feat: enhance application update logic to handle non-editable statuses

[AnujChhikara]

Date: 8 March 2026

Developer Name: @AnujChhikara

---

Issue Ticket Number

• [BUG] Change application status to pending for admin review after edit when in changes requested state #2587

Tech Doc Link

• NA

Business Doc Link

• NA

Description

• Added a check to prevent updates on applications that are not in an editable status, returning a conflict error when attempting to edit reviewed applications.
• Updated integration tests to verify the new behavior for applications that have already been reviewed.
• Enhanced unit tests to ensure proper error handling for non-editable application statuses.

Documentation Updated?

• Yes
• No

Under Feature Flag

• Yes
• No

Database Changes

• Yes
• No

Breaking Changes

• Yes
• No

Development Tested?

• Yes
• No

Screenshots

Screenshot 1

Test Coverage

Screenshot 1

Additional Notes

[coderabbitai]

Walkthrough

The PR prevents editing of applications that have already been reviewed. Applications can only be edited when their status is PENDING or CHANGES_REQUESTED; attempting to edit others returns a 409 conflict. Successful edits reset status to PENDING.

Changes

Cohort / File(s)	Summary
Application Logic controllers/applications.ts, models/applications.ts	Model adds precondition check limiting edits to PENDING/CHANGES_REQUESTED statuses; controller adds conflict response path for notPending applications. Status is enforced to PENDING on update.
Test Coverage test/integration/application.test.ts, test/unit/controllers/applications.test.ts	Integration test validates editing from CHANGES_REQUESTED and conflict response when already reviewed; unit test covers controller's 409 conflict path for notPending status.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• test: add test for the application create flow  #2536: Introduces APPLICATION_ERROR_MESSAGES and status constants that directly support this PR's conflict handling and status enforcement.
• feat: Implement Create Application Flow for User Onboarding #2534: Modifies application update logic and status-based conflict handling using APPLICATION_ALREADY_REVIEWED and CHANGES_REQUESTED checks.
• test: implement tests for application update functionality #2562: Adds comprehensive test coverage for updateApplication logic, complementing the status-related changes here.

Suggested reviewers

• MayankBansal12
• iamitprakash

Poem

🐰 An app once edited left and right,
But we said 'no more!'—once reviewed, hold tight.
Now PENDING awaits those seeking change,
A guardian clause keeps status in range!
Tests hop in place, our logic feels right! 🎯

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: enhancing application update logic to handle non-editable statuses, which aligns with the additions of status checks and conflict error handling across controllers, models, and tests.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The pull request description directly addresses the changeset by explaining the addition of checks to prevent updates on non-editable applications and the corresponding test updates.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch anuj/fix-application-status-change

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@models/applications.ts`:
- Around line 153-163: The current guard checks isEditableApplicationStatus
(using APPLICATION_STATUS_TYPES) before verifying ownership, which leaks status
info; change the order in the function so you first compare application.userId
against userId and return { status: APPLICATION_STATUS.unauthorized } if they
differ, and only after passing that ownership check evaluate
isEditableApplicationStatus and return { status: APPLICATION_STATUS.notPending }
as needed; update the block that references isEditableApplicationStatus,
application.userId, userId, APPLICATION_STATUS_TYPES,
APPLICATION_STATUS.notPending, and APPLICATION_STATUS.unauthorized accordingly.

In `@test/integration/application.test.ts`:
- Around line 542-555: Update the test fixture so the created application is
explicitly marked as reviewed before calling applicationModel.addApplication:
when building reviewedApplicationData (currently derived from
applicationsData[1]), add the non-editable status property (use the project's
canonical value or enum, e.g. APPLICATION_STATUSES.REVIEWED or the string used
elsewhere) so the test always exercises the "already reviewed" branch; ensure
you modify the object passed to applicationModel.addApplication in this test in
application.test.ts.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 954f4ccf-cb03-4ad6-8694-b27b400f6ea2

📥 Commits

Reviewing files that changed from the base of the PR and between a07167f and b4b579d.

📒 Files selected for processing (4)

• controllers/applications.ts
• models/applications.ts
• test/integration/application.test.ts
• test/unit/controllers/applications.test.ts