forked from molecule-ai/molecule-core
0653e78262
Found via deep workspace inspection during a maintenance cycle: Security Auditor's hourly cron correctly tries to delegate_task its audit_summary to PM, the platform proxy rejects with "access denied: workspaces cannot communicate per hierarchy", the agent falls back to delegating to its direct parent (Dev Lead), and PM's category_routing dispatcher (#75) is never reached. This breaks the audit-routing contract end-to-end. Every audit cycle was landing on Dev Lead instead of being fanned out via PM's category_routing to the right dev role (security → BE+DevOps, ui/ux → FE, etc). ## Root cause `registry.CanCommunicate()` only allowed: - self → self - siblings (same parent) - root-level siblings - direct parent → child - direct child → parent A grandchild → grandparent (Security Auditor → PM, where parent is Dev Lead and grandparent is PM) was DENIED. The original design wanted strict hierarchy to prevent rogue horizontal A2A — but it also broke the fundamental "child can talk to its leadership chain" pattern that any audit/escalation flow needs. ## Fix Generalise to ancestor ↔ descendant. Any workspace can talk to any ancestor (any depth) and any descendant (any depth). Direct parent/child remains a fast path that avoids the walk. Sibling rules unchanged. Cousins still cannot directly communicate (would need to go through their shared ancestor). Cross-subtree A2A is still rejected. Implementation: `isAncestorOf(ancestorID, childID)` walks the parent chain in Go with a maxAncestorWalk=32 safety cap so a malformed cycle in the workspaces table cannot loop forever. One DB lookup per step. For a typical 3-deep tree, this adds 1-2 extra lookups vs the old direct-parent fast path. Could be optimized to a single recursive CTE if profiling shows it matters; not now. ## Tests - TestCanCommunicate_Denied_Grandchild → REPLACED with two new tests: - TestCanCommunicate_Allowed_GrandparentToGrandchild - TestCanCommunicate_Allowed_GrandchildToGrandparent (the actual bug) - TestCanCommunicate_Allowed_DeepAncestor — 4-level chain - TestCanCommunicate_Denied_UnrelatedAncestors — ensures cross-subtree walks still terminate denied - TestCanCommunicate_Denied_DifferentParents — extended with the walk lookup mocks so sqlmock doesn't log warnings - TestCanCommunicate_Denied_CousinToRoot — same All 13 tests pass clean. The previous direct parent/child / siblings / self tests are unchanged (fast paths preserved). ## Why platform-level Per the "platform-wide fixes are mine to ship" rule. Every org template hits the same broken audit-routing chain — fixing it at the platform benefits all users, not just molecule-dev. This unblocks #50 (PM dispatcher prompt) and #75 (category_routing).
131 lines
4.0 KiB
Go
131 lines
4.0 KiB
Go
package registry
|
|
|
|
import (
|
|
"database/sql"
|
|
"log"
|
|
|
|
"github.com/Molecule-AI/molecule-monorepo/platform/internal/db"
|
|
)
|
|
|
|
// maxAncestorWalk caps the depth of the parent-chain walk in
|
|
// CanCommunicate. Org trees are realistically 3-5 deep
|
|
// (PM → Dev Lead → Backend Engineer is depth 3); 32 is a safety
|
|
// ceiling so a malformed cycle in the workspaces table can't loop
|
|
// forever.
|
|
const maxAncestorWalk = 32
|
|
|
|
type workspaceRef struct {
|
|
ID string
|
|
ParentID *string
|
|
}
|
|
|
|
func getWorkspaceRef(id string) (*workspaceRef, error) {
|
|
var ws workspaceRef
|
|
var parentID sql.NullString
|
|
err := db.DB.QueryRow(`SELECT id, parent_id FROM workspaces WHERE id = $1`, id).
|
|
Scan(&ws.ID, &parentID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if parentID.Valid {
|
|
ws.ParentID = &parentID.String
|
|
}
|
|
return &ws, nil
|
|
}
|
|
|
|
// isAncestorOf returns true if `ancestorID` is found anywhere on the
|
|
// parent-chain walk starting from `childID`. Walks at most maxAncestorWalk
|
|
// steps so a corrupt parent-cycle cannot loop forever. Returns false on any
|
|
// DB lookup error (logged) — fail-secure.
