fix: Users.CreateUser... vague error into optional name parameter.

[Abiji-2020]

What does this PR do?

In the api/users.php the function signature requires string for name parameter even though its an optional one and displays a vague message over it.
I have modified the signature and added a null check and made the name as empty string if the parameter is given as null.

Test Plan

After updating the code, I have created a user with the null values using the api call using Thunder client VS code extension (similar to postman)

Related PRs and Issues

• 🐛 Bug Report: All Users.CreateUser... endpoints return a vague server error is null name is provided #8785

Checklist

• Have you read the Contributing Guidelines on issues?
• If the PR includes a change to an API's metadata (desc, label, params, etc.), does it also include updated API specs and example docs?

Summary by CodeRabbit

• New Features

  • User creation and target creation endpoints now allow the user name field to be optional. If not provided, it will default to an empty value.

• Bug Fixes

  • Improved handling of missing or null user name fields during user and target creation, preventing errors when the name is omitted.

[coderabbitai]

Walkthrough

The changes update the user creation logic by making the name parameter optional across the relevant controller functions and API endpoint callbacks. The createUser function now handles a null or missing name by defaulting it to an empty string, ensuring consistent behavior when the parameter is omitted.

Changes

File(s)	Change Summary
app/controllers/api/users.php	Made name parameter optional (?string $name) in createUser and related API route action callbacks. Added logic to set $name to an empty string if null or empty.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant API
    participant Controller
    participant Database

    Client->>API: POST /v1/users (with/without name)
    API->>Controller: createUser(..., ?string $name, ...)
    Controller->>Controller: if $name is null, set to ""
    Controller->>Database: Store user with $name (may be "")
    Database-->>Controller: Confirmation
    Controller-->>API: User created response
    API-->>Client: Success/failure response

Loading

Poem

🐇
A name may be missing, but users appear,
With empty-string greetings, the logic is clear.
Optional fields, a gentle new way—
The code hops ahead, with bugs kept at bay.
Hooray for the patch, let new users play!

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

app/controllers/api/users.php (1)

85-87: Improve the null check to be more specific.

Using empty($name) checks for multiple "empty" values (null, false, 0, '0', '', []), but for a nullable string parameter, you likely want to check specifically for null.

Consider using a more specific null check:

-        if (empty($name)) {
-            $name = '';
-        }
+        $name = $name ?? '';

Or if you want to be explicit:

-        if (empty($name)) {
-            $name = '';
-        }
+        if ($name === null) {
+            $name = '';
+        }

This prevents unexpected behavior if someone passes other "empty" values like 0 or false.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e56c03a and a4219ce.

⛔ Files ignored due to path filters (1)

• composer.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• app/controllers/api/users.php (11 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: scan

🔇 Additional comments (10)

app/controllers/api/users.php (10)

62-62: Function signature change looks good.

The change from string $name to ?string $name correctly makes the name parameter optional and nullable, which aligns with the PR objective.

---

222-222: API endpoint signature update is consistent.

The change from string $name to ?string $name in the main user creation endpoint is consistent with the createUser function update.

---

256-256: Bcrypt endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional.

---

291-291: MD5 endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional.

---

326-326: Argon2 endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional.

---

362-362: SHA endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional.

---

403-403: PHPass endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional.

---

443-443: Scrypt endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional.

---

489-489: Scrypt-modified endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional.

---

526-526: Target creation endpoint signature update is consistent.

The parameter signature change aligns with the overall modification to make name optional across user-related endpoints.

[github-actions]

Security Scan Results for PR

Docker Image Scan Results

Package	Version	Vulnerability	Severity
binutils	2.42-r0	CVE-2025-0840	HIGH
libexpat	2.6.4-r0	CVE-2024-8176	HIGH
libxml2	2.12.7-r0	CVE-2024-56171	HIGH
libxml2	2.12.7-r0	CVE-2025-24928	HIGH
libxml2	2.12.7-r0	CVE-2025-27113	HIGH
libxml2	2.12.7-r0	CVE-2025-32414	HIGH
libxml2	2.12.7-r0	CVE-2025-32415	HIGH
pyc	3.12.9-r0	CVE-2024-12718	HIGH
pyc	3.12.9-r0	CVE-2025-4138	HIGH
pyc	3.12.9-r0	CVE-2025-4517	HIGH
python3	3.12.9-r0	CVE-2024-12718	HIGH
python3	3.12.9-r0	CVE-2025-4138	HIGH
python3	3.12.9-r0	CVE-2025-4517	HIGH
python3-pyc	3.12.9-r0	CVE-2024-12718	HIGH
python3-pyc	3.12.9-r0	CVE-2025-4138	HIGH
python3-pyc	3.12.9-r0	CVE-2025-4517	HIGH
python3-pycache-pyc0	3.12.9-r0	CVE-2024-12718	HIGH
python3-pycache-pyc0	3.12.9-r0	CVE-2025-4138	HIGH
python3-pycache-pyc0	3.12.9-r0	CVE-2025-4517	HIGH
sqlite-libs	3.45.3-r1	CVE-2025-29087	HIGH
xz	5.6.2-r0	CVE-2025-31115	HIGH
xz-libs	5.6.2-r0	CVE-2025-31115	HIGH
golang.org/x/crypto	v0.31.0	CVE-2025-22869	HIGH

Source Code Scan Results

🎉 No vulnerabilities found!