Skip to content

feat: add expiresAt to joinGroup mutation response#30

Merged
takaokouji merged 2 commits intomainfrom
feat/issue-494-meshv2-join-expiration
Jan 2, 2026
Merged

feat: add expiresAt to joinGroup mutation response#30
takaokouji merged 2 commits intomainfrom
feat/issue-494-meshv2-join-expiration

Conversation

@takaokouji
Copy link
Contributor

Summary

This PR adds the expiresAt field to the joinGroup mutation response. This allows joined members to receive the group's expiration time immediately upon joining, which is required for the new Mesh V2 status display in the Smalruby 3 menu bar.

Changes

  • GraphQL Schema: Added expiresAt: AWSDateTime to the Node type.
  • AppSync JS Resolver: Updated joinGroupFunction.js to retrieve the group's expiresAt from the context stash and include it in the response.
  • Tests:
    • Updated join_group.graphql fixture to include the new field.
    • Added spec/requests/join_group_expires_at_spec.rb to verify the behavior.

Verification

  • Deployed to stg2 environment.
  • All integration tests passed in stg2 (58 examples).
  • Linting (standardrb) passed.

- Added expiresAt to Node type in schema
- Updated joinGroupFunction to retrieve and return expiresAt from group metadata
@takaokouji takaokouji merged commit caf14b9 into main Jan 2, 2026
3 checks passed
@takaokouji takaokouji deleted the feat/issue-494-meshv2-join-expiration branch January 2, 2026 03:08
takaokouji added a commit that referenced this pull request Jan 18, 2026
- Added AllowPreflightOptions rule (priority: 0) to allow OPTIONS requests
- Fixed SingleHeader property name (name → Name)
- Fixed TextTransformationType (UPPERCASE → NONE for method matching)
- Ensures AppSync can return CORS headers for preflight requests

This fixes the CORS error reported on Chromebook when connecting to
production mesh v2 API (https://graphql.api.smalruby.app/graphql).

WAF rules now properly handle:
1. Preflight OPTIONS requests from allowed origins (priority 0)
2. Regular POST requests from allowed origins (priority 1)
3. Block all other requests (default action)

Tested on stg2 environment:
- OPTIONS from https://smalruby.app → 200 + CORS headers ✅
- POST from https://smalruby.app → 200 + data ✅
- POST from https://example.com → 403 (blocked) ✅

Fixes #30

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant

Comments