Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

[FIX] Keep DRF 3.15.2 safe for org-scoped serializers (drop server-set uniqueness)#2091

Closed
chandrasekharan-zipstack wants to merge 1 commit into
mainZipstack/unstract:mainfrom
fix/drf-315-org-uniquenessZipstack/unstract:fix/drf-315-org-uniquenessCopy head branch name to clipboard
Closed

[FIX] Keep DRF 3.15.2 safe for org-scoped serializers (drop server-set uniqueness)#2091
chandrasekharan-zipstack wants to merge 1 commit into
mainZipstack/unstract:mainfrom
fix/drf-315-org-uniquenessZipstack/unstract:fix/drf-315-org-uniquenessCopy head branch name to clipboard

Conversation

@chandrasekharan-zipstack

Copy link
Copy Markdown
Contributor

What

Add DropServerSetUniquenessMixin (backend/utils/serializer/org_uniqueness.py) and apply it to AuditSerializer and IntegrityErrorMixin so create/update endpoints stop 400ing under djangorestframework==3.15.2.

Supersedes the DRF 3.14 revert #2090 — this keeps 3.15.2 (and its CVE-2024-21520 XSS patch) while removing the regression that revert was working around.

Why

DRF 3.15 extended ModelSerializer.get_uniqueness_extra_kwargs() and get_unique_together_validators() to derive uniqueness from a model's multi-field UniqueConstraints — not just Meta.unique_together as in 3.14. Models using DefaultOrganizationMixin carry org-scoped constraints (e.g. AdapterInstance.unique_organization_adapter over adapter_name, adapter_type, organization). organization is a nullable FK set server-side in DefaultOrganizationMixin.save() via UserContext and is never sent by clients.

Under 3.15 this made serializers (notably fields="__all__") mark organization required=True and build a UniqueTogetherValidator whose enforce_required_fields also demands it. Result: create/update 400 with {"attr":"organization","code":"required"} across adapters, connectors, workflows, api-deployments, prompt-studio, etc. (this is what broke ~146 staging tests).

Both DRF methods had to be neutralized: for AdapterInstance the required kwarg test passes but the UniqueTogetherValidator is the active 400 path — a validator-only or kwargs-only fix would be insufficient.

How

DropServerSetUniquenessMixin strips organization/created_by/modified_by from both the uniqueness extra_kwargs/hidden-fields and the unique-together validators, restoring 3.14 behaviour. DB UniqueConstraints + IntegrityErrorMixin still enforce and cleanly surface real duplicate errors.

Applied with minimal churn:

  • AuditSerializer gains the mixin — covers all OSS create serializers (adapter/connector/workflow/api/prompt-studio/platform-api, all fields="__all__").
  • IntegrityErrorMixin gains the mixin — cloud serializers that import it (e.g. AgenticProjectSerializer, LookupDefinitionSerializer) inherit the fix for free. Serializers inheriting both (WorkflowSerializer, PipelineSerializer, APIDeploymentSerializer, CustomToolSerializer) get it once via MRO (verified — harmless).

Coverage audit

Model Constraint Serializer Covered via
AdapterInstance (adapter_name, adapter_type, organization) AdapterInstanceSerializer/BaseAdapterSerializer (__all__) AuditSerializer
ConnectorInstance (connector_name, organization) ConnectorInstanceSerializer (__all__) AuditSerializer
Workflow (workflow_name, organization) WorkflowSerializer (__all__) AuditSerializer + IntegrityErrorMixin
Pipeline (pipeline_name, organization) PipelineSerializer (__all__) AuditSerializer + IntegrityErrorMixin
APIDeployment (api_name, organization) APIDeploymentSerializer (__all__) AuditSerializer + IntegrityErrorMixin
CustomTool (tool_name, organization) CustomToolSerializer (__all__) AuditSerializer + IntegrityErrorMixin
PlatformApiKey (name, organization) PlatformApiKeyCreate/UpdateSerializer AuditSerializer (organization not in fields → already safe)
Tag, OrganizationMember, OrganizationGroup, EventMetrics* org-scoped plain ModelSerializer Not affectedorganization not in serializer fields, so DRF skips the constraint (issuperset check fails)
Configuration (organization, key) (no DRF serializer — internal API) n/a

No OSS writable serializer over an org-scoped multi-field constraint was left uncovered.

