feat(frontend): dedicated account settings from profile tab

[dfed25]

• Add /account-settings stack screen with message notifications, sign out, and delete account
• Profile tab shows a Settings row (and account settings on incomplete profile) linking there
• Web: OpenInAppPrompt for account settings deep link, consistent with profile tab
• Fix typed-route pushes with as never where the generated routes lag

Made-with: Cursor

Linked Issues

Closes #77
Linear: POLY-56

Summary

Briefly explain the change and why.

How to Test

Steps to verify locally:

• npm run lint
• npm run typecheck
• npm test
• Manual flow:
  1. npm run dev:backend (in terminal A)
  2. npm run dev (in terminal B)
  3. Verify the change: <describe expected behavior/screens>

Checklist

• Tests added/updated (if applicable)
• Lint/tests pass locally (npm run lint)
• Docs updated (README/ADR/changelog if needed)
• Follows conventional commit format
• No merge conflicts with dev

Screenshots / Demos

(if UI or visible behavior - attach images, videos, or GIFs)

Summary by CodeRabbit

• New Features

  • Added a dedicated Account Settings screen: manage message notifications, view/unblock blocked users, sign out, and delete your account.

• Refactoring

  • Simplified the main Settings entry to route into the new Account Settings flow; removed in-page notification and account management UI.
  • Updated navigation call sites for typing consistency.

• Chores

  • Added iOS workspace metadata files.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
poly-buys	Error		Apr 16, 2026 0:14am

[coderabbitai]

Warning

Rate limit exceeded

@dfed25 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 53 minutes and 1 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 53 minutes and 1 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 6f49d74a-72de-4d35-99b3-eb444d5c7619

📥 Commits

Reviewing files that changed from the base of the PR and between 85651ae and d537953.

📒 Files selected for processing (1)

• backend/convex/blocks.ts

📝 Walkthrough

📝 Walkthrough

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: extracting account settings functionality into a dedicated screen accessible from the profile tab.
Description check	✅ Passed	The description includes linked issues and a summary, but lacks completed details for testing steps, checklist verification, and screenshots/demos.
Linked Issues check	✅ Passed	All code changes align with linked issue #77: new account settings screen with notifications/sign-out/delete, settings navigation from profile tab, web OpenInAppPrompt support, and typed-route push fixes.
Out of Scope Changes check	✅ Passed	All changes are in scope: account settings screen and routing, profile settings navigation, backend block query, iOS workspace metadata, and typed-route fixes are all required by the issue.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/profile-account-settings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

frontend/app/account-settings.tsx (1)

177-184: Outer catch block appears unreachable.

The try block for handling notifications has early returns in all error paths before reaching this outer catch. The only code path that could reach here is if updateMessageNotificationsEnabled({ enabled: true }) on line 139 throws, but this would be the same error type handled in the inner catch blocks.

Consider whether this catch is intentionally defensive or can be removed.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/app/account-settings.tsx` around lines 177 - 184, The outer catch in
the notification update flow is effectively unreachable because all inner error
paths return; either remove the outer catch block and keep the finally that
calls setIsUpdatingMessageNotifications(false), or change inner handlers to
rethrow so the outer catch can handle them; locate the try/catch surrounding
updateMessageNotificationsEnabled, setMessageNotificationsValue, and
setIsUpdatingMessageNotifications and either delete the outer catch (leaving
finally) or make inner catch blocks rethrow the error so the outer catch can
run.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@frontend/app/account-settings.tsx`:
- Around line 140-176: When disabling notifications, handle the case where
removePushToken fails but updateMessageNotificationsEnabled succeeds: detect
removePushTokenError after the preference update and either (a) revert the saved
preference by calling updateMessageNotificationsEnabled({ enabled: true }) and
setMessageNotificationsValue(previousValue) or (b) surface an immediate
Alert.alert to inform the user that their push token could not be removed and
they may still receive notifications, including the removePushTokenError
message; update the block around removePushToken /
updateMessageNotificationsEnabled to perform this check and take one of the two
actions (retry/remediate or notify) using the existing identifiers
removePushToken, updateMessageNotificationsEnabled, removePushTokenError,
removePushTokenSucceeded, setMessageNotificationsValue, previousValue, and
Alert.alert.

---

Nitpick comments:
In `@frontend/app/account-settings.tsx`:
- Around line 177-184: The outer catch in the notification update flow is
effectively unreachable because all inner error paths return; either remove the
outer catch block and keep the finally that calls
setIsUpdatingMessageNotifications(false), or change inner handlers to rethrow so
the outer catch can handle them; locate the try/catch surrounding
updateMessageNotificationsEnabled, setMessageNotificationsValue, and
setIsUpdatingMessageNotifications and either delete the outer catch (leaving
finally) or make inner catch blocks rethrow the error so the outer catch can
run.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 647d3e07-4966-416c-961b-429bff5977f8

📥 Commits

Reviewing files that changed from the base of the PR and between 9e5c87d and a016a5b.

📒 Files selected for processing (4)

• frontend/app/(tabs)/settings.tsx
• frontend/app/_layout.tsx
• frontend/app/account-settings.tsx
• frontend/app/listings/[id].tsx

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

backend/convex/blocks.ts (1)

110-112: Docstring behavior mismatch for hidden profiles.

