Fix anonymous user crash in learn form

[kritikamangal4]

Related issues

Fixes #<ISSUE_NUMBER>

Checklist

• Did you run the pre-commit? (If not, your PR will most likely not pass — please ensure it passes pre-commit)
• Did you test the change? (Ensure you didn’t just prompt the AI and blindly commit — test the code and confirm it works)
• Added screenshots to the PR description (if applicable)

Summary

This PR fixes a crash occurring when anonymous users submit the learn form to create a waiting room.

Changes

In web/views.py, the learn(request) flow now assigns waiting_room.creator only when the requester is authenticated:

Before:
waiting_room.creator = request.user

After:
if request.user.is_authenticated:
waiting_room.creator = request.user

This prevents assigning an AnonymousUser to the creator field.

Impact

• Anonymous users can submit the learn form without causing a crash.
• Authenticated users are still recorded as the waiting room creator.
• Waiting rooms created by anonymous users will leave the creator field unset (None).

Testing Notes

The PR description includes the repository template checklist but no completed items; pre-commit checks and manual tests have not been confirmed in the PR.

[coderabbitai]

Note

.coderabbit.yaml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized key(s) in object: 'tools'

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Walkthrough

A conditional check is added to the learn() function in web/views.py so that waiting_room.creator is set only when request.user.is_authenticated; previously the creator was assigned unconditionally for all requests.

Changes

Cohort / File(s)	Summary
Waiting Room Creator Assignment web/views.py	Modified learn() to set waiting_room.creator only if request.user.is_authenticated, removing unconditional assignment for anonymous requests.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly aligns with the changeset: it identifies fixing a crash for anonymous users in the learn form, which matches the code change that now conditionally sets the creator only for authenticated users.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

👀 Peer Review Required

Hi @kritikamangal4! This pull request does not yet have a peer review.

Before this PR can be merged, please request a review from one of your peers:

• Go to the PR page and click "Reviewers" on the right sidebar.
• Select a team member or contributor to review your changes.
• Once they approve, this reminder will be automatically removed.

Thank you for contributing! 🎉

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

web/views.py (1)

1209-1218: ⚠️ Potential issue | 🟠 Major

Handle creator=None all the way through the waiting-room flow.

This avoids assigning AnonymousUser, but it also creates waiting rooms with no creator. web/notifications.py:195-202 still sends a creator notification unconditionally, so anonymous submissions can still fail later when the room is fulfilled. Please harden that path before shipping this hotfix.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@web/views.py`:
- Around line 1209-1210: Fix the indentation so the assignment sits inside the
if block (ensure "waiting_room.creator = request.user" is indented under the "if
request.user.is_authenticated:" check) and then make notification logic
null-safe: in notify_waiting_room_fulfilled (and any call sites using
waiting_room.creator) add a guard to skip send_notification if
waiting_room.creator is None (e.g., only call
send_notification(waiting_room.creator, ...) when waiting_room.creator is not
None and not in waiting_room.participants.all()); alternatively decide to reject
anonymous waiting room creation in the same view by returning an error when
request.user is not authenticated.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: alphaonelabs/coderabbit/.coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: cf109392-3f2b-4e8d-bbfa-4398dda4aec1

📥 Commits

Reviewing files that changed from the base of the PR and between c94caf8 and 24f23fa.

📒 Files selected for processing (1)

• web/views.py

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
python - <<'PY'
from pathlib import Path

path = Path("web/views.py")
source = path.read_text()

try:
    compile(source, str(path), "exec")
    print("Syntax OK")
except SyntaxError as exc:
    print(f"SyntaxError: {exc.msg} at line {exc.lineno}, column {exc.offset}")
    start = max(1, exc.lineno - 2)
    end = exc.lineno + 2
    for no, line in enumerate(source.splitlines(), start=1):
        if start <= no <= end:
            prefix = ">>" if no == exc.lineno else "  "
            print(f"{prefix} {no}: {line}")
PY

Repository: alphaonelabs/website

Length of output: 425

---

🏁 Script executed:

# Check web/notifications.py for the notify_waiting_room_fulfilled function
fd -t f "notifications.py" | xargs head -n 250 | tail -n 100

Repository: alphaonelabs/website

Length of output: 3565

---

🏁 Script executed:

# Search for usages of waiting_room.creator throughout the codebase
rg "waiting_room\.creator" --type py -B 2 -A 2

Repository: alphaonelabs/website

Length of output: 1436

---

Fix the indentation and handle anonymous waiting room creators.

The code has two issues:

1. Syntax error at Line 1210: The assignment is not indented under the if block, preventing the file from importing.

2. Null-handling in notifications: If an anonymous user creates a waiting room, waiting_room.creator will be None. However, notify_waiting_room_fulfilled() in web/notifications.py later assumes waiting_room.creator exists when executing:

   if waiting_room.creator not in waiting_room.participants.all():
       send_notification(waiting_room.creator, notification_data)

   This will raise an error for anonymous waiting rooms.