|
|
func isAncestorOf(ancestorID, childID string) bool {
|
|
current := childID
|
|
for i := 0; i < maxAncestorWalk; i++ {
|
|
ref, err := getWorkspaceRef(current)
|
|
if err != nil {
|
|
log.Printf("isAncestorOf: walk lookup %s: %v", current, err)
|
|
return false
|
|
}
|
|
if ref.ParentID == nil {
|
|
return false
|
|
}
|
|
if *ref.ParentID == ancestorID {
|
|
return true
|
|
}
|
|
current = *ref.ParentID
|
|
}
|
|
log.Printf("isAncestorOf: walk exceeded maxAncestorWalk=%d from %s — corrupt parent chain?",
|
|
maxAncestorWalk, childID)
|
|
return false
|
|
}
|
|
|
|
// CanCommunicate checks if two workspaces can talk to each other based on
|
|
// the org hierarchy. The rules:
|
|
//
|
|
// - self → self
|
|
// - siblings (same parent, including both root-level)
|
|
// - any ancestor → any descendant (e.g. PM → Backend Engineer)
|
|
// - any descendant → any ancestor (e.g. Security Auditor → PM)
|
|
//
|
|
// The third and fourth rules generalise the previous "direct parent ↔
|
|
// child" check. Originally this was strict 1-step parent/child only,
|
|
// which broke the audit-routing contract: Security Auditor (under Dev
|
|
// Lead, under PM) could not call delegate_task on PM to deliver an
|
|
// audit_summary, so it fell back to delegating to Dev Lead — bypassing
|
|
// PM's category_routing entirely.
|
|
//
|
|
// The relaxation preserves the hierarchy intent (no horizontal cross-team
|
|
// chatter — Frontend Engineer cannot directly message Backend Engineer
|
|
// unless they share a parent, which they do under Dev Lead) while
|
|
// unblocking the leadership-chain pattern that is fundamental to how
|
|
// audit summaries fan out across the org.
|
|
func CanCommunicate(callerID, targetID string) bool {
|
|
if callerID == targetID {
|
|
return true
|
|
}
|
|
|
|
caller, err := getWorkspaceRef(callerID)
|
|
if err != nil {
|
|
log.Printf("CanCommunicate: lookup caller %s: %v", callerID, err)
|
|
return false
|
|
}
|
|
target, err := getWorkspaceRef(targetID)
|
|
if err != nil {
|
|
log.Printf("CanCommunicate: lookup target %s: %v", targetID, err)
|
|
return false
|
|
}
|
|
|
|
// Siblings — same parent (including root-level where both have no parent)
|
|
if caller.ParentID != nil && target.ParentID != nil &&
|
|
*caller.ParentID == *target.ParentID {
|
|
return true
|
|
}
|
|
// Root-level siblings — both have no parent
|
|
if caller.ParentID == nil && target.ParentID == nil {
|
|
return true
|
|
}
|
|
|
|
// Direct parent → child (fast path; avoids the ancestor walk)
|
|
if target.ParentID != nil && caller.ID == *target.ParentID {
|
|
return true
|
|
}
|
|
|
|
// Direct child → parent (fast path)
|
|
if caller.ParentID != nil && target.ID == *caller.ParentID {
|
|
return true
|
|
}
|
|
|
|
// Distant ancestor → descendant: caller is somewhere up target's chain.
|
|
// Triggers extra DB lookups, only reached when the fast paths above didn't match.
|
|
if target.ParentID != nil && isAncestorOf(callerID, *target.ParentID) {
|
|
return true
|
|
}
|
|
|
|
// Distant descendant → ancestor: target is somewhere up caller's chain.
|
|
// (e.g. Security Auditor → PM, where Security Auditor's parent is Dev Lead.)
|
|
if caller.ParentID != nil && isAncestorOf(targetID, *caller.ParentID) {
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|