mirror of
https://github.com/multica-ai/multica.git
synced 2026-06-17 11:48:42 +02:00
1c91c2a3b2
* fix(security): scope DELETE/UpdateIssueStatus by workspace_id Add workspace_id to the WHERE clause of DeleteIssue, DeleteComment, DeleteProject, DeleteSkill, DeleteChatSession, and UpdateIssueStatus as SQL-layer defense-in-depth. Handler loaders (loadIssueForUser / loadSkillForUser / etc.) already enforce workspace membership today, so this is not patching a known live vuln. But the tenant invariant is currently a handler-layer guarantee — a future loader bypass or a new caller skipping the loader would be silently catastrophic. Making workspace_id part of the SQL identity collapses the trust surface to the schema itself: forging a sibling-workspace UUID becomes ErrNoRows instead of a cross-tenant write. Reference: incident #1661 (util.ParseUUID silent zero UUID returning 204 on a DELETE that matched zero rows) — same class of failure, prevented at a different layer. Scope: - 5 DELETE queries: issue, comment, project, skill, chat_session - 1 simple UPDATE: UpdateIssueStatus (2 narg, no SET ordering risk) - All callers updated (handlers, service, runtime sweeper fallback) Multi-narg UPDATE queries (UpdateIssue, UpdateProject, UpdateSkill, UpdateComment, UpdateChatSession*) are deferred to a follow-up to keep this change reviewable: each needs its narg pinning shifted and per-caller verification. sqlc was regenerated by hand (no local sqlc toolchain); CI's backend job is the authoritative compile check. * test(security): add workspace_scope_guard regression test Locks in the SQL-layer tenant guard added in this PR. For each of the 6 scoped queries (DeleteIssue, DeleteComment, DeleteProject, DeleteSkill, DeleteChatSession, UpdateIssueStatus), creates the resource in workspace A, invokes the query with a foreign workspace UUID, and asserts the row is untouched (0 rows affected with no error for :exec; pgx.ErrNoRows for :one). A future refactor that drops the workspace_id arg from any of these queries will now fail loudly instead of silently regressing. Includes a sanity sub-test that the in-workspace path still mutates, so a buggy guard that returns no-op for every call would not pass. Co-Authored-By: Claude Opus 4 <noreply@anthropic.com> --------- Co-authored-by: Tom Qiao <tomqiaozc@users.noreply.github.com> Co-authored-by: Claude Opus 4 <noreply@anthropic.com>
548 lines
14 KiB
Go
548 lines
14 KiB
Go
// Code generated by sqlc. DO NOT EDIT.
|
|
// versions:
|
|
// sqlc v1.31.1
|
|
// source: skill.sql
|
|
|
|
package db
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/jackc/pgx/v5/pgtype"
|
|
)
|
|
|
|
const addAgentSkill = `-- name: AddAgentSkill :exec
|
|
INSERT INTO agent_skill (agent_id, skill_id)
|
|
VALUES ($1, $2)
|
|
ON CONFLICT DO NOTHING
|
|
`
|
|
|
|
type AddAgentSkillParams struct {
|
|
AgentID pgtype.UUID `json:"agent_id"`
|
|
SkillID pgtype.UUID `json:"skill_id"`
|
|
}
|
|
|
|
func (q *Queries) AddAgentSkill(ctx context.Context, arg AddAgentSkillParams) error {
|
|
_, err := q.db.Exec(ctx, addAgentSkill, arg.AgentID, arg.SkillID)
|
|
return err
|
|
}
|
|
|
|
const createSkill = `-- name: CreateSkill :one
|
|
INSERT INTO skill (workspace_id, name, description, content, config, created_by)
|
|
VALUES ($1, $2, $3, $4, $5, $6)
|
|
RETURNING id, workspace_id, name, description, content, config, created_by, created_at, updated_at
|
|
`
|
|
|
|
type CreateSkillParams struct {
|
|
WorkspaceID pgtype.UUID `json:"workspace_id"`
|
|
Name string `json:"name"`
|
|
Description string `json:"description"`
|
|
Content string `json:"content"`
|
|
Config []byte `json:"config"`
|
|
CreatedBy pgtype.UUID `json:"created_by"`
|
|
}
|
|
|
|
func (q *Queries) CreateSkill(ctx context.Context, arg CreateSkillParams) (Skill, error) {
|
|
row := q.db.QueryRow(ctx, createSkill,
|
|
arg.WorkspaceID,
|
|
arg.Name,
|
|
arg.Description,
|
|
arg.Content,
|
|
arg.Config,
|
|
arg.CreatedBy,
|
|
)
|
|
var i Skill
|
|
err := row.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Content,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
)
|
|
return i, err
|
|
}
|
|
|
|
const deleteSkill = `-- name: DeleteSkill :exec
|
|
DELETE FROM skill WHERE id = $1 AND workspace_id = $2
|
|
`
|
|
|
|
type DeleteSkillParams struct {
|
|
ID pgtype.UUID `json:"id"`
|
|
WorkspaceID pgtype.UUID `json:"workspace_id"`
|
|
}
|
|
|
|
// Defense-in-depth: workspace_id is a SQL-layer tenant guard. See DeleteIssue.
