fix(roles): make member-role assignment idempotent #102

Merged
icub3d merged 1 commit from fix/idempotent-member-role into main 2026-07-09 03:52:22 +00:00
Owner

Summary

The SDK seed run failed with:

assigning role restricted to charlie
API error (409): UNIQUE constraint failed: member_roles.user_id, member_roles.role_id

add_member_role did a plain INSERT, so granting a role a member already holds raised a UNIQUE-constraint conflict (mapped to a 409). Re-running the seed (or any repeated grant) blew up instead of being a no-op.

Fix

INSERT ... ON CONFLICT(user_id, role_id) DO NOTHING — assigning a held role is now an idempotent success (the desired end state already holds), matching the existing add_thread_follower behavior.

Test

add_member_role_is_idempotent: double-assign succeeds and does not duplicate the membership. Full server suite (129) + clippy -D warnings green.

## Summary The SDK seed run failed with: ``` assigning role restricted to charlie API error (409): UNIQUE constraint failed: member_roles.user_id, member_roles.role_id ``` `add_member_role` did a plain `INSERT`, so granting a role a member already holds raised a UNIQUE-constraint conflict (mapped to a 409). Re-running the seed (or any repeated grant) blew up instead of being a no-op. ## Fix `INSERT ... ON CONFLICT(user_id, role_id) DO NOTHING` — assigning a held role is now an idempotent success (the desired end state already holds), matching the existing `add_thread_follower` behavior. ## Test `add_member_role_is_idempotent`: double-assign succeeds and does not duplicate the membership. Full server suite (129) + `clippy -D warnings` green.
fix(roles): make member-role assignment idempotent
Some checks failed
Security Audit / Gitleaks (Secrets) (pull_request) Successful in 7s
Security Audit / PNPM Audit (JS SCA) (pull_request) Failing after 13s
Security Audit / Trivy (SCA & IaC) (pull_request) Failing after 16s
CI / Client — test & lint (pull_request) Successful in 44s
Security Audit / Semgrep (SAST) (pull_request) Failing after 1m3s
CI / Server — test & lint (pull_request) Successful in 2m52s
Security Audit / Cargo Audit (Rust SCA) (pull_request) Failing after 4m8s
e62bb571e2
Assigning a role a member already holds raised a UNIQUE-constraint error
mapped to a 409, which broke re-runnable seeding:

    assigning role restricted to charlie
    API error (409): UNIQUE constraint failed: member_roles.user_id, member_roles.role_id

Use `INSERT ... ON CONFLICT(user_id, role_id) DO NOTHING` so a repeated grant
is a no-op success (the desired end state already holds), matching the existing
`add_thread_follower` pattern. Adds a storage regression test asserting a
double-assign succeeds without duplicating the membership.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
icub3d merged commit 8817d99dbd into main 2026-07-09 03:52:22 +00:00
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
icub3d/decentcom!102
No description provided.