fix: A2 (relax art-source CHECK) + D + E integration residual

A2 — migration 0030: the albums/artists art `*_source` CHECK was a
fixed provider-ID allowlist fighting the extensible coverart.Register
registry (per-provider migration churn at 0016/0018/0020; rejected
test stub providers → ~11 enricher tests failed). Relax to "NULL or
non-empty"; the registry is the source of truth. Same brittleness
class as the #433 discovery-mix CHECK.

D — lidarr Approve resolves metadata/quality profiles (JSON arrays)
before the add; the test stubs returned {"id":1} for every path, so
ListMetadataProfiles failed to unmarshal → 500/Approve errors. Make
the lidarrrequests + admin_requests stubs path-aware (arrays for
/metadataprofile, /qualityprofile).

E:
- auth: requireUser (prelude.go) emitted code "auth_required"; the
  canonical code is "unauthenticated" (operator decision). Change the
  code; drop the now-dead "auth_required" web error-copy key
  ("unauthenticated" already has copy).
- playlists_system_test wrapped the real auth.RequireUser middleware
  but only injected withUser() context → 401. Like every other api
  handler test, drop the middleware and rely on requireUser().
- admin_users dup-username test seeded "test-existing" (seedUser
  prefixes) but POSTed "existing" → no collision; POST the prefixed
  name.
- me_timezone test decoded a top-level {"code"} but the envelope is
  {"error":{"code"}}; decode the nested shape.
- audit test asserted compact JSON; Postgres jsonb::text is spaced.
- put-lidarr-config tests predated the missing_defaults gate (correct
  handler behavior); supply the required defaults in the bodies.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-17 20:22:30 -04:00
parent 75163ea483
commit 53a02322fb
11 changed files with 89 additions and 18 deletions
@@ -0,0 +1,15 @@
-- Restore the 0020 fixed-allowlist CHECKs. FAILS if any row holds a
-- source value outside the allowlist (the exact case 0030 enables) —
-- normalise such rows before rolling back.
ALTER TABLE albums DROP CONSTRAINT IF EXISTS albums_cover_art_source_check;
ALTER TABLE albums
ADD CONSTRAINT albums_cover_art_source_check
CHECK (cover_art_source IS NULL
OR cover_art_source IN ('embedded','sidecar','mbcaa','theaudiodb','deezer','lastfm','none'));
ALTER TABLE artists DROP CONSTRAINT IF EXISTS artists_artist_art_source_check;
ALTER TABLE artists
ADD CONSTRAINT artists_artist_art_source_check
CHECK (artist_art_source IS NULL
OR artist_art_source IN ('theaudiodb','deezer','lastfm','none'));
@@ -0,0 +1,19 @@
-- The cover/artist art `*_source` column stores the recording
-- provider's registry ID. coverart.Register makes the provider set
-- extensible, so a fixed IN-list CHECK (0016 → 0018 → 0020) required a
-- schema migration for every new provider and rejected any
-- out-of-list value (e.g. test stub providers). Same brittleness
-- class as the discovery-mix CHECK incident (#433): a fixed-value
-- CHECK fighting an extensible value set. Relax to "NULL or any
-- non-empty string" — the registry, not the schema, is the source of
-- truth for valid provider IDs.
ALTER TABLE albums DROP CONSTRAINT IF EXISTS albums_cover_art_source_check;
ALTER TABLE albums
ADD CONSTRAINT albums_cover_art_source_check
CHECK (cover_art_source IS NULL OR cover_art_source <> '');
ALTER TABLE artists DROP CONSTRAINT IF EXISTS artists_artist_art_source_check;
ALTER TABLE artists
ADD CONSTRAINT artists_artist_art_source_check
CHECK (artist_art_source IS NULL OR artist_art_source <> '');