|
|
func (q *Queries) DeleteSkill(ctx context.Context, arg DeleteSkillParams) error {
|
|
_, err := q.db.Exec(ctx, deleteSkill, arg.ID, arg.WorkspaceID)
|
|
return err
|
|
}
|
|
|
|
const deleteSkillFile = `-- name: DeleteSkillFile :exec
|
|
DELETE FROM skill_file WHERE id = $1
|
|
`
|
|
|
|
func (q *Queries) DeleteSkillFile(ctx context.Context, id pgtype.UUID) error {
|
|
_, err := q.db.Exec(ctx, deleteSkillFile, id)
|
|
return err
|
|
}
|
|
|
|
const deleteSkillFilesBySkill = `-- name: DeleteSkillFilesBySkill :exec
|
|
DELETE FROM skill_file WHERE skill_id = $1
|
|
`
|
|
|
|
func (q *Queries) DeleteSkillFilesBySkill(ctx context.Context, skillID pgtype.UUID) error {
|
|
_, err := q.db.Exec(ctx, deleteSkillFilesBySkill, skillID)
|
|
return err
|
|
}
|
|
|
|
const getSkill = `-- name: GetSkill :one
|
|
SELECT id, workspace_id, name, description, content, config, created_by, created_at, updated_at FROM skill
|
|
WHERE id = $1
|
|
`
|
|
|
|
func (q *Queries) GetSkill(ctx context.Context, id pgtype.UUID) (Skill, error) {
|
|
row := q.db.QueryRow(ctx, getSkill, id)
|
|
var i Skill
|
|
err := row.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Content,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
)
|
|
return i, err
|
|
}
|
|
|
|
const getSkillByWorkspaceAndName = `-- name: GetSkillByWorkspaceAndName :one
|
|
SELECT id, workspace_id, name, description, content, config, created_by, created_at, updated_at FROM skill
|
|
WHERE workspace_id = $1 AND name = $2
|
|
`
|
|
|
|
type GetSkillByWorkspaceAndNameParams struct {
|
|
WorkspaceID pgtype.UUID `json:"workspace_id"`
|
|
Name string `json:"name"`
|
|
}
|
|
|
|
// Used by agent-template materialization to implement find-or-create: when a
|
|
// template references a skill by name that already exists in the workspace,
|
|
// reuse the existing skill_id rather than INSERT (which would fail the
|
|
// UNIQUE(workspace_id, name) constraint from migration 008).
