fix: preserve actual reconciler role for #274 branch-only mutation exemptions during comment_issue preflight #540

Closed
opened 2026-07-08 10:46:28 -05:00 by jcwalker3 · 0 comments
Owner

Reconciler cleanup for PR #527 / issue #515 is terminal, but the canonical reconciler audit comment cannot be posted because comment_issue preflight poisons the effective workspace role.

Observed state:

  • PR #527 merged as af938064cd7558872af888c41eef64380ff0a111.
  • Issue #515 is closed.
  • gitea_cleanup_post_merge_moot_lease(pr_number=527, apply=False) and apply=True both proved cleanup is a no-op.
  • Result: active_lease: null, lease_moot: false, cleanup_performed: false, no_merge_or_adoption: true.
  • Reason: PR #527 reviewer lease already released/terminal; nothing to clean.
  • No active/moot lease remains.
  • No cleanup marker was needed.
  • No foreign comments were touched.
  • gitea.issue.comment was added to prgs-reconciler, but that was necessary and not sufficient.

Bug:
resolve_task_capability("comment_issue") stamps _preflight_resolved_role="author" because comment_issue.required_role_kind=author. _effective_workspace_role() then prefers that preflight role over the actual active profile role. As a result, a real prgs-reconciler session is treated as author inside _enforce_branches_only_author_mutation, so the reconciler exemption is skipped and #274 blocks gitea_create_issue_comment.

Relevant code areas:

  • gitea_mcp_server.py _effective_workspace_role
  • gitea_mcp_server.py _enforce_branches_only_author_mutation
  • gitea_mcp_server.py capability stamping for resolve_task_capability
  • root_checkout_guard.py
  • namespace_workspace_binding.py NON_AUTHOR_ROLES

Required fix:

  • In gitea_mcp_server.py, make the #274 non-author exemption consider the actual active profile role, not only _effective_workspace_role().
  • Apply the same real-role exemption check in root_checkout_guard.py.
  • Preserve author blocking behavior for actual author profiles.

Acceptance criteria:

  1. prgs-reconciler with gitea.issue.comment can post a canonical reconciler audit comment even when comment_issue nominally resolves to author.
  2. Author profiles are still blocked from root/control-checkout mutation by #274.
  3. Reviewer, merger, and reconciler exemptions are not defeated by _preflight_resolved_role.
  4. comment_issue preflight no longer poisons workspace-role classification for non-author profiles.
  5. Regression tests cover the reconciler comment path and the author-blocking path.
  6. After this issue is fixed and merged, a reconciler can retry only the blocked canonical audit comment for PR #527 / issue #515.
Reconciler cleanup for PR #527 / issue #515 is terminal, but the canonical reconciler audit comment cannot be posted because `comment_issue` preflight poisons the effective workspace role. Observed state: * PR #527 merged as `af938064cd7558872af888c41eef64380ff0a111`. * Issue #515 is closed. * `gitea_cleanup_post_merge_moot_lease(pr_number=527, apply=False)` and `apply=True` both proved cleanup is a no-op. * Result: `active_lease: null`, `lease_moot: false`, `cleanup_performed: false`, `no_merge_or_adoption: true`. * Reason: `PR #527 reviewer lease already released/terminal; nothing to clean`. * No active/moot lease remains. * No cleanup marker was needed. * No foreign comments were touched. * `gitea.issue.comment` was added to `prgs-reconciler`, but that was necessary and not sufficient. Bug: `resolve_task_capability("comment_issue")` stamps `_preflight_resolved_role="author"` because `comment_issue.required_role_kind=author`. `_effective_workspace_role()` then prefers that preflight role over the actual active profile role. As a result, a real `prgs-reconciler` session is treated as `author` inside `_enforce_branches_only_author_mutation`, so the reconciler exemption is skipped and #274 blocks `gitea_create_issue_comment`. Relevant code areas: * `gitea_mcp_server.py` `_effective_workspace_role` * `gitea_mcp_server.py` `_enforce_branches_only_author_mutation` * `gitea_mcp_server.py` capability stamping for `resolve_task_capability` * `root_checkout_guard.py` * `namespace_workspace_binding.py` `NON_AUTHOR_ROLES` Required fix: * In `gitea_mcp_server.py`, make the #274 non-author exemption consider the actual active profile role, not only `_effective_workspace_role()`. * Apply the same real-role exemption check in `root_checkout_guard.py`. * Preserve author blocking behavior for actual author profiles. Acceptance criteria: 1. `prgs-reconciler` with `gitea.issue.comment` can post a canonical reconciler audit comment even when `comment_issue` nominally resolves to author. 2. Author profiles are still blocked from root/control-checkout mutation by #274. 3. Reviewer, merger, and reconciler exemptions are not defeated by `_preflight_resolved_role`. 4. `comment_issue` preflight no longer poisons workspace-role classification for non-author profiles. 5. Regression tests cover the reconciler comment path and the author-blocking path. 6. After this issue is fixed and merged, a reconciler can retry only the blocked canonical audit comment for PR #527 / issue #515.
Sign in to join this conversation.
No labels
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Scaled-Tech-Consulting/Gitea-Tools#540