jocke/bilhej
1
0
Fork 0
Code Issues Pull requests 2 Projects Releases 1 Packages Wiki Activity Actions

feat(guest): guest checkout without login (Swish + QR) #17

Open
hermes wants to merge 4 commits from feature/guest-checkout into master
pull from: feature/guest-checkout
merge into: jocke:master
Conversation 3 Commits 4 Files changed 16 +10 -9
1 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit afe70125f1 - Show all commits

19
backend/src/main/resources/db/migration/V12__add_guest_order_columns.sql
View file

@ -1,24 +1,25 @@
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- Allows orders without a registered user (guest checkout). -- Allows orders without a registered user (guest checkout).
-- Users can place and pay for letters without creating an account. -- Users can place and pay for letters without creating an account.
-- --
-- user_id: previously NOT NULL drop the constraint so guest orders -- user_id: previously NOT NULL - drop the constraint so guest orders
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- can be created without a registered user. The FK stays in -- can be created without a registered user. The FK stays in
-- place (NULL user_id is FK-legal). -- place (NULL user_id is FK-legal).
-- guest_email: contact address for the guest. Used to send the magic -- guest_email: contact address for the guest. Used to send the magic
-- link that lets them revisit their order status. -- link that lets them revisit their order status.
-- guest_token: opaque UUID v4 the only credential a guest has. Acts -- guest_token: opaque UUID v4 - the only credential a guest has. Acts
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- as their session token for order lookup + payment confirm. -- as their session token for order lookup + payment confirm.
ALTER TABLE orders ALTER COLUMN user_id DROP NOT NULL; ALTER TABLE orders ALTER COLUMN user_id DROP NOT NULL;
ALTER TABLE orders ADD COLUMN guest_email VARCHAR(255); ALTER TABLE orders ADD COLUMN guest_email VARCHAR(255);
ALTER TABLE orders ADD COLUMN guest_token UUID; ALTER TABLE orders ADD COLUMN guest_token UUID;
-- Partial unique index: only enforce uniqueness on non-NULL tokens. -- Unique index on guest_token. Both H2 (tests/dev) and PostgreSQL (prod)
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- Multiple NULLs allowed — existing user-owned orders have no token, -- treat NULLs as distinct in a UNIQUE index, so user-owned orders (which
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- and that's fine. -- have a NULL token) never collide, while non-NULL guest tokens are
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- enforced unique. A plain index is used instead of a partial
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- (WHERE guest_token IS NOT NULL) index because H2 does not support
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
-- partial indexes, and the plain form preserves the intended semantics.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
CREATE UNIQUE INDEX idx_orders_guest_token CREATE UNIQUE INDEX idx_orders_guest_token
ON orders(guest_token) ON orders(guest_token);
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
WHERE guest_token IS NOT NULL;
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
CREATE INDEX idx_orders_guest_email CREATE INDEX idx_orders_guest_email
ON orders(guest_email) ON orders(guest_email);
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
WHERE guest_email IS NOT NULL;
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.
hermes commented 2026-06-19 19:19:16 +00:00
Review
Copy link

🟡 Missing DB-level orphan guard. The Order Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only onCreate() enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions:

ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest
    CHECK ((user_id IS NULL) <> (guest_token IS NULL));
🟡 **Missing DB-level orphan guard.** The `Order` Javadoc asserts "Either userId or guestToken is set; never both, never neither" — but only `onCreate()` enforces this in Java. A stray INSERT (admin tooling, future script) can violate it. Suggest adding after the column additions: ```sql ALTER TABLE orders ADD CONSTRAINT chk_user_or_guest CHECK ((user_id IS NULL) <> (guest_token IS NULL)); ```
hermes commented 2026-06-19 19:40:36 +00:00
Review
Copy link

🔵 Unused index. idx_orders_guest_email is created but findByGuestEmail was never added to OrderRepository (the PR body lists it, but only findByGuestToken is there), so there's no read path on guest_email yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.

🔵 **Unused index.** `idx_orders_guest_email` is created but `findByGuestEmail` was never added to `OrderRepository` (the PR body lists it, but only `findByGuestToken` is there), so there's no read path on `guest_email` yet. Either add the lookup now or defer the index until the email-link phase to avoid an unused schema object.