|
|
func (q *Queries) GetSkillByWorkspaceAndName(ctx context.Context, arg GetSkillByWorkspaceAndNameParams) (Skill, error) {
|
|
row := q.db.QueryRow(ctx, getSkillByWorkspaceAndName, arg.WorkspaceID, arg.Name)
|
|
var i Skill
|
|
err := row.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Content,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
)
|
|
return i, err
|
|
}
|
|
|
|
const getSkillFile = `-- name: GetSkillFile :one
|
|
SELECT id, skill_id, path, content, created_at, updated_at FROM skill_file
|
|
WHERE id = $1
|
|
`
|
|
|
|
func (q *Queries) GetSkillFile(ctx context.Context, id pgtype.UUID) (SkillFile, error) {
|
|
row := q.db.QueryRow(ctx, getSkillFile, id)
|
|
var i SkillFile
|
|
err := row.Scan(
|
|
&i.ID,
|
|
&i.SkillID,
|
|
&i.Path,
|
|
&i.Content,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
)
|
|
return i, err
|
|
}
|
|
|
|
const getSkillInWorkspace = `-- name: GetSkillInWorkspace :one
|
|
SELECT id, workspace_id, name, description, content, config, created_by, created_at, updated_at FROM skill
|
|
WHERE id = $1 AND workspace_id = $2
|
|
`
|
|
|
|
type GetSkillInWorkspaceParams struct {
|
|
ID pgtype.UUID `json:"id"`
|
|
WorkspaceID pgtype.UUID `json:"workspace_id"`
|
|
}
|
|
|
|
func (q *Queries) GetSkillInWorkspace(ctx context.Context, arg GetSkillInWorkspaceParams) (Skill, error) {
|
|
row := q.db.QueryRow(ctx, getSkillInWorkspace, arg.ID, arg.WorkspaceID)
|
|
var i Skill
|
|
err := row.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Content,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
)
|
|
return i, err
|
|
}
|
|
|
|
const listAgentSkillSummaries = `-- name: ListAgentSkillSummaries :many
|
|
SELECT s.id, s.workspace_id, s.name, s.description, s.config, s.created_by, s.created_at, s.updated_at
|
|
FROM skill s
|
|
JOIN agent_skill ask ON ask.skill_id = s.id
|
|
WHERE ask.agent_id = $1
|
|
ORDER BY s.name ASC
|
|
`
|
|
|
|
type ListAgentSkillSummariesRow struct {
|
|
ID pgtype.UUID `json:"id"`
|
|
WorkspaceID pgtype.UUID `json:"workspace_id"`
|
|
Name string `json:"name"`
|
|
Description string `json:"description"`
|
|
Config []byte `json:"config"`
|
|
CreatedBy pgtype.UUID `json:"created_by"`
|
|
CreatedAt pgtype.Timestamptz `json:"created_at"`
|
|
UpdatedAt pgtype.Timestamptz `json:"updated_at"`
|
|
}
|
|
|
|
// Summary variant for the agent skills list endpoint — omits `content` for
|
|
// the same reason as ListSkillSummariesByWorkspace.
|
|
func (q *Queries) ListAgentSkillSummaries(ctx context.Context, agentID pgtype.UUID) ([]ListAgentSkillSummariesRow, error) {
|
|
rows, err := q.db.Query(ctx, listAgentSkillSummaries, agentID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer rows.Close()
|
|
items := []ListAgentSkillSummariesRow{}
|
|
for rows.Next() {
|
|
var i ListAgentSkillSummariesRow
|
|
if err := rows.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
items = append(items, i)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return items, nil
|
|
}
|
|
|
|
const listAgentSkills = `-- name: ListAgentSkills :many
|
|
|
|
SELECT s.id, s.workspace_id, s.name, s.description, s.content, s.config, s.created_by, s.created_at, s.updated_at FROM skill s
|
|
JOIN agent_skill ask ON ask.skill_id = s.id
|
|
WHERE ask.agent_id = $1
|
|
ORDER BY s.name ASC
|
|
`
|
|
|
|
// Agent-Skill junction
|
|
