fix: remove role restrictions from messages and my-account pages to p…

[Josue19-08]

…revent access denied errors

📝 Pull Request Title

🛠️ Issue

• Closes #issue-ID

📚 Description

✅ Changes applied

🔍 Evidence/Media (screenshots/videos)

Summary by CodeRabbit

• New Features
  • Messages page is now accessible to any signed-in user (no specific role required).
  • My Account page is now accessible to any signed-in user (no specific role required).

[coderabbitai]

Walkthrough

Access control on two Next.js pages was modified by removing explicit role constraints from ProtectedRoute. Both pages now require authentication without specifying roles. No other code, layout, or exports changed.

Changes

Cohort / File(s)	Summary
ProtectedRoute role constraint removal src/app/messages/page.tsx, src/app/my-account/page.tsx	Replaced ProtectedRoute usage with no roles prop, shifting from role-restricted to authenticated-only access. No other logic or exports changed.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User
  participant Page as Page (/messages, /my-account)
  participant ProtectedRoute
  participant Auth as Auth Service

  rect rgba(200, 230, 255, 0.3)
  note over User,Auth: Old flow (role-restricted)
  User->>Page: Request page
  Page->>ProtectedRoute: Render with roles=[admin,user/...]
  ProtectedRoute->>Auth: Check authenticated + hasRole
  alt Authenticated AND has required role
    ProtectedRoute-->>Page: Allow children
    Page-->>User: Render content
  else Missing role or unauthenticated
    ProtectedRoute-->>User: Redirect to signin/unauthorized
  end
  end

  rect rgba(200, 255, 200, 0.3)
  note over User,Auth: New flow (auth-only)
  User->>Page: Request page
  Page->>ProtectedRoute: Render without roles
  ProtectedRoute->>Auth: Check authenticated
  alt Authenticated
    ProtectedRoute-->>Page: Allow children
    Page-->>User: Render content
  else Unauthenticated
    ProtectedRoute-->>User: Redirect to signin
  end
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

A rabbit hopped past guarded doors,
Keys of rank now dropped to the floor.
“Just prove you’re you,” the latch now sings,
And swiftly swings on gentler springs.
Two paths unbarred, the Warren’s bright—
Auth alone now grants you light. 🐇✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title succinctly captures the main change by indicating the removal of role restrictions from the messages and my-account pages. It directly references the affected components and conveys the intent without unnecessary detail or noise. The use of the “fix:” prefix follows conventional commit style and aligns with the nature of the change.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/improve-project

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9b85cd1 and 28cfed0.

📒 Files selected for processing (2)

• src/app/messages/page.tsx (1 hunks)
• src/app/my-account/page.tsx (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (2)

src/app/messages/page.tsx (1)

src/components/auth/ProtectedRoute.tsx (1)

• ProtectedRoute (12-14)

src/app/my-account/page.tsx (1)

src/components/auth/ProtectedRoute.tsx (1)

• ProtectedRoute (12-14)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: build (18.x)
• GitHub Check: build (20.x)

🔇 Additional comments (2)

src/app/my-account/page.tsx (1)

18-19: LGTM! Role restrictions successfully removed.

The change allows any authenticated user to access the my-account page, which aligns with the PR objective to prevent access denied errors.

src/app/messages/page.tsx (1)

30-31: Approve ProtectedRoute role removal
AuthGuard’s useAuthGuard grants all authenticated users when no roles are specified and still enforces authentication.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

✅ Frontend CI/CD Pipeline Completed Successfully!

• ✅ Linting passed
• ✅ Build completed
• ✅ Security audit passed

Ready for review and deployment! 🚀