The comment says hidden profiles are omitted, but the implementation still returns a row ("Unavailable user"). Update wording to match runtime behavior.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@backend/convex/blocks.ts` around lines 110 - 112, The docstring above the
blocks query/comment stating "Omits hidden profiles but still returns blockedId"
doesn't match runtime behavior—hidden profiles are not omitted and are returned
as an "Unavailable user" placeholder row; update the comment text (the block
starting "Users the current account has blocked (for settings / management UI).
Sorted by display name. Omits hidden profiles but still returns blockedId so
they can be unblocked.") to state that hidden profiles are included as an
"Unavailable user" placeholder (while still returning blockedId) so the
docstring matches the implementation.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@backend/convex/blocks.ts`:
- Around line 125-128: The lookup of a profile uses .unique() on the by_userId
index (ctx.db.query('profiles').withIndex('by_userId', (q) => q.eq('userId',
block.blockedId)).unique()) but that index isn't guaranteed DB-unique; replace
.unique() with .first() to defensively return the first matching profile instead
of throwing on accidental duplicates, keeping the existing null-handling logic
intact (or optionally add a DB migration to enforce uniqueness if you prefer a
strict constraint).

---

Nitpick comments:
In `@backend/convex/blocks.ts`:
- Around line 110-112: The docstring above the blocks query/comment stating
"Omits hidden profiles but still returns blockedId" doesn't match runtime
behavior—hidden profiles are not omitted and are returned as an "Unavailable
user" placeholder row; update the comment text (the block starting "Users the
current account has blocked (for settings / management UI). Sorted by display
name. Omits hidden profiles but still returns blockedId so they can be
unblocked.") to state that hidden profiles are included as an "Unavailable user"
placeholder (while still returning blockedId) so the docstring matches the
implementation.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 0ef507e5-c0ac-4fea-ad2c-8c0f87d08f88

📥 Commits

Reviewing files that changed from the base of the PR and between a016a5b and ee844e8.

📒 Files selected for processing (4)

• backend/convex/blocks.ts
• frontend/app/account-settings.tsx
• frontend/ios/PolyBuys.xcodeproj/project.xcworkspace/contents.xcworkspacedata
• frontend/ios/PolyBuys.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist

✅ Files skipped from review due to trivial changes (3)

• frontend/ios/PolyBuys.xcodeproj/project.xcworkspace/contents.xcworkspacedata
• frontend/ios/PolyBuys.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist
• frontend/app/account-settings.tsx

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@backend/convex/blocks.ts`:
- Around line 109-112: Update the doc comment sentence that currently reads
"Users the current account has blocked" to the grammatically correct "Users that
the current account has blocked" in the comment block above the relevant export
in backend/convex/blocks.ts (the comment describing blocked users / settings
management UI and placeholder name behavior).
- Around line 118-144: The loop performs a serial DB call per block; instead
collect unique blockedIds from the `blocks` result, fetch all matching
`profiles` in a single batched query (use
`ctx.db.query('profiles').withIndex('by_userId', q => q.in('userId',
blockedIds)).collect()`), build a map from profile.userId to profile, then
iterate `blocks` to populate `rows` using the map (fall back to 'Unknown user'
or 'Unavailable user' when no profile or profile.isHidden). Replace
per-iteration `ctx.db.query('profiles').first()` calls with this batched
approach in the same function where `blocks`, `rows`, and `blockedId` are used.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 9bf4d533-c7ab-42ae-94c0-0157b458900a

📥 Commits

Reviewing files that changed from the base of the PR and between ee844e8 and 85651ae.

📒 Files selected for processing (2)

• backend/convex/blocks.ts
• frontend/app/account-settings.tsx

🚧 Files skipped from review as they are similar to previous changes (1)

• frontend/app/account-settings.tsx

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Avoid serial DB round-trips in the blocked-user loop.

The loop does one awaited profiles query per block (Line 125–129), so latency grows linearly and can degrade quickly for users with many blocks. Fetch profiles concurrently and iterate unique blocked IDs.

⚡ Proposed refactor

-    const rows: BlockedUserListRow[] = [];
-
-    for (const block of blocks) {
-      const profile = await ctx.db
-        .query('profiles')
-        .withIndex('by_userId', (q) => q.eq('userId', block.blockedId))
-        .first();
+    const blockedIds = [...new Set(blocks.map((b) => b.blockedId))];
+    const profilesByBlockedId = new Map(
+      await Promise.all(
+        blockedIds.map(async (blockedId) => {
+          const profile = await ctx.db
+            .query('profiles')
+            .withIndex('by_userId', (q) => q.eq('userId', blockedId))
+            .first();
+          return [blockedId, profile] as const;
+        })
+      )
+    );
+
+    const rows: BlockedUserListRow[] = [];
+    for (const blockedId of blockedIds) {
+      const profile = profilesByBlockedId.get(blockedId);
 
       if (!profile) {
-        rows.push({ blockedId: block.blockedId, name: 'Unknown user' });
+        rows.push({ blockedId, name: 'Unknown user' });
         continue;
       }
       if (profile.isHidden) {
-        rows.push({ blockedId: block.blockedId, name: 'Unavailable user' });
+        rows.push({ blockedId, name: 'Unavailable user' });
         continue;
       }
       rows.push({
-        blockedId: block.blockedId,
+        blockedId,
         name: profile.name,
         major: profile.major,
       });
     }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@backend/convex/blocks.ts` around lines 118 - 144, The loop performs a serial
DB call per block; instead collect unique blockedIds from the `blocks` result,
fetch all matching `profiles` in a single batched query (use
`ctx.db.query('profiles').withIndex('by_userId', q => q.in('userId',
blockedIds)).collect()`), build a map from profile.userId to profile, then
iterate `blocks` to populate `rows` using the map (fall back to 'Unknown user'
or 'Unavailable user' when no profile or profile.isHidden). Replace
per-iteration `ctx.db.query('profiles').first()` calls with this batched
approach in the same function where `blocks`, `rows`, and `blockedId` are used.