Skip to content

bug(server): when creating invalid control, an empty control is created in DB #138

New issue
New issue
Closed
Bug
#139
Closed
bug(server): when creating invalid control, an empty control is created in DB#138
Bug
#139
Labels
bugSomething isn't workingreleased
@lan17

Description

@lan17
lan17
opened on Mar 20, 2026

Summary

When creating a control with malformed payload, the server returned 422, but a control still got created with empty data in the database.

Motivation

This causes UI issues because empty controls are later loaded and fail validation.

Current behavior

Empty controls can still get created.

Expected behavior

A 422 from a write endpoint should not result in any write.

Reproduction (if bug)

  1. send a create-with-definition request
  2. the request returns 422
  3. a control is still present in the database with empty data

Verified root cause

For a create-with-definition flow, the client did:

  1. PUT /api/v1/controls with just name
  2. the server inserted an empty shell control
  3. PUT /api/v1/controls/{id}/data with the definition
  4. if step 3 returned 422, the empty shell from step 2 was still in the DB

That is the actual server-side bug. The association between agent and empty control was caller-flow dependent, but the root problem was that invalid create requests were not atomic.

Proposed solution (optional)

Validate the definition before inserting anything, so failed create requests do not persist shell controls.

Additional context

Fixed by PR #139.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingreleased

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions