From bb26a81fe6153abfc8e4678bc8fb17c74c26afa9 Mon Sep 17 00:00:00 2001 From: Claude Date: Tue, 24 Mar 2026 09:57:18 +0000 Subject: [PATCH] fix: add tracing + explicit types to check_push_access Makes the exact failure reason (app not found vs. no access grant) visible in `docker compose logs server`. https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH --- server/src/routes/git.rs | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/server/src/routes/git.rs b/server/src/routes/git.rs index ab04aa7..da02c7e 100644 --- a/server/src/routes/git.rs +++ b/server/src/routes/git.rs @@ -105,15 +105,23 @@ fn forbidden() -> Response { /// Resolves an app name/id and checks whether the user may push to it. /// Returns the app_id on success. async fn check_push_access(s: &AppState, user_id: &str, app: &str) -> Option { - let app_id: String = - sqlx::query_scalar("SELECT id FROM apps WHERE id = ? OR name = ?") + let app_id: Option = + sqlx::query_scalar::<_, String>("SELECT id FROM apps WHERE id = ? OR name = ?") .bind(app) .bind(app) .fetch_optional(&s.db) .await - .unwrap_or(None)?; + .unwrap_or(None); - let is_admin: i64 = sqlx::query_scalar("SELECT is_admin FROM users WHERE id = ?") + let app_id = match app_id { + Some(id) => id, + None => { + tracing::debug!("check_push_access: no app found for {:?}", app); + return None; + } + }; + + let is_admin: i64 = sqlx::query_scalar::<_, i64>("SELECT is_admin FROM users WHERE id = ?") .bind(user_id) .fetch_optional(&s.db) .await @@ -121,17 +129,24 @@ async fn check_push_access(s: &AppState, user_id: &str, app: &str) -> Option = - sqlx::query_scalar("SELECT 1 FROM user_apps WHERE user_id = ? AND app_id = ?") + sqlx::query_scalar::<_, i64>("SELECT 1 FROM user_apps WHERE user_id = ? AND app_id = ?") .bind(user_id) .bind(&app_id) .fetch_optional(&s.db) .await .unwrap_or(None); + if granted.is_none() { + tracing::debug!( + "check_push_access: user {} has no grant for app {}", + user_id, app_id + ); + } granted.map(|_| app_id) }