You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue #4588 covers UUID validation across the REST API controllers (PR #4591 is an external contributor's attempt at it). This issue covers the remaining places Ecto.Query.CastError still surfaces from Sentry LIGHTNING-3B that #4588 explicitly scopes out: LiveView route params and search/filter inputs.
Details
LIGHTNING-3B (1,833 events, 11 users, still firing on v2.16.6) groups four distinct call sites under one Sentry fingerprint. #4588 enumerates the REST API ones. The remaining two:
/projects/:proj/w/<non-uuid> — LightningWeb.WorkflowLive.Collaborate.workflow_assigns/2 (collaborate.ex:372) calls Workflows.get_workflow!("null") when the path param is the literal string "null". The new-workflow branch only fires when id is absent, not when it's a non-UUID. Seen 9× in the recent 90-day Sentry sample. Frontend is generating /w/null somewhere — worth a separate ticket.
Dataclips name-or-id filter — Lightning.Invocation.dataclip_where_filter/1 → id_prefix_interval/1 (invocation.ex:1037,1070) builds invalid UUID range bounds when users type non-hex text into the dataclips search box (e.g. IQ146-26-000-037). Seen 5× in the recent sample.
Implementation notes
Two patterns, drawn from common Phoenix practice:
LiveView on_mount UUID validator — equivalent of the controller-level validator from Standardize UUID validation across all REST API controllers #4588 but for LiveView. A shared on_mount callback (sibling to LightningWeb.Hooks.:project_scope) runs Ecto.UUID.cast/1 on known id params and redirects to 404 (or the new-workflow route) on :error. Apply to WorkflowLive.Collaborate at minimum; audit other LiveViews mounting on :id path params.
Narrower alternative: workflow_assigns/2 treats a non-UUID id the same as a missing one. Simpler but doesn't generalize.
Filter input sanitization — id_prefix_interval/1 should reject non-hex input (or upstream, the LiveView assigning :name_or_id_part should validate before passing to dataclip_where_filter/1). Non-hex queries fall back to name-only search.
Whatever shared validate_uuid/1-style helper lands as part of #4588 should also be reachable from LiveView; worth coordinating so we don't end up with two implementations.
Release notes
Bug fix: invalid IDs in LiveView routes and dataclips search inputs no longer return 500.
User acceptance criteria
Navigating to /projects/:p/w/null or /projects/:p/w/<non-uuid> does not crash — either 404 or renders the new-workflow view
Dataclips search accepts arbitrary text (including dashes, non-hex chars) without 500
Frontend /w/null generation tracked as a separate follow-up
User story
Issue #4588 covers UUID validation across the REST API controllers (PR #4591 is an external contributor's attempt at it). This issue covers the remaining places
Ecto.Query.CastErrorstill surfaces from Sentry LIGHTNING-3B that #4588 explicitly scopes out: LiveView route params and search/filter inputs.Details
LIGHTNING-3B (1,833 events, 11 users, still firing on v2.16.6) groups four distinct call sites under one Sentry fingerprint. #4588 enumerates the REST API ones. The remaining two:
/projects/:proj/w/<non-uuid>—LightningWeb.WorkflowLive.Collaborate.workflow_assigns/2(collaborate.ex:372) callsWorkflows.get_workflow!("null")when the path param is the literal string"null". The new-workflow branch only fires whenidis absent, not when it's a non-UUID. Seen 9× in the recent 90-day Sentry sample. Frontend is generating/w/nullsomewhere — worth a separate ticket.Lightning.Invocation.dataclip_where_filter/1→id_prefix_interval/1(invocation.ex:1037,1070) builds invalid UUID range bounds when users type non-hex text into the dataclips search box (e.g.IQ146-26-000-037). Seen 5× in the recent sample.Implementation notes
Two patterns, drawn from common Phoenix practice:
on_mountUUID validator — equivalent of the controller-level validator from Standardize UUID validation across all REST API controllers #4588 but for LiveView. A sharedon_mountcallback (sibling toLightningWeb.Hooks.:project_scope) runsEcto.UUID.cast/1on known id params and redirects to 404 (or the new-workflow route) on:error. Apply toWorkflowLive.Collaborateat minimum; audit other LiveViews mounting on:idpath params.workflow_assigns/2treats a non-UUIDidthe same as a missing one. Simpler but doesn't generalize.id_prefix_interval/1should reject non-hex input (or upstream, the LiveView assigning:name_or_id_partshould validate before passing todataclip_where_filter/1). Non-hex queries fall back to name-only search.Whatever shared
validate_uuid/1-style helper lands as part of #4588 should also be reachable from LiveView; worth coordinating so we don't end up with two implementations.Release notes
Bug fix: invalid IDs in LiveView routes and dataclips search inputs no longer return 500.
User acceptance criteria
/projects/:p/w/nullor/projects/:p/w/<non-uuid>does not crash — either 404 or renders the new-workflow view/w/nullgeneration tracked as a separate follow-up