Can this PR break any existing features

No. The mixin only removes uniqueness machinery for server-set fields that clients never supply anyway; DB UniqueConstraints remain authoritative and IntegrityErrorMixin still returns clean validation errors on real duplicates. This restores the exact pre-3.15 (3.14) serializer behaviour for these fields.

Database Migrations

None.

Env Config

None.

Related Issues or PRs

Supersedes #2090 (DRF 3.14 revert). Cloud counterpart: Zipstack/unstract-cloud#fix/drf-315-org-uniqueness.

Dependencies Versions

No change — keeps djangorestframework==3.15.2.

Notes on Testing

Added backend/adapter_processor_v2/tests/test_org_uniqueness.py (3 tests): asserts AdapterInstanceSerializer().fields["organization"].required is False, that no server-set field appears in the uniqueness required extra_kwargs, and that no UniqueTogetherValidator covers a server-set field. Verified the tests FAIL without the mixin (the (adapter_name, adapter_type, organization) validator reappears) and PASS with it, under DRF 3.15.2.

🤖 Generated with Claude Code

…t uniqueness)

DRF 3.15 extended ModelSerializer.get_uniqueness_extra_kwargs() and
get_unique_together_validators() to derive uniqueness from a model's
multi-field UniqueConstraints, not just Meta.unique_together (3.14
behaviour). Models using DefaultOrganizationMixin carry org-scoped
constraints (e.g. AdapterInstance's unique_organization_adapter over
adapter_name/adapter_type/organization). `organization` is a nullable FK
set server-side in DefaultOrganizationMixin.save() via UserContext and is
never sent by clients.

Under 3.15 this made serializers (notably fields="__all__") mark
`organization` required=True AND build a UniqueTogetherValidator whose
enforce_required_fields also demands it, so create/update endpoints 400
with {"attr":"organization","code":"required"} across adapters,
connectors, workflows, api-deployments, prompt-studio, etc.

Add DropServerSetUniquenessMixin (utils/serializer/org_uniqueness.py) that
strips organization/created_by/modified_by from BOTH the uniqueness
extra_kwargs and the unique-together validators, restoring 3.14 behaviour.
DB UniqueConstraints + IntegrityErrorMixin still enforce and cleanly
surface real duplicates. Apply it once on AuditSerializer (covers all OSS
create serializers) and on IntegrityErrorMixin (so cloud serializers that
import it inherit the fix for free). This supersedes the DRF 3.14 revert,
keeping 3.15.2 and its CVE-2024-21520 XSS patch.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DoRxNHky8RoutBCFrSzZQ7
@coderabbitai

coderabbitai Bot commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: cfefab97-87e6-46ee-8420-210ca1d8bb1e

📥 Commits

Reviewing files that changed from the base of the PR and between 49ef65a and e1a8d5d.

📒 Files selected for processing (4)
  • backend/adapter_processor_v2/tests/test_org_uniqueness.py
  • backend/backend/serializers.py
  • backend/utils/serializer/integrity_error_mixin.py
  • backend/utils/serializer/org_uniqueness.py

Summary by CodeRabbit

  • Bug Fixes

    • Fixed serializer validation to ensure organization-scoped uniqueness constraints work correctly. Clients no longer need to provide server-managed fields, streamlining API requests while maintaining data integrity.
  • Tests

    • Added regression tests for organization uniqueness validation behavior to prevent future regressions.

Walkthrough

A new DropServerSetUniquenessMixin is introduced in backend/utils/serializer/org_uniqueness.py. It overrides two DRF ModelSerializer methods to strip server-populated fields (organization, created_by, modified_by) from uniqueness validation. The mixin is applied to AuditSerializer and IntegrityErrorMixin. Three regression tests validate the behavior on AdapterInstanceSerializer.