func (q *Queries) ListAgentSkills(ctx context.Context, agentID pgtype.UUID) ([]Skill, error) {
|
|
rows, err := q.db.Query(ctx, listAgentSkills, agentID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer rows.Close()
|
|
items := []Skill{}
|
|
for rows.Next() {
|
|
var i Skill
|
|
if err := rows.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Content,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
items = append(items, i)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return items, nil
|
|
}
|
|
|
|
const listAgentSkillsByWorkspace = `-- name: ListAgentSkillsByWorkspace :many
|
|
SELECT ask.agent_id, s.id, s.name, s.description
|
|
FROM agent_skill ask
|
|
JOIN skill s ON s.id = ask.skill_id
|
|
WHERE s.workspace_id = $1
|
|
ORDER BY s.name ASC
|
|
`
|
|
|
|
type ListAgentSkillsByWorkspaceRow struct {
|
|
AgentID pgtype.UUID `json:"agent_id"`
|
|
ID pgtype.UUID `json:"id"`
|
|
Name string `json:"name"`
|
|
Description string `json:"description"`
|
|
}
|
|
|
|
func (q *Queries) ListAgentSkillsByWorkspace(ctx context.Context, workspaceID pgtype.UUID) ([]ListAgentSkillsByWorkspaceRow, error) {
|
|
rows, err := q.db.Query(ctx, listAgentSkillsByWorkspace, workspaceID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer rows.Close()
|
|
items := []ListAgentSkillsByWorkspaceRow{}
|
|
for rows.Next() {
|
|
var i ListAgentSkillsByWorkspaceRow
|
|
if err := rows.Scan(
|
|
&i.AgentID,
|
|
&i.ID,
|
|
&i.Name,
|
|
&i.Description,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
items = append(items, i)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return items, nil
|
|
}
|
|
|
|
const listSkillFiles = `-- name: ListSkillFiles :many
|
|
|
|
SELECT id, skill_id, path, content, created_at, updated_at FROM skill_file
|
|
WHERE skill_id = $1
|
|
ORDER BY path ASC
|
|
`
|
|
|
|
// Skill File CRUD
|
|
func (q *Queries) ListSkillFiles(ctx context.Context, skillID pgtype.UUID) ([]SkillFile, error) {
|
|
rows, err := q.db.Query(ctx, listSkillFiles, skillID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer rows.Close()
|
|
items := []SkillFile{}
|
|
for rows.Next() {
|
|
var i SkillFile
|
|
if err := rows.Scan(
|
|
&i.ID,
|
|
&i.SkillID,
|
|
&i.Path,
|
|
&i.Content,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
items = append(items, i)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return items, nil
|
|
}
|
|
|
|
const listSkillSummariesByWorkspace = `-- name: ListSkillSummariesByWorkspace :many
|
|
SELECT id, workspace_id, name, description, config, created_by, created_at, updated_at
|
|
FROM skill
|
|
WHERE workspace_id = $1
|
|
ORDER BY name ASC
|
|
`
|
|
|
|
type ListSkillSummariesByWorkspaceRow struct {
|
|
ID pgtype.UUID `json:"id"`
|
|
WorkspaceID pgtype.UUID `json:"workspace_id"`
|
|
Name string `json:"name"`
|
|
Description string `json:"description"`
|
|
Config []byte `json:"config"`
|
|
CreatedBy pgtype.UUID `json:"created_by"`
|
|
CreatedAt pgtype.Timestamptz `json:"created_at"`
|
|
UpdatedAt pgtype.Timestamptz `json:"updated_at"`
|
|
}
|
|
|
|
// Same as ListSkillsByWorkspace but omits the SKILL.md `content` column. Used
|
|
// by list endpoints (CLI table, web list page) where the body is never read;
|
|
// shipping it everywhere blew up payload size on workspaces with many skills
|
|
// and caused 15s CLI timeouts from high-latency regions (GH multica-ai/multica#2174).
