Feature/entities

[FionaSprinkles]

Initial entity model

Adds core entities for the whistleblower ticket system:

• Ticket
• SystemUser
• TicketComment
• Attachment
• AuditLog

Additional changes

• Added Spring Data JPA dependency
• Added README with small project description
• Updated .gitignore and removed IntelliJ project files
• Added placeholder .jte file for CI build

Summary by CodeRabbit

• Documentation

  • Added project README with system overview and features description.

• Chores

  • Removed IDE configuration files from version control.
  • Expanded .gitignore to cover environment files, logs, and temporary artifacts.
  • Added Spring Data JPA dependency for data persistence functionality.
  • Initialized infrastructure supporting data model layer.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR establishes the foundation of an ALFS Whistleblower Ticket System project by introducing five core JPA entity classes (Ticket, Attachment, AuditLog, SystemUser, TicketComment), adding Spring Data JPA dependency, removing IDE-specific configuration files, and initializing project documentation.

Changes

Cohort / File(s)	Summary
IDE Configuration Cleanup .idea/.gitignore, .idea/misc.xml, .idea/modules.xml, .idea/project-backend-alfs.iml, .idea/vcs.xml	Removed IntelliJ IDEA project configuration files, workspace metadata, module mappings, and VCS settings from version control.
Project Setup .gitignore, README.md	Added .gitignore with entries for environment files, logs, OS artifacts, temporary directories, and secrets; added project README describing the ALFS Whistleblower Ticket System features.
Maven Configuration pom.xml	Added org.springframework.boot:spring-boot-starter-data-jpa dependency to enable Spring Data JPA functionality.
JPA Entity Definitions src/main/java/org/example/alfs/entities/Ticket.java, src/main/java/org/example/alfs/entities/Attachment.java, src/main/java/org/example/alfs/entities/AuditLog.java, src/main/java/org/example/alfs/entities/SystemUser.java, src/main/java/org/example/alfs/entities/TicketComment.java	Added five new JPA entity classes with @PrePersist lifecycle callbacks, relational mappings (@ManyToOne, @OneToMany), and Lombok-generated boilerplate. Entities model whistleblower tickets, attachments, audit logs, system users, and ticket comments with appropriate persistence annotations.
Template Placeholder src/main/jte/placeholder.jte	Added JTE template placeholder file for CI testing purposes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~20 minutes

Poem

🐰 Five entities hop into view,
With JPA annotations sprinkled through,
Tickets whistle, logs audit true,
Spring Data JPA's on the menu—
The ALFS system takes shape anew! 🎫✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title "Feature/entities" is vague and generic, using a branch name-like format that doesn't clearly convey what the pull request does beyond a generic feature prefix.	Revise the title to clearly describe the main change, such as "Add initial entity model for whistleblower ticket system" or "Implement core JPA entities for ticket management system".

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/entities

⚔️ Resolve merge conflicts

• Resolve merge conflict in branch feature/entities

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (5)

src/main/java/org/example/alfs/entities/SystemUser.java (1)

23-26: Security consideration: Ensure passwords are hashed before persistence.

For a whistleblower system handling sensitive data, ensure the service layer hashes passwords (e.g., with BCrypt via Spring Security's PasswordEncoder) before saving. The entity field itself is fine, but plain-text storage would be a critical vulnerability.

Additionally, consider using an enum for role instead of String to prevent typos and provide compile-time safety.

💡 Optional: Use enum for role

public enum UserRole {
    ADMIN, INVESTIGATOR, VIEWER
}

// In SystemUser:
`@Enumerated`(EnumType.STRING)
private UserRole role;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/main/java/org/example/alfs/entities/SystemUser.java` around lines 23 -
26, The SystemUser entity currently stores a plain-text password in the password
field and uses a String for role; before persisting, ensure passwords are hashed
using a PasswordEncoder (e.g., inject Spring Security's PasswordEncoder in the
service that saves SystemUser and call encoder.encode(password) in the
create/update methods) so the password field never stores raw text, and replace
the String role with a typed enum (e.g., UserRole) annotated with
`@Enumerated`(EnumType.STRING) in SystemUser to enforce compile-time role safety
and avoid typos.

src/main/java/org/example/alfs/entities/Ticket.java (2)

42-43: Field naming: attachment should be attachments.