Changes

Org-scoped uniqueness validation fix

Layer / File(s) Summary
DropServerSetUniquenessMixin implementation
backend/utils/serializer/org_uniqueness.py
Defines SERVER_SET_UNIQUENESS_FIELDS frozenset and DropServerSetUniquenessMixin with overrides for get_uniqueness_extra_kwargs (removes server-set fields from extra_kwargs and hidden_fields) and get_unique_together_validators (filters validators whose fields intersect the server-set set).
Mixin applied to existing serializer bases
backend/backend/serializers.py, backend/utils/serializer/integrity_error_mixin.py
AuditSerializer adds DropServerSetUniquenessMixin before ModelSerializer in its MRO; IntegrityErrorMixin inherits from DropServerSetUniquenessMixin instead of plain object, both via import + class-declaration changes.
Regression tests
backend/adapter_processor_v2/tests/test_org_uniqueness.py
Three tests on AdapterInstanceSerializer assert: organization field is not required, no server-set field appears in uniqueness-required kwargs, and no UniqueTogetherValidator covers any server-set field.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and specifically describes the main fix: addressing a DRF 3.15.2 compatibility issue for org-scoped serializers by implementing server-set uniqueness field handling.
Description check ✅ Passed The description is comprehensive and well-structured, covering What, Why, How, potential breaks, and testing notes. All major template sections are completed with substantial detail and context.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/drf-315-org-uniqueness

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@greptile-apps

greptile-apps Bot commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

Introduces DropServerSetUniquenessMixin to neutralize the DRF 3.15 regression where UniqueConstraint-derived validators and required=True extra-kwargs caused every create/update to 400 for org-scoped serializers that never receive organization from clients.

  • org_uniqueness.py: New mixin overrides both get_uniqueness_extra_kwargs and get_unique_together_validators to strip organization, created_by, and modified_by from DRF's uniqueness machinery; DB constraints remain the authoritative enforcement layer.
  • AuditSerializer / IntegrityErrorMixin: Each gains the mixin with a one-line change; the MRO is correct in both cases, and serializers inheriting both (e.g. WorkflowSerializer) get the mixin exactly once.

Confidence Score: 4/5

Safe to merge; the mixin correctly restores pre-3.15 serializer behavior and the MRO ordering is valid in all application sites.

The core logic is well-targeted and the coverage audit in the PR description is thorough. The one behavioral nuance worth watching is that dropping an entire validator on any server-set field overlap also removes DRF-layer pre-validation for the client-supplied fields in that same constraint — meaning AuditSerializer-only subclasses without IntegrityErrorMixin will hit the DB before getting a validation error on a true duplicate. This matches DRF 3.14 behavior so it is not a regression, but it is an implicit assumption about every org-scoped serializer having IntegrityErrorMixin in its chain.

The test file (test_org_uniqueness.py) uses a private DRF attribute and a module-level Django setup pattern; both are cosmetic but could make the tests brittle under future DRF updates or when run via pytest-django.

Important Files Changed

Filename Overview
backend/utils/serializer/org_uniqueness.py New mixin that strips server-set fields from both DRF 3.15 uniqueness code paths; logic is sound but drops entire validators on any overlap, leaving non-server-set field pairs in the same constraint without DRF-layer pre-validation.
backend/backend/serializers.py Adds DropServerSetUniquenessMixin to AuditSerializer via correct MRO ordering (mixin before ModelSerializer); straightforward and safe.
backend/utils/serializer/integrity_error_mixin.py IntegrityErrorMixin now inherits DropServerSetUniquenessMixin; cloud serializers that import it inherit the fix automatically with no functional change to IntegrityError handling.
backend/adapter_processor_v2/tests/test_org_uniqueness.py Regression guard tests for DRF 3.15 org-uniqueness; accesses private _declared_fields API and uses a module-level Django setup pattern that conflicts with standard pytest-django lifecycle.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[DRF 3.15 ModelSerializer.get_fields] --> B[get_uniqueness_extra_kwargs]
    A --> C[get_unique_together_validators]

