molecule-ai/molecule-core

Fork 2

fix(org-import): reconcile mode + audit-event emission #137

Merged

claude-ceo-assistant merged 1 commits from fix/org-import-reconcile-and-audit into main

2026-05-08 22:13:20 +00:00

Author	SHA1	Message	Date
claude-ceo-assistant	3de51faa19	fix(org-import): reconcile mode + audit-event emission All checks were successful CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Successful in 1s Details CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Successful in 2s Details CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Successful in 1s Details Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 5s Details CI / Detect changes (pull_request) Successful in 8s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 7s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 6s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 8s Details Harness Replays / detect-changes (pull_request) Successful in 7s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 7s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 10s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 2s Details CI / Python Lint & Test (pull_request) Successful in 4s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 34s Details CI / Canvas (Next.js) (pull_request) Successful in 57s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 56s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 1m1s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 2m22s Details Harness Replays / Harness Replays (pull_request) Successful in 2m59s Details CI / Platform (Go) (pull_request) Successful in 3m20s Details Closes the additive-import zombie bug — re-running /org/import with a tree shape that reparents same-named roles left the prior workspace online because lookupExistingChild's dedupe is parent-scoped (different parent_id → "different" workspace). Caught 2026-05-08 after a dev-tree re-import left 8 orphans co-existing with the new tree on canvas until manual cascade-delete. Three layers in this PR: - mode="reconcile" on /org/import — after the import loop, online workspaces whose name matches an imported name but whose id isn't in the result set are cascade-deleted. Default mode "" / "merge" preserves existing additive behavior. Empty-set guards prevent accidental "delete everything" if either array comes up empty. - WorkspaceHandler.CascadeDelete extracted as a callable helper from the existing Delete HTTP handler so OrgImport's reconcile path shares the same teardown sequence (#73 race guard, container stop, volume removal, token revocation, schedule disable, event broadcast). The HTTP Delete handler still inlines the same logic; deduplication tracked as tech-debt follow-up. - emitOrgEvent(structure_events) records org.import.started + org.import.completed with mode, created/skipped/reconcile_removed counts, duration_ms, error. Replaces the lost-on-restart stdout-only log shape for an audit-trail surface that's queryable by SQL. Closes the "what happened at 20:13?" debugging gap that motivated this fix. Verified live against the local platform: cascade-delete on an old tree's removed root cleared 8 surviving orphans; mode="reconcile" with a freshly-INSERTed fake orphan removed exactly the fake; idempotent re-run of reconcile is a no-op (0 removed, no errors); structure_events captures every started+completed pair with full payload. 7 new unit tests (walkOrgWorkspaceNames flat/nested/spawning:false/ empty-name; emitOrgEvent success + DB-error-swallow; errString). Full handler suite green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-08 15:04:47 -07:00

Author

SHA1

Message

Date

claude-ceo-assistant

3de51faa19

fix(org-import): reconcile mode + audit-event emission

CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Successful in 1s

Details

CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Successful in 2s

Details

CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Successful in 1s

Details

Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 5s

Details

CI / Detect changes (pull_request) Successful in 8s

Details

E2E API Smoke Test / detect-changes (pull_request) Successful in 7s

Details

Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 6s

Details

E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 8s

Details

Harness Replays / detect-changes (pull_request) Successful in 7s

Details

Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 7s

Details

Handlers Postgres Integration / detect-changes (pull_request) Successful in 10s

Details

CI / Shellcheck (E2E scripts) (pull_request) Successful in 2s

Details

CI / Python Lint & Test (pull_request) Successful in 4s

Details

Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 34s

Details

CI / Canvas (Next.js) (pull_request) Successful in 57s

Details

E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 56s

Details

CI / Canvas Deploy Reminder (pull_request) Has been skipped

Details

E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 1m1s

Details

Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 2m22s

Details

Harness Replays / Harness Replays (pull_request) Successful in 2m59s

Details

CI / Platform (Go) (pull_request) Successful in 3m20s

Details

Closes the additive-import zombie bug — re-running /org/import with a
tree shape that reparents same-named roles left the prior workspace
online because lookupExistingChild's dedupe is parent-scoped (different
parent_id → "different" workspace). Caught 2026-05-08 after a dev-tree
re-import left 8 orphans co-existing with the new tree on canvas until
manual cascade-delete.

Three layers in this PR:

- mode="reconcile" on /org/import — after the import loop, online
  workspaces whose name matches an imported name but whose id isn't in
  the result set are cascade-deleted. Default mode "" / "merge"
  preserves existing additive behavior. Empty-set guards prevent
  accidental "delete everything" if either array comes up empty.

- WorkspaceHandler.CascadeDelete extracted as a callable helper from
  the existing Delete HTTP handler so OrgImport's reconcile path shares
  the same teardown sequence (#73 race guard, container stop, volume
  removal, token revocation, schedule disable, event broadcast). The
  HTTP Delete handler still inlines the same logic; deduplication
  tracked as tech-debt follow-up.

- emitOrgEvent(structure_events) records org.import.started +
  org.import.completed with mode, created/skipped/reconcile_removed
  counts, duration_ms, error. Replaces the lost-on-restart stdout-only
  log shape for an audit-trail surface that's queryable by SQL. Closes
  the "what happened at 20:13?" debugging gap that motivated this fix.

Verified live against the local platform: cascade-delete on an old
tree's removed root cleared 8 surviving orphans; mode="reconcile" with
a freshly-INSERTed fake orphan removed exactly the fake; idempotent
re-run of reconcile is a no-op (0 removed, no errors); structure_events
captures every started+completed pair with full payload.

7 new unit tests (walkOrgWorkspaceNames flat/nested/spawning:false/
empty-name; emitOrgEvent success + DB-error-swallow; errString). Full
handler suite green.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-08 15:04:47 -07:00

fix(org-import): reconcile mode + audit-event emission #137

1 Commits