Avoid spamming the server for auditories when we don't have the rights

[ildyria]

Summary by CodeRabbit

• New Features

  • User payload now includes an explicit admin flag so interfaces can recognize administrative users.

• Bug Fixes

  • Advisory UI now verifies admin status before fetching advisories, preventing unauthorized requests and reducing unnecessary network calls.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 734b7f45-f4ab-4d1d-ab09-29eb11e0defe

📥 Commits

Reviewing files that changed from the base of the PR and between 63a7b10 and ed327ee.

📒 Files selected for processing (4)

• app/Http/Resources/Models/UserResource.php
• resources/js/composables/modals/useAdvisoryModal.ts
• resources/js/lychee.d.ts
• resources/js/stores/UserState.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• resources/js/composables/modals/useAdvisoryModal.ts

---

📝 Walkthrough

Walkthrough

The PR adds an admin-check flow: the advisory modal composable now awaits the user store, uses isAdmin from the Pinia user store to decide early whether to fetch advisories, and only calls the API when appropriate. Backend resource, frontend typings, and the store were updated to expose and use may_administrate.

Changes

Cohort / File(s)	Summary
Advisory modal composable resources/js/composables/modals/useAdvisoryModal.ts	Now imports and awaits useUserStore(), calls userStore.load() asynchronously, returns early when userStore.isAdmin is false, checks sessionStorage only for admins, and limits catch to silent network error handling.
User resource (backend) app/Http/Resources/Models/UserResource.php	Added public boolean may_administrate property and set it in the constructor ($this->may_administrate = $user?->may_administrate ?? false;).
Frontend typings resources/js/lychee.d.ts	Extended App.Http.Resources.Models.UserResource with may_administrate: boolean.
User store (frontend) resources/js/stores/UserState.ts	Added isAdmin() getter that returns true when user?.may_administrate === true, else false.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped in with a careful stare,
Admin flag set tidy and fair.
Advisories now only knock the right door,
Types and resource match—no need to explore.
Hooray, I nibble a carrot and adore! 🥕

🚥 Pre-merge checks | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 25.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9a00d204-b99b-418a-a74b-9a0c3d3029ae

📥 Commits

Reviewing files that changed from the base of the PR and between bf48780 and 63a7b10.

📒 Files selected for processing (1)

• resources/js/composables/modals/useAdvisoryModal.ts

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.17%. Comparing base (bf48780) to head (ed327ee).
⚠️ Report is 1 commits behind head on master.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.