The field is a List<Attachment> but named singular. For clarity and convention, use plural naming for collection fields.

Also consider adding cascade and orphanRemoval to manage the attachment lifecycle with the ticket.

💡 Proposed change

-    `@OneToMany`(mappedBy = "ticket")
-    private List<Attachment> attachment;
+    `@OneToMany`(mappedBy = "ticket", cascade = CascadeType.ALL, orphanRemoval = true)
+    private List<Attachment> attachments;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/main/java/org/example/alfs/entities/Ticket.java` around lines 42 - 43,
Rename the Ticket entity's collection field from "attachment" to "attachments"
and update its accessor methods (getAttachment/getAttachments,
setAttachment/setAttachments or corresponding references) to match; modify the
`@OneToMany`( mappedBy = "ticket") declaration on the Ticket class to include
cascade = CascadeType.ALL and orphanRemoval = true so Attachment lifecycle
follows Ticket, and update any usages (constructors, DTO mappings, repository
queries, serialization) and the Attachment entity if it references the field
name to ensure all references compile.

---

32-34: Consider using an enum for status and securing reporterToken.

• status as String allows arbitrary values. An enum (e.g., NEW, IN_PROGRESS, RESOLVED, CLOSED) provides type safety.
• reporterToken is security-sensitive for anonymous access. Consider adding a unique constraint and ensuring it's generated securely (e.g., UUID or cryptographically random token).

💡 Example enum for status

public enum TicketStatus {
    NEW, IN_PROGRESS, UNDER_INVESTIGATION, RESOLVED, CLOSED
}

// In Ticket:
`@Enumerated`(EnumType.STRING)
private TicketStatus status;

`@Column`(unique = true)
private String reporterToken;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/main/java/org/example/alfs/entities/Ticket.java` around lines 32 - 34,
Convert the loose String fields in the Ticket entity into safer, typed and
constrained fields: replace the String status with a TicketStatus enum (define
enum TicketStatus { NEW, IN_PROGRESS, UNDER_INVESTIGATION, RESOLVED, CLOSED }
and annotate the Ticket.status with `@Enumerated`(EnumType.STRING) to persist
names), and secure reporterToken by adding a uniqueness constraint (e.g.,
`@Column`(unique = true)) and ensure tokens are generated securely when creating
tickets (use UUID.randomUUID() or a cryptographically secure random token
generator in the Ticket factory/constructor or repository before persisting).

src/main/java/org/example/alfs/entities/AuditLog.java (1)

30-32: Consider column length constraints for audit value fields.

oldValue and newValue store arbitrary field values which could be lengthy (e.g., description changes). Without @Column(length=...), the default is typically 255 characters, which may truncate data.

💡 Proposed change

+    `@Column`(length = 4000)
     private String oldValue;
 
+    `@Column`(length = 4000)
     private String newValue;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/main/java/org/example/alfs/entities/AuditLog.java` around lines 30 - 32,
AuditLog's String fields oldValue and newValue may be truncated by default
column length; update the AuditLog entity to annotate these fields (oldValue,
newValue) with an appropriate persistence mapping such as `@Column`(length = 2000)
or use `@Lob` (and optional `@Column`) if values can be very large, so the database
will store full values and avoid silent truncation; apply the annotation
directly to the oldValue and newValue fields in the AuditLog class and adjust
length based on expected max size or DB TEXT support.

src/main/java/org/example/alfs/entities/Attachment.java (1)

35-36: Consider specifying FetchType.LAZY for the relationship.

