ake/paperclip
1
0
Fork 0
mirror of https://github.com/alkimake/paperclip.git synced 2026-06-16 02:40:39 +09:00
Code Issues Projects Releases Packages Wiki Activity

Guard closed isolated workspaces on issues

Browse source 
Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
dotta 2026-04-04 13:04:34 -05:00
parent 4993b5338c
commit 65818c3447
7 changed files with 372 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

38
server/src/routes/issues.ts
View file

@ -19,6 +19,9 @@ import {
updateIssueWorkProductSchema,
upsertIssueDocumentSchema,
updateIssueSchema,
getClosedIsolatedExecutionWorkspaceMessage,
isClosedIsolatedExecutionWorkspace,
type ExecutionWorkspace,
} from "@paperclipai/shared";
import { trackAgentTaskCompleted } from "@paperclipai/shared/telemetry";
import { getTelemetryClient } from "../telemetry.js";
@ -234,6 +237,23 @@ export function issueRoutes(
return runToInterrupt?.status === "running" ? runToInterrupt : null;
}
async function getClosedIssueExecutionWorkspace(issue: { executionWorkspaceId?: string | null }) {
if (!issue.executionWorkspaceId) return null;
const workspace = await executionWorkspacesSvc.getById(issue.executionWorkspaceId);
if (!workspace || !isClosedIsolatedExecutionWorkspace(workspace)) return null;
return workspace;
}
function respondClosedIssueExecutionWorkspace(
res: Response,
workspace: Pick<ExecutionWorkspace, "closedAt" | "id" | "mode" | "name" | "status">,
) {
res.status(409).json({
error: getClosedIsolatedExecutionWorkspaceMessage(workspace),
executionWorkspace: workspace,
});
}
async function normalizeIssueIdentifier(rawId: string): Promise<string> {
if (/^[A-Z]+-\d+$/i.test(rawId)) {
const issue = await svc.getByIdentifier(rawId);
@ -1083,6 +1103,13 @@ export function issueRoutes(
...updateFields
} = req.body;
let interruptedRunId: string | null = null;
const closedExecutionWorkspace = await getClosedIssueExecutionWorkspace(existing);
const isAgentWorkUpdate = req.actor.type === "agent" && Object.keys(updateFields).length > 0;
if (closedExecutionWorkspace && (commentBody || isAgentWorkUpdate)) {
respondClosedIssueExecutionWorkspace(res, closedExecutionWorkspace);
return;
}
if (interruptRequested) {
if (!commentBody) {
@ -1389,6 +1416,12 @@ export function issueRoutes(
return;
}
const closedExecutionWorkspace = await getClosedIssueExecutionWorkspace(issue);
if (closedExecutionWorkspace) {
respondClosedIssueExecutionWorkspace(res, closedExecutionWorkspace);
return;
}
const checkoutRunId = requireAgentRunId(req, res);
if (req.actor.type === "agent" && !checkoutRunId) return;
const updated = await svc.checkout(id, req.body.agentId, req.body.expectedStatuses, checkoutRunId);
@ -1607,6 +1640,11 @@ export function issueRoutes(
}
assertCompanyAccess(req, issue.companyId);
if (!(await assertAgentRunCheckoutOwnership(req, res, issue))) return;
const closedExecutionWorkspace = await getClosedIssueExecutionWorkspace(issue);
if (closedExecutionWorkspace) {
respondClosedIssueExecutionWorkspace(res, closedExecutionWorkspace);
return;
}
const actor = getActorInfo(req);
const reopenRequested = req.body.reopen === true;