Return 400 for write canned-query SQL failures

POST to a write canned query previously returned HTTP 200 with
{"ok": false, "message": ...} when the SQL failed to execute, so JSON
clients (and anything that trusts HTTP status) recorded success for
failed writes. SQL failures now return 400 with the canonical error
shape plus the "redirect" context key from on_error_redirect; the
QueryWriteRejected 403 branch uses the canonical shape too. Successful
executions and the HTML flash-message flow are unchanged.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01GrHZSypDfMnym1tM5XJAFZ
This commit is contained in:
Claude 2026-07-04 14:35:54 +00:00
commit e8048e023f
No known key found for this signature in database
6 changed files with 179 additions and 25 deletions

View file

@ -1132,12 +1132,14 @@ queries.
`_random_chars_<N>`, `_cookie_<name>`, `_header_<name>` (underscores →
hyphens). User-stored queries cannot contain magic parameters — they are a
feature of config/trusted queries.
- **Response — 200 for both success and SQL failure** (only permission
rejection is 403):
`{"ok": true|false, "message": "...", "redirect": "..."|null}`
`message` honors `on_success_message_sql` / `on_success_message` /
`on_error_message`, falling back to `"Query executed"` or
`"Query executed, N rows affected"`.
- **Response:** success → 200
`{"ok": true, "message": "...", "redirect": "..."|null}``message`
honors `on_success_message_sql` / `on_success_message`, falling back to
`"Query executed"` or `"Query executed, N rows affected"`. SQL failure →
**400** canonical error (message honors `on_error_message`) plus a
`redirect` context key from `on_error_redirect`. Operation rejection
(`QueryWriteRejected`, e.g. VACUUM) → 403 canonical error plus
`redirect: null`.
---