The @ManyToOne defaults to FetchType.EAGER, which loads the parent Ticket every time an Attachment is fetched. For performance, especially when querying many attachments, consider lazy loading.

💡 Proposed change

-    `@ManyToOne`
+    `@ManyToOne`(fetch = FetchType.LAZY)
     private Ticket ticket;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/main/java/org/example/alfs/entities/Attachment.java` around lines 35 -
36, The Attachment entity's `@ManyToOne` relationship on the field ticket defaults
to EAGER fetching; change the annotation on the ticket field in class Attachment
to specify lazy loading (use `@ManyToOne`(fetch = FetchType.LAZY)) and add the
required FetchType import so the Ticket is not always loaded when an Attachment
is fetched.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@README.md`:
- Around line 1-4: The README has a heading level skip: the main title "# The
ALFS Whistleblower Ticket System" is followed by "### A secure case management
system built with Spring Boot for handling whistleblower reports." — change that
"###" to "##" so the secondary heading "A secure case management system built
with Spring Boot for handling whistleblower reports." becomes an H2 (use "##")
to maintain proper document structure and hierarchy.

In `@src/main/java/org/example/alfs/entities/TicketComment.java`:
- Line 28: TicketComment is missing a `@PrePersist` lifecycle callback to populate
the createdAt field; add a private method annotated with `@PrePersist` (e.g.,
prePersist or setCreatedAtIfNull) inside the TicketComment class that sets
createdAt = LocalDateTime.now() when createdAt is null so new TicketComment
instances get an automatic timestamp before being persisted.

---

Nitpick comments:
In `@src/main/java/org/example/alfs/entities/Attachment.java`:
- Around line 35-36: The Attachment entity's `@ManyToOne` relationship on the
field ticket defaults to EAGER fetching; change the annotation on the ticket
field in class Attachment to specify lazy loading (use `@ManyToOne`(fetch =
FetchType.LAZY)) and add the required FetchType import so the Ticket is not
always loaded when an Attachment is fetched.

In `@src/main/java/org/example/alfs/entities/AuditLog.java`:
- Around line 30-32: AuditLog's String fields oldValue and newValue may be
truncated by default column length; update the AuditLog entity to annotate these
fields (oldValue, newValue) with an appropriate persistence mapping such as
`@Column`(length = 2000) or use `@Lob` (and optional `@Column`) if values can be very
large, so the database will store full values and avoid silent truncation; apply
the annotation directly to the oldValue and newValue fields in the AuditLog
class and adjust length based on expected max size or DB TEXT support.

In `@src/main/java/org/example/alfs/entities/SystemUser.java`:
- Around line 23-26: The SystemUser entity currently stores a plain-text
password in the password field and uses a String for role; before persisting,
ensure passwords are hashed using a PasswordEncoder (e.g., inject Spring
Security's PasswordEncoder in the service that saves SystemUser and call
encoder.encode(password) in the create/update methods) so the password field
never stores raw text, and replace the String role with a typed enum (e.g.,
UserRole) annotated with `@Enumerated`(EnumType.STRING) in SystemUser to enforce
compile-time role safety and avoid typos.

In `@src/main/java/org/example/alfs/entities/Ticket.java`:
- Around line 42-43: Rename the Ticket entity's collection field from
"attachment" to "attachments" and update its accessor methods
(getAttachment/getAttachments, setAttachment/setAttachments or corresponding
references) to match; modify the `@OneToMany`( mappedBy = "ticket") declaration on
the Ticket class to include cascade = CascadeType.ALL and orphanRemoval = true
so Attachment lifecycle follows Ticket, and update any usages (constructors, DTO
mappings, repository queries, serialization) and the Attachment entity if it
references the field name to ensure all references compile.
- Around line 32-34: Convert the loose String fields in the Ticket entity into
safer, typed and constrained fields: replace the String status with a
TicketStatus enum (define enum TicketStatus { NEW, IN_PROGRESS,
UNDER_INVESTIGATION, RESOLVED, CLOSED } and annotate the Ticket.status with
`@Enumerated`(EnumType.STRING) to persist names), and secure reporterToken by
adding a uniqueness constraint (e.g., `@Column`(unique = true)) and ensure tokens
are generated securely when creating tickets (use UUID.randomUUID() or a
cryptographically secure random token generator in the Ticket
factory/constructor or repository before persisting).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: fd4b52d8-8c64-48ca-bad3-4be46b38bc57