Syntax fix

             if request.user.is_authenticated:
-    waiting_room.creator = request.user
+                waiting_room.creator = request.user

Consider whether anonymous users should create waiting rooms at all, or add a null check in the notification logic before accessing waiting_room.creator.

🧰 Tools

🪛 Ruff (0.15.5)

[warning] 1209-1210: Expected an indented block after if statement

(invalid-syntax)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@web/views.py` around lines 1209 - 1210, Fix the indentation so the assignment
sits inside the if block (ensure "waiting_room.creator = request.user" is
indented under the "if request.user.is_authenticated:" check) and then make
notification logic null-safe: in notify_waiting_room_fulfilled (and any call
sites using waiting_room.creator) add a guard to skip send_notification if
waiting_room.creator is None (e.g., only call
send_notification(waiting_room.creator, ...) when waiting_room.creator is not
None and not in waiting_room.participants.all()); alternatively decide to reject
anonymous waiting room creation in the same view by returning an error when
request.user is not authenticated.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

web/views.py (1)

1209-1210: ⚠️ Potential issue | 🟠 Major

Guard all creator dereferences now that this can be None.

This avoids assigning AnonymousUser, but it also means anonymous rooms now persist with creator=None. Any fulfillment/notification path that still does membership checks or sends directly to waiting_room.creator can now fail later instead of here.

Verify the remaining creator-dependent paths before merging. Expect every dereference/send path to guard waiting_room.creator first.

#!/bin/bash
rg -n -C3 --type=py '\bwaiting_room\.creator\b' web

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@web/views.py` around lines 1209 - 1210, The assignment now allows
waiting_room.creator to be None (when request.user is not authenticated), so
audit and guard every use of waiting_room.creator to avoid AttributeError /
sending to None/AnonymousUser: locate all references to waiting_room.creator
(search for "waiting_room.creator") and update code paths that send/notify/check
membership (e.g., any calls like waiting_room.creator.email, .send, .notify,
.is_member, or permission checks) to first check if waiting_room.creator is not
None and authenticated before dereferencing; if None, route to the
anonymous/fallback flow (skip send, use room-level broadcast, or log and enqueue
for later) and add/adjust unit tests to cover both creator=None and creator=User
cases. Ensure any template contexts or serializers that access
waiting_room.creator also handle None safely.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@web/views.py`:
- Around line 1209-1210: waiting_room_detail() currently adds 1 unconditionally
for the creator which inflates counts for anonymous rooms; update the logic that
computes participant/occupancy counts (the code path around waiting_room_detail
and the waiting_room.creator field set by the view where you see "if
request.user.is_authenticated: waiting_room.creator = request.user") to only
include the creator in any +1 adjustment when waiting_room.creator is not None
(or request.user.is_authenticated is True), and ensure any display/count methods
that reference waiting_room.creator perform a null check before incrementing.

---

Duplicate comments:
In `@web/views.py`:
- Around line 1209-1210: The assignment now allows waiting_room.creator to be
None (when request.user is not authenticated), so audit and guard every use of
waiting_room.creator to avoid AttributeError / sending to None/AnonymousUser:
locate all references to waiting_room.creator (search for
"waiting_room.creator") and update code paths that send/notify/check membership
(e.g., any calls like waiting_room.creator.email, .send, .notify, .is_member, or
permission checks) to first check if waiting_room.creator is not None and
authenticated before dereferencing; if None, route to the anonymous/fallback
flow (skip send, use room-level broadcast, or log and enqueue for later) and
add/adjust unit tests to cover both creator=None and creator=User cases. Ensure
any template contexts or serializers that access waiting_room.creator also
handle None safely.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: alphaonelabs/coderabbit/.coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: b5c648ec-4d83-4e3a-82d5-8ca53604bd94

📥 Commits

Reviewing files that changed from the base of the PR and between 24f23fa and 77b4cc3.

📒 Files selected for processing (1)

• web/views.py

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Adjust creator-inclusive counts for anonymous rooms.

Making creator optional also breaks waiting_room_detail(): it currently adds 1 unconditionally for the creator, so anonymous rooms will show an inflated participant count.

Suggested follow-up

-        "participant_count": waiting_room.participants.count() + 1,  # Add 1 to include the creator
+        "participant_count": waiting_room.participants.count()
+        + (1 if waiting_room.creator_id else 0),  # Include creator only when present

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@web/views.py` around lines 1209 - 1210, waiting_room_detail() currently adds
1 unconditionally for the creator which inflates counts for anonymous rooms;
update the logic that computes participant/occupancy counts (the code path
around waiting_room_detail and the waiting_room.creator field set by the view
where you see "if request.user.is_authenticated: waiting_room.creator =
request.user") to only include the creator in any +1 adjustment when
waiting_room.creator is not None (or request.user.is_authenticated is True), and
ensure any display/count methods that reference waiting_room.creator perform a
null check before incrementing.

[kritikamangal4]

Hi maintainers 👋
I have fixed the indentation issue and pushed the update.
Could you please review the PR when you have time?
Thank you!

[ghanshyam2005singh]

@kritikamangal4 please go through the coderabbit comment