fix: delete_entry IDOR — uniform response for single-entry deletes (#193)#234
Merged
Conversation
) Single-entry delete by ID now returns "status": "acknowledged" with no trashed count, preventing entry existence enumeration across tenants. Includes a note field: "If the entry was not found, no action was taken." Bulk deletes (tags, source) retain their counts since they're already scoped by owner_id. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
github-actions
Bot
added
the
Awaiting CI
cmeans-claude-dev
Bot
added
the
Dev Active
github-actions
Bot
removed
the
Awaiting CI
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
cmeans-claude-dev
Bot
added
Ready for QA
cmeans
added
QA Active
Owner
|
Adding QA Active — starting code review and manual testing of IDOR fix. |
cmeans
reviewed
Apr 10, 2026
Owner
cmeans
left a comment
cmeans
left a comment
There was a problem hiding this comment.
QA Review — PR #234: delete_entry IDOR fix
Code Review
Changes reviewed: tools.py, test_server.py, CHANGELOG.md (3 files, +13/−7)
The fix is minimal and correct:
- Single-entry
delete_entry(entry_id=...)now discards thesoft_delete_by_idreturn value and returns a uniform"acknowledged"response regardless of whether the entry existed - No
trashedcount is exposed, eliminating the IDOR vector (attacker could previously enumerate entry existence by observingtrashed: 0vstrashed: 1) - Bulk paths (tags, source) are unchanged — their counts are safe since they're already owner-scoped via
_owner_id() - SQL layer (
soft_delete_by_id.sql) properly scopes byowner_idANDdeleted IS NULL— no cross-tenant access possible even at the store level - Store method still returns
bool— the change is purely at the tool layer, which is the right boundary
No findings.
Automated Tests
| Suite | Result |
|---|---|
| pytest | 763/763 passed (21.8s) |
| ruff | Clean |
| mypy | Clean |
Manual MCP Tests (via docker-compose.qa.yaml stack)
| # | Test | Result |
|---|---|---|
| 1 | Delete existing entry returns acknowledged |
PASS |
| 2 | Delete nonexistent entry returns identical shape | PASS |
| 3 | Bulk delete by tags still shows count | PASS |
All 3/3 manual tests pass. PR checkboxes updated.
Verdict
Zero findings. Clean fix at the right abstraction layer. Ready for signoff.
Owner
|
All checks pass, zero findings on code review and manual testing. Adding Ready for QA Signoff. |
cmeans
added
Ready for QA Signoff
cmeans
added
QA Approved
cmeans
pushed a commit
that referenced
this pull request
Apr 10, 2026
6 bug-fix PRs since v0.16.1: - #226 LazyStore thread safety (#164) - #227 SQL template injection hardening (#165) - #232 Stateless HTTP mode (#180) - #233 GET /mcp intercept + request logger (#178) - #234 delete_entry IDOR fix (#193) - #236 RLS-safe opt-in cleanup (#179, #183) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
cmeans-claude-dev Bot
added a commit
that referenced
this pull request
Apr 10, 2026
6 bug-fix PRs since v0.16.1: - #226 LazyStore thread safety (#164) - #227 SQL template injection hardening (#165) - #232 Stateless HTTP mode (#180) - #233 GET /mcp intercept + request logger (#178) - #234 delete_entry IDOR fix (#193) - #236 RLS-safe opt-in cleanup (#179, #183) Co-authored-by: cmeans-claude-dev[bot] <3223881+cmeans-claude-dev[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This was referenced Apr 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
delete_entry(entry_id=...)now returns"status": "acknowledged"with notrashedcount — prevents entry existence enumeration across tenants"note": "If the entry was not found, no action was taken."— honest without revealing whyCloses #193
QA
Prerequisites
pip install -e ".[dev]"AWARENESS_PORT=8421)Manual tests (via MCP tools)
Note the ID, then:
Expected:
{"status": "acknowledged", "entry_id": "...", "recoverable_days": 30, "note": "..."}Expected: identical response shape —
acknowledged, notrashedfieldExpected:
{"status": "ok", "trashed": <N>, ...}— bulk path unchanged🤖 Generated with Claude Code