|
|
func (q *Queries) ListSkillSummariesByWorkspace(ctx context.Context, workspaceID pgtype.UUID) ([]ListSkillSummariesByWorkspaceRow, error) {
|
|
rows, err := q.db.Query(ctx, listSkillSummariesByWorkspace, workspaceID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer rows.Close()
|
|
items := []ListSkillSummariesByWorkspaceRow{}
|
|
for rows.Next() {
|
|
var i ListSkillSummariesByWorkspaceRow
|
|
if err := rows.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
items = append(items, i)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return items, nil
|
|
}
|
|
|
|
const listSkillsByWorkspace = `-- name: ListSkillsByWorkspace :many
|
|
|
|
SELECT id, workspace_id, name, description, content, config, created_by, created_at, updated_at FROM skill
|
|
WHERE workspace_id = $1
|
|
ORDER BY name ASC
|
|
`
|
|
|
|
// Skill CRUD
|
|
func (q *Queries) ListSkillsByWorkspace(ctx context.Context, workspaceID pgtype.UUID) ([]Skill, error) {
|
|
rows, err := q.db.Query(ctx, listSkillsByWorkspace, workspaceID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer rows.Close()
|
|
items := []Skill{}
|
|
for rows.Next() {
|
|
var i Skill
|
|
if err := rows.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Content,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
items = append(items, i)
|
|
}
|
|
if err := rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return items, nil
|
|
}
|
|
|
|
const removeAgentSkill = `-- name: RemoveAgentSkill :exec
|
|
DELETE FROM agent_skill
|
|
WHERE agent_id = $1 AND skill_id = $2
|
|
`
|
|
|
|
type RemoveAgentSkillParams struct {
|
|
AgentID pgtype.UUID `json:"agent_id"`
|
|
SkillID pgtype.UUID `json:"skill_id"`
|
|
}
|
|
|
|
func (q *Queries) RemoveAgentSkill(ctx context.Context, arg RemoveAgentSkillParams) error {
|
|
_, err := q.db.Exec(ctx, removeAgentSkill, arg.AgentID, arg.SkillID)
|
|
return err
|
|
}
|
|
|
|
const removeAllAgentSkills = `-- name: RemoveAllAgentSkills :exec
|
|
DELETE FROM agent_skill WHERE agent_id = $1
|
|
`
|
|
|
|
func (q *Queries) RemoveAllAgentSkills(ctx context.Context, agentID pgtype.UUID) error {
|
|
_, err := q.db.Exec(ctx, removeAllAgentSkills, agentID)
|
|
return err
|
|
}
|
|
|
|
const updateSkill = `-- name: UpdateSkill :one
|
|
UPDATE skill SET
|
|
name = COALESCE($2, name),
|
|
description = COALESCE($3, description),
|
|
content = COALESCE($4, content),
|
|
config = COALESCE($5, config),
|
|
updated_at = now()
|
|
WHERE id = $1
|
|
RETURNING id, workspace_id, name, description, content, config, created_by, created_at, updated_at
|
|
`
|
|
|
|
type UpdateSkillParams struct {
|
|
ID pgtype.UUID `json:"id"`
|
|
Name pgtype.Text `json:"name"`
|
|
Description pgtype.Text `json:"description"`
|
|
Content pgtype.Text `json:"content"`
|
|
Config []byte `json:"config"`
|
|
}
|
|
|
|
func (q *Queries) UpdateSkill(ctx context.Context, arg UpdateSkillParams) (Skill, error) {
|
|
row := q.db.QueryRow(ctx, updateSkill,
|
|
arg.ID,
|
|
arg.Name,
|
|
arg.Description,
|
|
arg.Content,
|
|
arg.Config,
|
|
)
|
|
var i Skill
|
|
err := row.Scan(
|
|
&i.ID,
|
|
&i.WorkspaceID,
|
|
&i.Name,
|
|
&i.Description,
|
|
&i.Content,
|
|
&i.Config,
|
|
&i.CreatedBy,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
)
|
|
return i, err
|
|
}
|
|
|
|
const upsertSkillFile = `-- name: UpsertSkillFile :one
|
|
INSERT INTO skill_file (skill_id, path, content)
|
|
VALUES ($1, $2, $3)
|
|
ON CONFLICT (skill_id, path) DO UPDATE SET
|
|
content = EXCLUDED.content,
|
|
updated_at = now()
|
|
RETURNING id, skill_id, path, content, created_at, updated_at
|
|
`
|
|
|
|
type UpsertSkillFileParams struct {
|
|
SkillID pgtype.UUID `json:"skill_id"`
|
|
Path string `json:"path"`
|
|
Content string `json:"content"`
|
|
}
|
|
|
|
func (q *Queries) UpsertSkillFile(ctx context.Context, arg UpsertSkillFileParams) (SkillFile, error) {
|
|
row := q.db.QueryRow(ctx, upsertSkillFile, arg.SkillID, arg.Path, arg.Content)
|
|
var i SkillFile
|
|
err := row.Scan(
|
|
&i.ID,
|
|
&i.SkillID,
|
|
&i.Path,
|
|
&i.Content,
|
|
&i.CreatedAt,
|
|
&i.UpdatedAt,
|
|
)
|
|
return i, err
|
|
}
|