Description
Two methods in src/infra/vhost/mappingCmdRepo.go silently swallow ValidateWebServerConfig() failures after rolling back the record, returning success with an orphaned ID.
Bug 1: Create() (lines 440-453)
When ValidateWebServerConfig() fails after DB insert + file write:
- The mapping is rolled back (deleted from DB, file regenerated)
- The validation error is discarded
- Function falls through to
return mappingId, ReloadWebServer()
- Caller receives success with a mappingId that no longer exists
Bug 2: CreateSecurityRule() (lines 751-764)
Same pattern — post-create validation failure triggers rollback, but returns (ruleId, ReloadWebServer()) with no error propagated.
Expected Behavior
Both methods should return the validation error to the caller instead of falling through to ReloadWebServer() after a rollback.
Impact
Callers believe the operation succeeded when it actually failed. The returned ID references nothing in the database.
Fix
Return the validation error instead of swallowing it after rollback.
Description
Two methods in
src/infra/vhost/mappingCmdRepo.gosilently swallowValidateWebServerConfig()failures after rolling back the record, returning success with an orphaned ID.Bug 1:
Create()(lines 440-453)When
ValidateWebServerConfig()fails after DB insert + file write:return mappingId, ReloadWebServer()Bug 2:
CreateSecurityRule()(lines 751-764)Same pattern — post-create validation failure triggers rollback, but returns
(ruleId, ReloadWebServer())with no error propagated.Expected Behavior
Both methods should return the validation error to the caller instead of falling through to
ReloadWebServer()after a rollback.Impact
Callers believe the operation succeeded when it actually failed. The returned ID references nothing in the database.
Fix
Return the validation error instead of swallowing it after rollback.