molecule-ai/molecule-core
51
0
Fork 2
Code Issues 176 Pull Requests 160 Actions 22 Packages Projects Releases Wiki Activity

fix(handlers): make PatchAbilities atomic when both fields supplied (#2131)
ci-arm64-advisory / fast-checks (pull_request) Waiting to run
Details
Lint shellcheck (arm64 pilot) / shellcheck-arm64 (pilot) (pull_request) Failing after 1s
Details
CI / Python Lint & Test (pull_request) Successful in 4s
Details
CI / Detect changes (pull_request) Successful in 9s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 8s
Details
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 7s
Details
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 11s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 6s
Details
Lint forbidden tenant-env keys / Scan for repo-host token write into tenant workspace surface (pull_request) Successful in 5s
Details
Lint forbidden tenant-env keys / Scan workspace_secrets writers for forbidden env keys (pull_request) Successful in 6s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 5s
Details
security-review / approved (pull_request_target) Failing after 4s
Details
qa-review / approved (pull_request_target) Failing after 4s
Details
E2E Chat / detect-changes (pull_request) Successful in 25s
Details
Harness Replays / detect-changes (pull_request) Successful in 21s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 54s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 1s
Details
CI / Canvas (Next.js) (pull_request) Successful in 6s
Details
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 13s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 54s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 1m4s
Details
E2E Chat / E2E Chat (pull_request) Successful in 2s
Details
Harness Replays / Harness Replays (pull_request) Successful in 1s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
sop-checklist / review-refire (pull_request_target) Has been skipped
Details
sop-tier-check / tier-check (pull_request_target) Successful in 6s
Details
sop-checklist / all-items-acked (pull_request) acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4
Details
sop-checklist / na-declarations (pull_request) N/A: (none)
Details
gate-check-v3 / gate-check (pull_request_target) Successful in 19s
Details
sop-checklist / all-items-acked (pull_request_target) Successful in 24s
Details
CI / Platform (Go) (pull_request) Successful in 8m48s
Details
CI / all-required (pull_request) Successful in 2s
Details
sop-tier-check / tier-check (pull_request_review) Successful in 5s
Details
audit-force-merge / audit (pull_request_target) Successful in 5s
Details

Browse Source 
Previously PatchAbilities applied broadcast_enabled and
talk_to_user_enabled with two separate UPDATE statements. If the first
succeeded and the second failed, the workspace was left in a partial/
ambiguous capability state.

When both fields are present in the PATCH body, apply them in a single
combined UPDATE so the mutation is all-or-nothing. Single-field updates
continue to use the original per-column statements.

Updates the existing BothFields test to expect one combined UPDATE, and
replaces the old BothFields_BroadcastFails test with
BothFields_UpdateError which validates the atomic path.

Fixes #2131

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Molecule AI Dev Engineer A (Kimi)
2026-06-02 20:54:52 +00:00
parent 58dc5f7b46
commit 40d0493556
2 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
workspace-server/internal/handlers/workspace_abilities.go
+15 -4
View File
@@ -56,7 +56,20 @@ func PatchAbilities(c *gin.Context) {
return
}
if body.BroadcastEnabled != nil {
// Atomic update: when both fields are supplied, apply them in one SQL
// statement so the request is all-or-nothing (#2131). A partial mutation
// (e.g. broadcast_enabled updated but talk_to_user_enabled failing) would
// leave the workspace in an ambiguous capability state.
if body.BroadcastEnabled != nil && body.TalkToUserEnabled != nil {
if _, err := db.DB.ExecContext(ctx,
`UPDATE workspaces SET broadcast_enabled = $2, talk_to_user_enabled = $3, updated_at = now() WHERE id = $1`,
id, *body.BroadcastEnabled, *body.TalkToUserEnabled,
); err != nil {
log.Printf("PatchAbilities both-fields for %s: %v", id, err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "update failed"})
return
}
} else if body.BroadcastEnabled != nil {
if _, err := db.DB.ExecContext(ctx,
`UPDATE workspaces SET broadcast_enabled = $2, updated_at = now() WHERE id = $1`,
id, *body.BroadcastEnabled,
@@ -65,9 +78,7 @@ func PatchAbilities(c *gin.Context) {
c.JSON(http.StatusInternalServerError, gin.H{"error": "update failed"})
return
}
}
if body.TalkToUserEnabled != nil {
} else if body.TalkToUserEnabled != nil {
if _, err := db.DB.ExecContext(ctx,
`UPDATE workspaces SET talk_to_user_enabled = $2, updated_at = now() WHERE id = $1`,
id, *body.TalkToUserEnabled,
workspace-server/internal/handlers/workspace_abilities_test.go
+11 -8
View File
@@ -130,11 +130,8 @@ func TestPatchAbilities_BothFields(t *testing.T) {
mock.ExpectQuery(`SELECT EXISTS\(SELECT 1 FROM workspaces WHERE id = \$1 AND status != 'removed'\)`).
WithArgs(wsUUID1).
WillReturnRows(sqlmock.NewRows([]string{"exists"}).AddRow(true))
mock.ExpectExec(`UPDATE workspaces SET broadcast_enabled = \$2, updated_at = now\(\) WHERE id = \$1`).
WithArgs(wsUUID1, true).
WillReturnResult(sqlmock.NewResult(0, 1))
mock.ExpectExec(`UPDATE workspaces SET talk_to_user_enabled = \$2, updated_at = now\(\) WHERE id = \$1`).
WithArgs(wsUUID1, true).
mock.ExpectExec(`UPDATE workspaces SET broadcast_enabled = \$2, talk_to_user_enabled = \$3, updated_at = now\(\) WHERE id = \$1`).
WithArgs(wsUUID1, true, true).
WillReturnResult(sqlmock.NewResult(0, 1))
w := patchAbilitiesReq(t, wsUUID1, `{"broadcast_enabled":true,"talk_to_user_enabled":true}`)
@@ -182,19 +179,25 @@ func TestPatchAbilities_TalkToUserUpdateError(t *testing.T) {
}
}
func TestPatchAbilities_BothFields_BroadcastFails(t *testing.T) {
// TestPatchAbilities_BothFields_UpdateError — regression for #2131. When
// both fields are supplied the handler uses a single combined UPDATE. A
// failure of that UPDATE must leave the workspace unchanged (atomic).
func TestPatchAbilities_BothFields_UpdateError(t *testing.T) {
mock, cleanup := withMockDB(t)
defer cleanup()
mock.ExpectQuery(`SELECT EXISTS\(SELECT 1 FROM workspaces WHERE id = \$1 AND status != 'removed'\)`).
WithArgs(wsUUID1).
WillReturnRows(sqlmock.NewRows([]string{"exists"}).AddRow(true))
mock.ExpectExec(`UPDATE workspaces SET broadcast_enabled = \$2, updated_at = now\(\) WHERE id = \$1`).
WithArgs(wsUUID1, true).
mock.ExpectExec(`UPDATE workspaces SET broadcast_enabled = \$2, talk_to_user_enabled = \$3, updated_at = now\(\) WHERE id = \$1`).
WithArgs(wsUUID1, true, true).
WillReturnError(errors.New("disk full"))
w := patchAbilitiesReq(t, wsUUID1, `{"broadcast_enabled":true,"talk_to_user_enabled":true}`)
if w.Code != http.StatusInternalServerError {
t.Fatalf("expected 500, got %d: %s", w.Code, w.Body.String())
}
// Because only one UPDATE is issued, there is no partial-mutation
// path to assert against; sqlmock implicitly verifies no second
// exec occurred.
}