fix: provider update silently drops model_type and endpoint_url#1628
Open
zhenjunchen-png wants to merge 1 commit into
Open
fix: provider update silently drops model_type and endpoint_url#1628zhenjunchen-png wants to merge 1 commit into
zhenjunchen-png wants to merge 1 commit into
Conversation
`ProviderService.update()`'s `_UPDATABLE_FIELDS` whitelist contained two
field names that don't exist on the `Provider` ORM model (`api_base` and
`extra_config`) while missing three that do (`model_type`, `endpoint_url`,
`encrypted_config`). Since the loop uses `setattr(model, key, value)`
without a `hasattr` check, the typo'd entries silently no-op'd and the
missing entries silently rejected legitimate updates from clients.
Symptom: editing a BYOK provider's model name and clicking Save (which
routes to PUT `/api/v1/provider/{id}`) appears to succeed (200 OK,
validation passes), but the database row keeps the old value and the
agent runtime continues using the previous model. Same for endpoint URL
edits.
Fix: replace the whitelist with the actual `Provider` field names (which
also match the `ProviderIn` request schema), and add a comment explaining
why the names must match verbatim.
The whitelist still excludes identity / audit fields (`id`, `user_id`,
timestamps) so the H10 security-by-design intent is preserved.
The pre-existing `is_vaild` typo is project-wide (`Provider.is_vaild`,
`VaildStatus`, etc.) and is kept as-is — out of scope for this fix.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Related Issue
Closes #1627
Description
Fix
ProviderService.update()'s_UPDATABLE_FIELDSwhitelist so it matches the realProviderORM field names. Before this fix, edits tomodel_type,endpoint_url, andencrypted_configvia PUT/api/v1/provider/{id}were silently dropped — the request returned 200 OK but the DB row stayed unchanged.api_baseendpoint_url)extra_configencrypted_config)model_typeendpoint_urlencrypted_configThe H10 security-by-design intent (whitelist instead of blanket update) is preserved; only the field names are corrected. Identity / audit fields (
id,user_id, timestamps) are still excluded.The pre-existing project-wide
is_vaildtypo (Provider.is_vaild,VaildStatus, etc.) is kept as-is — out of scope for this fix.Testing Evidence (REQUIRED)
Repro on
mainbefore the fix and on this branch after the fix; diff between the two:Manual repro (described in #1627):
model_type = claude-opus-4-6, set as default.model_typetogpt-4o→ Save.GET /api/v1/providersshows the row still hasmodel_type: "claude-opus-4-6"; agent runs continue using Claude.GET /api/v1/providersshowsmodel_type: "gpt-4o"; agent runs use GPT-4o.ruff checkon the changed file reports the same 1 pre-existing I001 (import order) issue both before and after — this PR introduces 0 new lint findings.What is the purpose of this pull request?
Contribution Guidelines Acknowledgement