fix: prevent database recreation for detached projects

- Add validate_project_not_detached dependency in server/dependencies.py
- Block features/schedules/review/agent APIs for detached projects (409 Conflict)
- Add auto-cleanup of orphaned db files at reattach
- Add detach check in scheduler_service (7 methods)
- Add 93 tests for detach functionality

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: cabana8471-arch

detach.py

@@ -907,6 +907,62 @@ def detach_project(
             release_detach_lock(project_dir)
 
 
+def _cleanup_orphaned_db_files(project_dir: Path, manifest: Manifest) -> list[str]:
+    """Remove database files that were recreated after detach.
+
+    When the UI/API accesses a detached project, it may recreate empty
+    database files. This function detects and removes them before restore.
+
+    Heuristic: If root file is smaller than backup file, it was recreated empty.
+
+    Args:
+        project_dir: Path to the project directory
+        manifest: Backup manifest containing original file info
+
+    Returns:
+        List of files that were cleaned up
+    """
+    cleaned = []
+
+    # Build map of backup database files with their sizes
+    backup_db_files = {}
+    for entry in manifest.get("files", []):
+        path = entry.get("path", "")
+        if path in ("features.db", "assistant.db"):
+            backup_db_files[path] = entry.get("size", 0)
+
+    for db_name in ["features.db", "assistant.db"]:
+        root_file = project_dir / db_name
+
+        # If root file exists but backup also has it, check if recreated
+        if root_file.exists() and db_name in backup_db_files:
+            root_size = root_file.stat().st_size
+            backup_size = backup_db_files[db_name]
+
+            # If root is much smaller than backup, it was likely recreated empty
+            # Empty SQLite DB is typically 4-8KB, real DB with features is much larger
+            if backup_size > 0 and root_size < backup_size:
+                try:
+                    root_file.unlink()
+                    cleaned.append(db_name)
+                    logger.info(f"Removed recreated {db_name} ({root_size}B < {backup_size}B backup)")
+                except OSError as e:
+                    logger.warning(f"Failed to remove orphaned {db_name}: {e}")
+
+        # Always clean WAL/SHM files at root - they should be in backup if needed
+        for ext in ["-shm", "-wal"]:
+            wal_file = project_dir / f"{db_name}{ext}"
+            if wal_file.exists():
+                try:
+                    wal_file.unlink()
+                    cleaned.append(f"{db_name}{ext}")
+                    logger.debug(f"Removed orphaned {db_name}{ext}")
+                except OSError as e:
+                    logger.warning(f"Failed to remove {db_name}{ext}: {e}")
+
+    return cleaned
+
+
 def reattach_project(name_or_path: str) -> tuple[bool, str, int, list[str]]:
     """
     Reattach a project by restoring Autocoder files from backup.
@@ -945,6 +1001,16 @@ def reattach_project(name_or_path: str) -> tuple[bool, str, int, list[str]]:
         return False, "Another detach operation is in progress.", 0, []
 
     try:
+        # Read manifest for cleanup decision
+        manifest = get_backup_info(project_dir)
+
+        # Clean up orphaned database files that may have been recreated
+        # by the UI/API accessing the detached project
+        if manifest:
+            cleaned = _cleanup_orphaned_db_files(project_dir, manifest)
+            if cleaned:
+                logger.info(f"Cleaned up {len(cleaned)} orphaned files before restore: {cleaned}")
+
         success, files_restored, conflicts = restore_backup(project_dir)
         if success:
             if conflicts:

server/dependencies.py

@@ -0,0 +1,87 @@
+"""
+Server Dependencies
+===================
+
+FastAPI dependencies for common validation patterns.
+"""
+
+import sys
+from pathlib import Path
+
+from fastapi import HTTPException
+
+
+def _get_detach_module():
+    """Lazy import of detach module."""
+    root = Path(__file__).parent.parent
+    if str(root) not in sys.path:
+        sys.path.insert(0, str(root))
+    import detach
+    return detach
+
+
+def _get_registry_module():
+    """Lazy import of registry module."""
+    root = Path(__file__).parent.parent
+    if str(root) not in sys.path:
+        sys.path.insert(0, str(root))
+    from registry import get_project_path
+    return get_project_path
+
+
+def validate_project_not_detached(project_name: str) -> Path:
+    """Validate that a project is not detached.
+
+    This dependency ensures that database operations are not performed
+    on detached projects, which would cause empty database recreation.
+
+    Args:
+        project_name: The project name to validate
+
+    Returns:
+        Path to the project directory if accessible
+
+    Raises:
+        HTTPException 404: If project not found in registry
+        HTTPException 409: If project is detached (Conflict)
+    """
+    get_project_path = _get_registry_module()
+    detach = _get_detach_module()
+
+    project_dir = get_project_path(project_name)
+    if project_dir is None:
+        raise HTTPException(
+            status_code=404,
+            detail=f"Project '{project_name}' not found in registry"
+        )
+
+    project_dir = Path(project_dir)
+    if not project_dir.exists():
+        raise HTTPException(
+            status_code=404,
+            detail=f"Project directory not found: {project_dir}"
+        )
+
+    if detach.is_project_detached(project_dir):
+        raise HTTPException(
+            status_code=409,
+            detail=f"Project '{project_name}' is detached. Reattach to access features."
+        )
+
+    return project_dir
+
+
+def check_project_detached_for_background(project_dir: Path) -> bool:
+    """Check if a project is detached (for background services).
+
+    Unlike validate_project_not_detached, this doesn't raise exceptions.
+    It's meant for background services that should silently skip detached projects.
+
+    Args:
+        project_dir: Path to the project directory
+
+    Returns:
+        True if project is detached, False otherwise
+    """
+    detach = _get_detach_module()
+    return bool(detach.is_project_detached(project_dir))

server/routers/agent.py

@@ -7,6 +7,7 @@
 """
 
 import re
+import sys
 from pathlib import Path
 
 from fastapi import APIRouter, HTTPException
@@ -15,9 +16,17 @@
 from ..services.process_manager import get_manager
 
 
-def _get_project_path(project_name: str) -> Path:
+def _get_detach_module():
+    """Lazy import of detach module."""
+    root = Path(__file__).parent.parent.parent
+    if str(root) not in sys.path:
+        sys.path.insert(0, str(root))
+    import detach
+    return detach
+
+
+def _get_project_path(project_name: str) -> Path | None:
     """Get project path from registry."""
-    import sys
     root = Path(__file__).parent.parent.parent
     if str(root) not in sys.path:
         sys.path.insert(0, str(root))
@@ -32,7 +41,6 @@ def _get_settings_defaults() -> tuple[bool, str, int]:
     Returns:
         Tuple of (yolo_mode, model, testing_agent_ratio)
     """
-    import sys
     root = Path(__file__).parent.parent.parent
     if str(root) not in sys.path:
         sys.path.insert(0, str(root))
@@ -108,6 +116,16 @@ async def start_agent(
     request: AgentStartRequest = AgentStartRequest(),
 ):
     """Start the agent for a project."""
+    # Check detach status before starting agent
+    project_dir = _get_project_path(project_name)
+    if project_dir:
+        detach = _get_detach_module()
+        if detach.is_project_detached(project_dir):
+            raise HTTPException(
+                status_code=409,
+                detail=f"Project '{project_name}' is detached. Reattach to start agent."
+            )
+
     manager = get_project_manager(project_name)
 
     # Get defaults from global settings if not provided in request