path for local settings file LOCAL_SETTINGS_FILE = Path(__file__).parent / "local_settings.json" +LOCAL_SETTINGS_FILE.parent.mkdir(exist_ok=True) [Suggestion has been applied] Suggestion importance[1-10]: 6 __ Why: Creating the parent directory for the settings file is a good defensive programming practice that prevents potential file write errors. While the parent directory likely exists in most cases, this change improves robustness when deploying to new environments.	Low
More

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, codegen-sh[bot]!). We assume it knows what it's doing!

[codiumai-pr-agent-free]

Suggestion: Fix incorrect API endpoint

Suggested change

	// Send settings to backend for validation
	const response = await fetch('/api/api/v1/settings', {
	method: 'POST',
	headers: {
	'Content-Type': 'application/json',
	},
	body: JSON.stringify({
	'GITHUB_TOKEN': githubApiKey,
	'SUPABASE_URL': supabaseUrl,
	'SUPABASE_ANON_KEY': supabaseApiKey
	}),
	});
	// Send settings to backend for validation
	const response = await fetch('/api/v1/settings', {
	method: 'POST',
	headers: {
	'Content-Type': 'application/json',
	},
	body: JSON.stringify({
	'GITHUB_TOKEN': githubApiKey,
	'SUPABASE_URL': supabaseUrl,
	'SUPABASE_ANON_KEY': supabaseApiKey
	}),
	});

[qodo-merge-pro]

Suggestion: Fix incorrect API endpoint

Suggested change

	// Send settings to backend for validation
	const response = await fetch('/api/api/v1/settings', {
	method: 'POST',
	headers: {
	'Content-Type': 'application/json',
	},
	body: JSON.stringify({
	'GITHUB_TOKEN': githubApiKey,
	'SUPABASE_URL': supabaseUrl,
	'SUPABASE_ANON_KEY': supabaseApiKey
	}),
	});
	// Send settings to backend for validation
	const response = await fetch('/api/v1/settings', {
	method: 'POST',
	headers: {
	'Content-Type': 'application/json',
	},
	body: JSON.stringify({
	'GITHUB_TOKEN': githubApiKey,
	'SUPABASE_URL': supabaseUrl,
	'SUPABASE_ANON_KEY': supabaseApiKey
	}),
	});

[codiumai-pr-agent-free]

Suggestion: Ensure directory exists

Suggested change

	# Path for local settings file
	LOCAL_SETTINGS_FILE = Path(__file__).parent / "local_settings.json"
	# Path for local settings file
	LOCAL_SETTINGS_FILE = Path(__file__).parent / "local_settings.json"
	LOCAL_SETTINGS_FILE.parent.mkdir(exist_ok=True)

[qodo-merge-pro]

Suggestion: Ensure directory exists

Suggested change

	# Path for local settings file
	LOCAL_SETTINGS_FILE = Path(__file__).parent / "local_settings.json"
	# Path for local settings file
	LOCAL_SETTINGS_FILE = Path(__file__).parent / "local_settings.json"
	LOCAL_SETTINGS_FILE.parent.mkdir(exist_ok=True)