    B --> D{DropServerSetUniquenessMixin}
    C --> D

    D -->|strip organization / created_by / modified_by from extra_kwargs & hidden_fields| E[Safe extra_kwargs returned]
    D -->|drop any validator whose fields overlap SERVER_SET_UNIQUENESS_FIELDS| F[Filtered validators returned]

    E --> G[Serializer fields: organization not required=True]
    F --> H[No UniqueTogetherValidator demands organization]

    G --> I[create/update succeeds]
    H --> I

    I --> J{Duplicate record?}
    J -->|DB IntegrityError raised| K{IntegrityErrorMixin present?}
    K -->|Yes| L[Clean 400 ValidationError returned]
    K -->|No| M[500 unhandled IntegrityError]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[DRF 3.15 ModelSerializer.get_fields] --> B[get_uniqueness_extra_kwargs]
    A --> C[get_unique_together_validators]

    B --> D{DropServerSetUniquenessMixin}
    C --> D

    D -->|strip organization / created_by / modified_by from extra_kwargs & hidden_fields| E[Safe extra_kwargs returned]
    D -->|drop any validator whose fields overlap SERVER_SET_UNIQUENESS_FIELDS| F[Filtered validators returned]

    E --> G[Serializer fields: organization not required=True]
    F --> H[No UniqueTogetherValidator demands organization]

    G --> I[create/update succeeds]
    H --> I

    I --> J{Duplicate record?}
    J -->|DB IntegrityError raised| K{IntegrityErrorMixin present?}
    K -->|Yes| L[Clean 400 ValidationError returned]
    K -->|No| M[500 unhandled IntegrityError]
Loading

Fix All in Claude Code

Prompt To Fix All With AI
Fix the following 3 code review issues. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 3
backend/utils/serializer/org_uniqueness.py:34-39
**Entire validator dropped for partial server-set overlap**

When a `UniqueConstraint` includes both client-supplied and server-set fields (e.g. `(adapter_name, adapter_type, organization)`), the entire `UniqueTogetherValidator` is removed. This means DRF no longer pre-validates uniqueness of the client-supplied subset (`adapter_name + adapter_type` within an org) before hitting the database. For serializers that mix in `IntegrityErrorMixin` this is caught at the DB layer and re-raised cleanly; for `AuditSerializer`-only subclasses (e.g. `ConnectorInstanceSerializer`) a real duplicate will raise an unhandled `IntegrityError` and return a 500. The PR description acknowledges this trade-off and notes it matches pre-3.15 behavior — worth a quick audit that every `AuditSerializer`-only descendant over an org-scoped constraint also inherits `IntegrityErrorMixin`, or has its own `save()` guard.

### Issue 2 of 3
backend/adapter_processor_v2/tests/test_org_uniqueness.py:37-38
**Test relies on private DRF attribute `_declared_fields`**

`serializer._declared_fields` is an internal implementation detail not part of DRF's public API. If DRF renames or restructures it in a future minor release the test would break with an `AttributeError` rather than a meaningful assertion failure. The public `serializer.fields` mapping is the stable surface; `_declared_fields` only differs from it in that it excludes dynamically added fields, which matters only if the test is specifically checking for that distinction.

### Issue 3 of 3
backend/adapter_processor_v2/tests/test_org_uniqueness.py:19-21
**Module-level Django setup bypasses pytest-django lifecycle**

Calling `django.setup()` at import time with `if not apps.ready` is a workaround for running the file directly (`python test_org_uniqueness.py`). When pytest-django is the test runner it configures Django before collecting tests, so `apps.ready` is already `True` and the guard is a no-op — correct, but the `os.environ.setdefault` line above it is also a no-op if pytest-django already set `DJANGO_SETTINGS_MODULE`. This makes the intent ambiguous. The idiomatic pytest-django approach is a `conftest.py` fixture; if the test genuinely needs no DB, the module-level block can simply be removed.

