fix: filter by text is case sensitive

[paanSinghCoder]

Summary

Make organization like filters case-insensitive in Admin SearchOrganizations backend query handling.

Related PR - raystack/salt#83

Changes
Updated frontier/internal/store/postgres/org_billing_repository.go

• like now uses ILIKE
• notlike now uses NOT ILIKE

Added regression coverage in frontier/internal/store/postgres/org_billing_repository_test.go to assert title like generates ILIKE.

Why
Filtering organizations by title from /organizations returned different results for different casing (e.g. fah vs Fah). This aligns filter behavior with expected case-insensitive search.

Technical Details

Test Plan

• Manual testing completed
• Build and type checking passes

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
frontier	Ready	Preview, Comment	Mar 25, 2026 10:59am

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• New Features

  • Added support for case-insensitive search filter operators (ilike and notilike) for organization queries.

• Bug Fixes

  • Fixed query operator handling to correctly preserve filter semantics without unnecessary remapping, improving search consistency.

Walkthrough

These changes introduce case-insensitive like operators (ilike and notilike) across the RQL query system, adding validation support, database SQL handling, and removing frontend special-casing of operator types.

Changes

Cohort / File(s)	Summary
Query Validation Layer internal/api/v1beta1connect/organization_billing.go, internal/api/v1beta1connect/rql_validation.go	Refactored validation in SearchOrganizations to use new helper function validateRQLQueryWithIlike, which converts ilike/notilike operators to like/notlike for validation purposes without modifying the original query.
Database Repository internal/store/postgres/org_billing_repository.go	Added SQL support for ilike and notilike operators in string filter processing, using SQL's ILIKE/NOT ILIKE comparisons with text cast, consistent with existing like/notlike behavior.
Frontend SDK web/sdk/admin/utils/transform-query.ts	Removed conditional operator remapping logic that converted ilike to like based on string value type; operators now passed through directly without special-casing.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coveralls]

Pull Request Test Coverage Report for Build 23537571218

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

• For more information on this, see Tracking coverage changes with pull request builds.
• To avoid this issue with future PRs, see these Recommended CI Configurations.
• For a quick fix, rebase this PR at GitHub. Your next report should be accurate.

Details

• 0 of 4 (0.0%) changed or added relevant lines in 1 file are covered.
• 264 unchanged lines in 3 files lost coverage.
• Overall coverage increased (+0.2%) to 41.234%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
internal/store/postgres/org_billing_repository.go	0	4	0.0%

Files with Coverage Reduction	New Missed Lines	%
internal/api/v1beta1connect/organization.go	5	66.8%
pkg/server/connect_interceptors/authorization.go	90	0.0%
core/organization/service.go	169	49.44%

Totals
Change from base Build 23482039206:	0.2%
Covered Lines:	14699
Relevant Lines:	35648

---

💛 - Coveralls

[coderabbitai]

Actionable comments posted: 1

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 1c9eba0b-c172-4ae4-8f52-3ee982080f31

📥 Commits

Reviewing files that changed from the base of the PR and between fec853b and 1d62277.

📒 Files selected for processing (1)

• internal/store/postgres/org_billing_repository.go

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

internal/store/postgres/org_billing_repository_test.go (1)

110-126: Add a matching notlike regression case.

This PR changes both like and notlike, but this table only adds like coverage. Add a sibling case asserting NOT ILIKE generation to prevent one-sided regressions.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 0acc1813-2df9-42bf-9dcb-84163a7884f8

📥 Commits

Reviewing files that changed from the base of the PR and between 1d62277 and aa8160b.

📒 Files selected for processing (1)

• internal/store/postgres/org_billing_repository_test.go

[rsbh]

Instead of changing the existing query, add new cases in switch conditions for OPERATOR_ILIKE and OPERATOR_NOT_ILIKE.

Current solution will break the exsiting logic and misleading as the operator is LIKE and in query we are using ILIKE

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

internal/store/postgres/org_billing_repository.go (1)

420-423: ⚠️ Potential issue | 🔴 Critical

Line 421 and Line 423: Raw SQL interpolation introduces injection risk.

filter.Value is interpolated directly into SQL via fmt.Sprintf, so crafted input can break out of the predicate. Please switch to parameterized goqu expressions (same fix should be applied to all LIKE/ILIKE branches).

🔧 Proposed fix

-	case OPERATOR_ILIKE:
-		query = query.Where(goqu.L(fmt.Sprintf(`"%s"::TEXT ILIKE '%s'`, filter.Name, filter.Value.(string))))
-	case OPERATOR_NOT_ILIKE:
-		query = query.Where(goqu.L(fmt.Sprintf(`"%s"::TEXT NOT ILIKE '%s'`, filter.Name, filter.Value.(string))))
+	case OPERATOR_ILIKE:
+		query = query.Where(goqu.Cast(goqu.I(filter.Name), "TEXT").ILike(filter.Value.(string)))
+	case OPERATOR_NOT_ILIKE:
+		query = query.Where(goqu.Cast(goqu.I(filter.Name), "TEXT").NotILike(filter.Value.(string)))

#!/bin/bash
set -euo pipefail

echo "=== Interpolated LIKE/ILIKE patterns in org_billing_repository.go ==="
rg -nP 'fmt\.Sprintf\(`"%s"::TEXT (NOT )?I?LIKE '\''%s'\''' internal/store/postgres/org_billing_repository.go || true

echo
echo "=== Parameterized/cast expressions present ==="
rg -nP 'goqu\.Cast\(goqu\.I\(filter\.Name\), "TEXT"\)\.(I|NotI|L|NotL)ike\(' internal/store/postgres/org_billing_repository.go || true

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c9ef6627-0bd0-4bfb-b4fa-290566c6fc63

📥 Commits

Reviewing files that changed from the base of the PR and between dfb0d4d and 5dc687a.

📒 Files selected for processing (4)

• internal/api/v1beta1connect/organization_billing.go
• internal/api/v1beta1connect/rql_validation.go
• internal/store/postgres/org_billing_repository.go
• web/sdk/admin/utils/transform-query.ts