fix(delete_project_file): use URL segment for path + refuse root deletes (prevents whole-project wipe)#14
Closed
arsyakaukabi wants to merge 1 commit into
Closed
Conversation
The Cloudera AI Workbench v2 Files API silently ignores ?path=...
query strings on the project files endpoint (same root cause as the
list_project_files bug, but with destructive consequences).
Before this fix, calling delete_project_file with any file_path was
effectively issuing:
DELETE /api/v2/projects/{project_id}/files
i.e. delete the entire project file root, recursively. The tool then
reported success: true because the server returned 200, so callers
(including LLM clients) had no signal that anything was wrong.
This:
1. Switches the URL to a path-segment form, matching the working
download / list endpoints:
DELETE /api/v2/projects/{project_id}/files/<encoded path>
2. Refuses empty / root-equivalent file_path values up front, so even
if a future regression brings back the wrong endpoint shape, this
tool can never target the project root.
Fixes cloudera#13. See also cloudera#10 / cloudera#12 for the non-destructive sibling bug in
list_project_files.
Collaborator
|
Hi @arsyakaukabi — thank you for catching this and putting together the fix. The underlying issue (path The relevant fix landed in commit 56ee14d (DSE-54632) and was further solidified in b591376 where all Closing this PR since the fix is now on Thanks again! 🙏 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the destructive bug reported in #13.
delete_project_filewas sending the target path as a?path=query string, which the Cloudera AI Workbench v2 Files API silently ignores. The actual request was:i.e. delete the entire project file tree, recursively, regardless of which
file_paththe caller specified. The tool then reportedsuccess: truebecause the server returned 200.This has caused at least one real incident in production use (full project wipe via the MCP tool, recovered only via platform backup). Filing the fix as soon as the incident was contained.
Changes
Send the path as a URL segment, matching the working
download_project_file_v2/ patchedlist_project_filesendpoints:Refuse
file_pathvalues that normalize to the project root ("","/",".",".."). Even with the URL fix in place, this tool should never target the project file root — adding the guard means a future regression in URL handling cannot reintroduce the catastrophic outcome.Test plan
livyatan.apps.slithereen.data.bri.co.id: deletingPLAYGROUND/<user>/scratch.txtnow deletes only that file and leaves siblings intact.file_path="","/",".", or".."are now rejected before any HTTP request is sent.a/b/c/file.txt).Related
?path=pattern inlist_project_files.