core-lead/molecule-core
1
0
Fork 0
forked from molecule-ai/molecule-core
Code Pull Requests Activity
e9d111dbc6
molecule-core/tests/e2e
History
Hongming Wang e9d111dbc6 fix(e2e): send X-Molecule-Org-Id on tenant calls 
TenantGuard middleware on the tenant platform returns 404 (not 403,
by design — avoid leaking tenant existence to org scanners) when
requests lack X-Molecule-Org-Id matching MOLECULE_ORG_ID. Harness
hit this on POST /workspaces (section 5) despite having a valid
Authorization bearer.

- Capture org_id from admin-create response
- Send X-Molecule-Org-Id on every tenant_call

Confirmed via manual repro 2026-04-21T14:56Z: curl with Bearer but
no org-id header → 404; with both headers → expected route reached.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 07:59:25 -07:00
..
_extract_token.py chore: apply round-7 review nits 2026-04-13 17:08:45 -07:00
_lib.sh feat(platform): GET /admin/workspaces/:id/test-token for E2E (#6) 2026-04-14 09:35:26 -07:00
STAGING_SAAS_E2E.md feat(e2e): pivot to admin-bearer-only auth + add sanity self-check workflow 2026-04-21 04:34:11 -07:00
test_a2a_e2e.sh initial commit — Molecule AI platform 2026-04-13 11:55:37 -07:00
test_activity_e2e.sh chore: apply code-review round-6 suggestions 2026-04-13 17:08:45 -07:00
test_api.sh fix(e2e): stop asserting current_task on public workspace GET (#966) 2026-04-19 02:19:15 -07:00
test_claude_code_e2e.sh chore: final open-source cleanup — binary, stale paths, private refs 2026-04-18 00:38:55 -07:00
test_comprehensive_e2e.sh fix(e2e): make provisioning-status assertions robust to CI environment 2026-04-13 17:31:07 -07:00
test_saas_tenant.sh chore: final open-source cleanup — binary, stale paths, private refs 2026-04-18 00:38:55 -07:00
test_staging_full_saas.sh fix(e2e): send X-Molecule-Org-Id on tenant calls 2026-04-21 07:59:25 -07:00