Skip to content

feat: refactor UI to use coss + coupons UI#27647

Merged
sean-brydon merged 3 commits intomainfrom
feat/license-key-creation-coupon
Feb 5, 2026
Merged

feat: refactor UI to use coss + coupons UI#27647
sean-brydon merged 3 commits intomainfrom
feat/license-key-creation-coupon

Conversation

@sean-brydon
Copy link
Copy Markdown
Member

@sean-brydon sean-brydon commented Feb 5, 2026
edited by devin-ai-integration bot
Loading

What does this PR do?

Demo: https://www.loom.com/share/85031561f7f04cae9505b839c6d7e76d

This requires https://github.com/calcom/private-api/pull/62 to be merged first

Refactors the create license key UI to be coss-ui and implements the ability to create coupons for a user so they can use them directly in their license key creation

Updates since last revision

  • Fixed error handling in createCoupon.handler.ts to use TRPCError instead of plain Error for consistent tRPC error handling
  • Removed logging of username when denying access (sensitive information)
  • Used appropriate error codes: INTERNAL_SERVER_ERROR for missing config, UNAUTHORIZED for permission denied, BAD_REQUEST for API failures

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected).
  • I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. N/A - internal admin tooling
  • I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

  1. Navigate to the license key creation page as an admin
  2. Test creating a license key with the new UI
  3. Test creating a coupon via the dialog
  4. Verify error handling works correctly when API fails

Human Review Checklist

  • Verify TRPCError codes are appropriate for each error case
  • Note: Schema validation for capping percent discounts at 100 was intentionally not addressed (Cubic AI confidence 6/10, below 9/10 threshold)

Requested by: unknown ()
Link to Devin run

@graphite-app graphite-app bot added consumer core area: core, team members only labels Feb 5, 2026
@graphite-app graphite-app bot requested a review from a team February 5, 2026 09:23
@paragon-review
Copy link
Copy Markdown

paragon-review bot commented Feb 5, 2026
edited
Loading

Paragon: tests updated

2 new tests generated for this PR.

New Tests

  • createCoupon.handler.test.ts — Unit tests for createCoupon handler covering authorization, configuration validation, successful coupon creation, and error handling
  • createCoupon.schema.test.ts — Unit tests for createCoupon Zod schema validation including required fields, discount types, and duration refinement rules

Accept Changes Open in Paragon

Details

New Tests

  • createCoupon.handler.test.ts (unit)
  • createCoupon.schema.test.ts (unit)

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Feb 5, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

4 issues found across 7 files

Prompt for AI agents (all issues) 

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="packages/trpc/server/routers/viewer/admin/createCoupon.handler.ts">

<violation number="1" location="packages/trpc/server/routers/viewer/admin/createCoupon.handler.ts:56">
P2: Use `TRPCError` instead of plain `Error` for consistent TRPC error handling. This follows the pattern used in other admin handlers (e.g., `setSMSLockState.handler.ts`).

(Based on your team's feedback about throwing TRPCError with code UNAUTHORIZED for access-denied cases.) [FEEDBACK_USED]</violation>

<violation number="2" location="packages/trpc/server/routers/viewer/admin/createCoupon.handler.ts:60">
P1: Rule violated: **Avoid Logging Sensitive Information**

Avoid logging the user’s username when denying access; usernames are sensitive identifiers and should not be written to logs.</violation>

<violation number="3" location="packages/trpc/server/routers/viewer/admin/createCoupon.handler.ts:71">
P2: Use `TRPCError` with appropriate code (e.g., `BAD_REQUEST`) for API failure errors to maintain consistent TRPC error handling.</violation>
</file>

<file name="packages/trpc/server/routers/viewer/admin/createCoupon.schema.ts">

<violation number="1" location="packages/trpc/server/routers/viewer/admin/createCoupon.schema.ts:12">
P2: When `discountType` is `"percent"`, validation should cap `discountAmount` at 100. Right now any integer >= 1 is accepted, which allows invalid percentage discounts.</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Feb 5, 2026

Devin AI is addressing Cubic AI's review feedback

A Devin session has been created to address the issues identified by Cubic AI.

View Devin Session

devin-ai-integration bot and others added 2 commits February 5, 2026 09:34
@devin-ai-integration
fix: use TRPCError and remove sensitive logging in createCoupon handler
52bdc98 
- Replace plain Error with TRPCError for consistent tRPC error handling
- Use INTERNAL_SERVER_ERROR for missing env configuration
- Use UNAUTHORIZED for permission denied errors
- Use BAD_REQUEST for API failure errors
- Remove console.warn that logged username (sensitive info)

Co-Authored-By: unknown <>
@sean-brydon
feat: add copy button and fix 0 on % off
5f705db
@sean-brydon sean-brydon enabled auto-merge (squash) February 5, 2026 09:57
@sean-brydon sean-brydon merged commit c652c61 into main Feb 5, 2026
83 of 84 checks passed
@sean-brydon sean-brydon deleted the feat/license-key-creation-coupon branch February 5, 2026 10:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@eunjae-lee eunjae-lee eunjae-lee approved these changes

Assignees

No one assigned

Labels

consumer core area: core, team members only ready-for-e2e size/XL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sean-brydon @eunjae-lee