📥 Commits

Reviewing files that changed from the base of the PR and between d2e89f9 and fd03ed2.

📒 Files selected for processing (14)

• .gitignore
• .idea/.gitignore
• .idea/misc.xml
• .idea/modules.xml
• .idea/project-backend-alfs.iml
• .idea/vcs.xml
• README.md
• pom.xml
• src/main/java/org/example/alfs/entities/Attachment.java
• src/main/java/org/example/alfs/entities/AuditLog.java
• src/main/java/org/example/alfs/entities/SystemUser.java
• src/main/java/org/example/alfs/entities/Ticket.java
• src/main/java/org/example/alfs/entities/TicketComment.java
• src/main/jte/placeholder.jte

💤 Files with no reviewable changes (5)

• .idea/vcs.xml
• .idea/misc.xml
• .idea/modules.xml
• .idea/project-backend-alfs.iml
• .idea/.gitignore

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Heading level skip detected.

Line 3 uses ### (h3) directly after # (h1), skipping h2. For proper document structure, consider using ## instead.

📝 Proposed fix

 # The ALFS Whistleblower Ticket System
 
-### A secure case management system built with Spring Boot for handling whistleblower reports.
+## A secure case management system built with Spring Boot for handling whistleblower reports.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# The ALFS Whistleblower Ticket System
	### A secure case management system built with Spring Boot for handling whistleblower reports.
	The system allows anonymous reporting, secure file uploads, role-based access control, and full audit logging.
	# The ALFS Whistleblower Ticket System
	## A secure case management system built with Spring Boot for handling whistleblower reports.
	The system allows anonymous reporting, secure file uploads, role-based access control, and full audit logging.

🧰 Tools

🪛 markdownlint-cli2 (0.22.0)

[warning] 3-3: Heading levels should only increment by one level at a time
Expected: h2; Actual: h3

(MD001, heading-increment)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@README.md` around lines 1 - 4, The README has a heading level skip: the main
title "# The ALFS Whistleblower Ticket System" is followed by "### A secure case
management system built with Spring Boot for handling whistleblower reports." —
change that "###" to "##" so the secondary heading "A secure case management
system built with Spring Boot for handling whistleblower reports." becomes an H2
(use "##") to maintain proper document structure and hierarchy.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Missing @PrePersist callback for createdAt.

Unlike Ticket, Attachment, and AuditLog, this entity lacks the @PrePersist method to auto-populate createdAt. This will result in null timestamps unless manually set before saving.

🐛 Proposed fix

     private LocalDateTime createdAt;
 
+    `@PrePersist`
+    public void prePersist() {
+        createdAt = LocalDateTime.now();
+    }
+
     `@ManyToOne`
     private Ticket ticket;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	private LocalDateTime createdAt;
	private LocalDateTime createdAt;
	`@PrePersist`
	public void prePersist() {
	createdAt = LocalDateTime.now();
	}
	`@ManyToOne`
	private Ticket ticket;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/main/java/org/example/alfs/entities/TicketComment.java` at line 28,
TicketComment is missing a `@PrePersist` lifecycle callback to populate the
createdAt field; add a private method annotated with `@PrePersist` (e.g.,
prePersist or setCreatedAtIfNull) inside the TicketComment class that sets
createdAt = LocalDateTime.now() when createdAt is null so new TicketComment
instances get an automatic timestamp before being persisted.