Merged
Conversation
This commit addresses two related issues: - Issue #95: Unhelpful error messages when user lacks channel edit permissions - Issue #434: Files downloaded/uploaded before checking permissions Changes: - Added early permission check in commands.py after channel construction - Calls add_channel() before DOWNLOAD_FILES stage to fail fast if unauthorized - Caches root_id and channel_id to avoid duplicate API calls - Prevents wasted bandwidth and processing time Benefits: - Users get immediate feedback on authorization issues - No wasted resources downloading/uploading files when unauthorized - No Studio API changes required - uses existing endpoints - Backward compatible with existing chef scripts
rtibbles
force-pushed
the
claude/test-fix-related-issues-01FwwYDNaQ7wwQY7MNKJsyur
branch
from
0bfc64a to
90b72d9
Compare
AlexVelezLl
approved these changes
Jan 26, 2026
Member
AlexVelezLl
left a comment
AlexVelezLl
left a comment
There was a problem hiding this comment.
Thanks, Richard. Code changes make sense, and I have smoke-tested this with tokens with and without permissions, and can confirm that this now fails early for non-authorized users with a readable auth error message.
Comment on lines
+274
to
+278
| # Use cached root_id and channel_id if already set (from early permission check) | ||
| if self.root_id is not None and self.channel_id is not None: | ||
| root, channel_id = self.root_id, self.channel_id | ||
| else: | ||
| root, channel_id = self.add_channel() |
Member
There was a problem hiding this comment.
Just out of curiosity. Would there be any state when we reach this point, but the add_channel hasn't been called yet?
Member
Author
There was a problem hiding this comment.
I would really hope not - but maybe if someone subclassed the tree manager somewhere and overrode the place we do the initial check?
rtibbles
deleted the
claude/test-fix-related-issues-01FwwYDNaQ7wwQY7MNKJsyur
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
References
Fixes #95
Fixes #434
Reviewer guidance
Probably the best way to test this would be to edit the tests/test_chef_integration.py to use a static channel domain and channel source id.
Then run with one Studio user token, then run it again with another (non-admin) Studio user token.
When I did this, it gave me a properly semantic error message before downloading any files telling me I didn't have permission to edit the channel
🤖 This was created by Claude Code. @rtibbles then reviewed the generated output, and did iterative rounds of updates before making it ready for review 🤖