Skip to content

[feat]: Add account level upgrade mutation #217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
islandbitcoin wants to merge 3 commits into from
Closed

[feat]: Add account level upgrade mutation #217

islandbitcoin wants to merge 3 commits into from

Conversation

@islandbitcoin
Copy link
Contributor

@islandbitcoin islandbitcoin commented Sep 24, 2025
edited
Loading

Implements a new GraphQL mutation that allows authenticated users to upgrade their account level (KYC level) if they have been validated by an admin.

Key features:

  • Users can only upgrade their level, not downgrade
  • Level skipping is allowed (e.g., 0 → 2)
  • Requires 'validated' flag to be set on User record
  • Validation flag resets after each use (single-use validation)
  • Follows existing patterns from admin mutation

Changes:

  • Added 'validated' boolean field to User schema with index
  • Created selfUpgradeAccountLevel business logic with validation checks
  • Implemented accountUpdateLevel mutation in public GraphQL API
  • Added comprehensive developer comments explaining the security model

This creates a controlled upgrade flow where admins or another function can validate user data, then the front-end can auto-upgrade once per validation.

@islandbitcoin islandbitcoin self-assigned this Sep 24, 2025
@islandbitcoin islandbitcoin added enhancement New feature or request Medium labels Sep 24, 2025
Copilot AI reviewed Sep 24, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Implements a self-service account level upgrade mutation that allows authenticated users to upgrade their KYC level after admin validation. This creates a controlled upgrade flow where admins validate user data first, then users can perform the upgrade themselves.

  • Added validated boolean field to User schema for single-use validation control
  • Created selfUpgradeAccountLevel business logic with upgrade-only restrictions
  • Implemented public GraphQL mutation accountUpdateLevel for user-initiated upgrades

Reviewed Changes

Copilot reviewed 9 out of 11 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/services/mongoose/schema.ts Added validated boolean field with index to User schema
src/services/mongoose/users.ts Updated user translation and repository to handle validated field
src/app/accounts/self-upgrade-account-level.ts New business logic for self-service account upgrades with validation checks
src/app/accounts/index.ts Exported new self-upgrade function
src/graphql/public/types/payload/account-update-level.ts New payload type for account level update responses
src/graphql/public/root/mutation/account-update-level.ts New GraphQL mutation for user-initiated account level upgrades
src/graphql/public/mutations.ts Registered new mutation in public API
src/graphql/public/schema.graphql Added GraphQL schema definitions for new mutation
dev/apollo-federation/supergraph.graphql Updated federation schema with new types

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@islandbitcoin
Update src/app/accounts/self-upgrade-account-level.ts
a7d5524 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@brh28
Copy link
Contributor

brh28 commented Oct 7, 2025

This creates a controlled upgrade flow where admins or another function can validate user data, then the front-end can auto-upgrade once per validation.

From what I gather this flow has 3 parts:

  1. User uploads upgrade details
  2. Admin approves
  3. User "auto-upgrades" themselves

but I'm confused why step 3 is necessary.

It seems this flow would be simpler if a user could trigger a request to upgrade, then an admin approves the request, which updates the account

@islandbitcoin
Copy link
Contributor Author

islandbitcoin commented Oct 7, 2025

This creates a controlled upgrade flow where admins or another function can validate user data, then the front-end can auto-upgrade once per validation.

From what I gather this flow has 3 parts:

  1. User uploads upgrade details
  2. Admin approves
  3. User "auto-upgrades" themselves

but I'm confused why step 3 is necessary.

It seems this flow would be simpler if a user could trigger a request to upgrade, then an admin approves the request, which updates the account

that would be a better flow.

@islandbitcoin
refactored to simplify upgrade flow - 1. Database Schema (src/service…
daf1e68 
…s/mongoose/schema.ts:485-489)

  - Replaced validated boolean with requestedLevel field
  - Stores the user's pending upgrade request (null = no request)

  2. Type Definitions

  - Updated User type in src/domain/users/index.types.d.ts:69
  - Updated UserRecord in src/services/mongoose/schema.types.d.ts:153
  - Updated repository in src/services/mongoose/users.ts:16,28,71,82

  3. Business Logic

  - New: src/app/accounts/request-account-level-upgrade.ts - Users request upgrades
  - Enhanced: src/app/accounts/update-account-level.ts:20-29 - Admin approval clears request
  - Deleted: src/app/accounts/self-upgrade-account-level.ts - Removed confusing flow

  4. GraphQL API

  - User mutation: accountLevelUpgradeRequest - Users submit upgrade requests(src/graphql/public/root/mutation/account-level-upgrade-request.ts)
  - Admin mutation: Existing accountUpdateLevel now auto-clears requests
  - Removed: Public accountUpdateLevel mutation (users can't self-upgrade)

  5. Schema Updates

  - Updated src/graphql/public/schema.graphql:102-104, 741
  - Removed old payload types

  How It Works

  1. User requests: accountLevelUpgradeRequest(level: 2) → sets user.requestedLevel = 2
  2. Admin reviews: Queries existing admin tools, sees requestedLevel: 2 on user
  3. Admin approves: Calls accountUpdateLevel → upgrades account + clears requestedLevel
@islandbitcoin islandbitcoin changed the title [feat]: Add self-service account level upgrade mutation [feat]: Add account level upgrade mutation Oct 16, 2025
@islandbitcoin
Copy link
Contributor Author

islandbitcoin commented Oct 16, 2025

based on today's dev standup, this should refactored to create a new graphql mutation and a query.

Mutation:

  • Ingest the information given from the user when filling out the business upgrade form. (regardless of Pro or Merchant)
  • create a new support issue in ERPNext using the erpnext class on the backend.
  • add user info to the issue in description field, formatted for future parsing
  • Condition: if upgrade to level TWO, this mutation should also trigger autoupgrade to level TWO without admin input. if upgrade to level THREE, manual approval required, so this mutation does nothing else.

Query:

  • Client needs to know if a request is pending, so a query is needed to look for existing open support issues connected to this user. query should ingest username, and return a boolean.

@islandbitcoin
Copy link
Contributor Author

islandbitcoin commented Oct 17, 2025

I've created a new PR for this change in direction: #224

Closing this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@brh28 brh28 Awaiting requested review from brh28

Assignees

@islandbitcoin islandbitcoin

Labels

enhancement New feature or request Medium

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@islandbitcoin @brh28