fix(api): return clean 404 for malformed tenant_id in namespace resolve#6405
Merged
Conversation
Resolving a namespace by tenant_id passed the raw string straight into the uuid-typed namespaces.id column on Postgres. A malformed value (e.g. a misconfigured agent sending '83176492-e6cl-...') failed with SQLSTATE 22P02 and logged a misleading SQL error, even though the request still returned 404. With the previous Mongo store, tenant_id was a plain string field, so a malformed value simply matched nothing and returned a silent 404. Validate the value as a UUID before it reaches the query and return store.ErrNoDocuments when invalid, restoring that behavior and keeping the logs clean for misconfigured agents. Fixes: #6404
|
Claude finished @otavio's task in 5m 36s —— View job Code Review CompleteReviewed 2 files across code quality, security, testing, Go patterns, and architecture — no issues found. The code looks good as-is. Review highlights:
To request another review round, comment |
This was referenced Jun 3, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When a device authenticates with a
tenant_idthat is not a valid UUID, the Postgres store passed the raw string straight into theuuid-typednamespaces.idcolumn. The query failed withinvalid input syntax for type uuid (SQLSTATE 22P02)and logged a misleading SQL error — even though the request still returned 404.With the previous Mongo store,
tenant_idwas a plain string field, so a malformed value (e.g. a misconfigured agent sending83176492-e6cl-..., a letterlinstead of digit1) simply matched nothing and returned a silent 404. This restores that behavior.Change
NamespaceResolvenow validates the value as a UUID (via the existingpkg/uuid.Parse) before issuing the query when resolving by tenant ID, returningstore.ErrNoDocumentswhen invalid. This:NewErrNamespaceNotFound, which maps to HTTP 404. No service/handler changes needed.The targeted per-resolver validation was chosen over a blanket SQLSTATE 22P02 → not-found mapping in
fromSQLError, to avoid masking genuine type-mismatch bugs elsewhere.Tests
Added a
returns ErrNoDocuments for malformed tenant IDsubtest to the sharedTestNamespaceResolvesuite, which runs against both Mongo and Postgres backends to verify parity. The Postgres suite passes locally (the Mongo run requires testcontainers networking unavailable in my local dev setup, but the Mongo path needs no code change — a non-matching string already returnsErrNoDocuments).Notes
A related latent issue exists at sibling call sites that filter on the same uuid-typed
namespace_idvia the sharedInNamespacequery option (DeviceResolve,APIKeyResolve,PublicKeyResolve,SessionResolve). That's out of scope for this issue and could be a follow-up.Fixes: #6404