Reviews (1): Last reviewed commit: "[FIX] Keep DRF 3.15.2 safe for org-scope..." | Re-trigger Greptile

Comment on lines +34 to +39
def get_unique_together_validators(self) -> list[Any]:
return [
validator
for validator in super().get_unique_together_validators()
if not (set(getattr(validator, "fields", ())) & SERVER_SET_UNIQUENESS_FIELDS)
]

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Entire validator dropped for partial server-set overlap

When a UniqueConstraint includes both client-supplied and server-set fields (e.g. (adapter_name, adapter_type, organization)), the entire UniqueTogetherValidator is removed. This means DRF no longer pre-validates uniqueness of the client-supplied subset (adapter_name + adapter_type within an org) before hitting the database. For serializers that mix in IntegrityErrorMixin this is caught at the DB layer and re-raised cleanly; for AuditSerializer-only subclasses (e.g. ConnectorInstanceSerializer) a real duplicate will raise an unhandled IntegrityError and return a 500. The PR description acknowledges this trade-off and notes it matches pre-3.15 behavior — worth a quick audit that every AuditSerializer-only descendant over an org-scoped constraint also inherits IntegrityErrorMixin, or has its own save() guard.

Prompt To Fix With AI
This is a comment left during a code review.
Path: backend/utils/serializer/org_uniqueness.py
Line: 34-39

Comment:
**Entire validator dropped for partial server-set overlap**

When a `UniqueConstraint` includes both client-supplied and server-set fields (e.g. `(adapter_name, adapter_type, organization)`), the entire `UniqueTogetherValidator` is removed. This means DRF no longer pre-validates uniqueness of the client-supplied subset (`adapter_name + adapter_type` within an org) before hitting the database. For serializers that mix in `IntegrityErrorMixin` this is caught at the DB layer and re-raised cleanly; for `AuditSerializer`-only subclasses (e.g. `ConnectorInstanceSerializer`) a real duplicate will raise an unhandled `IntegrityError` and return a 500. The PR description acknowledges this trade-off and notes it matches pre-3.15 behavior — worth a quick audit that every `AuditSerializer`-only descendant over an org-scoped constraint also inherits `IntegrityErrorMixin`, or has its own `save()` guard.

How can I resolve this? If you propose a fix, please make it concise.

Fix in Claude Code

Comment on lines +37 to +38
declared_fields = serializer._declared_fields
extra_kwargs, _hidden = serializer.get_uniqueness_extra_kwargs(

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Test relies on private DRF attribute _declared_fields

serializer._declared_fields is an internal implementation detail not part of DRF's public API. If DRF renames or restructures it in a future minor release the test would break with an AttributeError rather than a meaningful assertion failure. The public serializer.fields mapping is the stable surface; _declared_fields only differs from it in that it excludes dynamically added fields, which matters only if the test is specifically checking for that distinction.

Prompt To Fix With AI
This is a comment left during a code review.
Path: backend/adapter_processor_v2/tests/test_org_uniqueness.py
Line: 37-38

Comment:
**Test relies on private DRF attribute `_declared_fields`**

`serializer._declared_fields` is an internal implementation detail not part of DRF's public API. If DRF renames or restructures it in a future minor release the test would break with an `AttributeError` rather than a meaningful assertion failure. The public `serializer.fields` mapping is the stable surface; `_declared_fields` only differs from it in that it excludes dynamically added fields, which matters only if the test is specifically checking for that distinction.

How can I resolve this? If you propose a fix, please make it concise.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

Fix in Claude Code

Comment on lines +19 to +21
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "backend.settings.test")
if not apps.ready:
django.setup()

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Module-level Django setup bypasses pytest-django lifecycle

Calling django.setup() at import time with if not apps.ready is a workaround for running the file directly (python test_org_uniqueness.py). When pytest-django is the test runner it configures Django before collecting tests, so apps.ready is already True and the guard is a no-op — correct, but the os.environ.setdefault line above it is also a no-op if pytest-django already set DJANGO_SETTINGS_MODULE. This makes the intent ambiguous. The idiomatic pytest-django approach is a conftest.py fixture; if the test genuinely needs no DB, the module-level block can simply be removed.

Prompt To Fix With AI
This is a comment left during a code review.
Path: backend/adapter_processor_v2/tests/test_org_uniqueness.py
Line: 19-21

Comment:
**Module-level Django setup bypasses pytest-django lifecycle**

Calling `django.setup()` at import time with `if not apps.ready` is a workaround for running the file directly (`python test_org_uniqueness.py`). When pytest-django is the test runner it configures Django before collecting tests, so `apps.ready` is already `True` and the guard is a no-op — correct, but the `os.environ.setdefault` line above it is also a no-op if pytest-django already set `DJANGO_SETTINGS_MODULE`. This makes the intent ambiguous. The idiomatic pytest-django approach is a `conftest.py` fixture; if the test genuinely needs no DB, the module-level block can simply be removed.

How can I resolve this? If you propose a fix, please make it concise.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

Fix in Claude Code

@github-actions

Copy link
Copy Markdown
Contributor

Unstract test results

Per-group results

Status Group Tier Passed Failed Errors Skipped Duration (s)
unit-connectors unit 64 12 0 3 16.7
unit-core unit 0 0 4 0 1.2
unit-platform-service unit 9 0 1 0 1.4
unit-prompt-service unit 15 0 0 0 20.0
unit-rig unit 53 0 0 0 3.4
unit-runner unit 11 0 0 0 3.1
unit-sdk1 unit 390 0 0 0 20.7
unit-tool-registry unit 0 0 1 0 1.3
unit-workers unit 0 0 0 0 17.5
TOTAL 542 12 6 3 85.3

Critical paths

⚠️ Critical paths not yet covered

  • auth-login — User can log in and obtain a session cookie. (entry: POST /api/v1/auth/login; declared coverage: no groups declared)
  • adapter-register-llm — Register and validate an LLM adapter. (entry: POST /api/v1/adapter/; declared coverage: no groups declared)
  • workflow-create-execute — Create a workflow, configure source+destination, execute, poll, fetch result. (entry: POST /api/v1/workflow/{id}/execute/; declared coverage: e2e-workflow)
  • api-deployment-run — Deploy a workflow as an API, POST a document, receive structured JSON. (entry: POST /deployment/api/{org}/{name}/; declared coverage: e2e-api-deployment)
  • prompt-studio-fetch-response — Prompt Studio: create project, add prompt, run single-pass, get response. (entry: POST /api/v1/prompt-studio/prompt-studio-tool/{id}/fetch_response/; declared coverage: e2e-prompt-studio)
  • pipeline-etl-execute — Run an ETL pipeline from source connector to destination. (entry: POST /api/v1/pipeline/{id}/execute/; declared coverage: no groups declared)
  • usage-token-tracking — Per-execution token usage is recorded and retrievable. (entry: GET /api/v1/usage/get_token_usage/; declared coverage: no groups declared)
  • workflow-execution-fan-out — Multi-file workflow execution fans out to file-processing workers and rejoins. (entry: internal: backend → rabbitmq → workers/file_processing; declared coverage: no groups declared)
  • callback-result-delivery — Async results are posted back via the callback worker. (entry: internal: workers/callback → backend /internal endpoints; declared coverage: no groups declared)
✅ Covered critical paths
  • tool-sandbox-exec — covered by unit-runner

@chandrasekharan-zipstack

Copy link
Copy Markdown
Contributor Author

Closing in favour of a durable model-level fix (mark server-managed org/audit fields editable=False so DRF auto-skips the org-scoped UniqueTogetherValidator everywhere, not just on two base classes).

@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant

Morty Proxy This is a proxified and sanitized view of the page, visit original site.