Skip to content

fix: fall back to default plan for unknown X-User-Plan values#875

Merged
louise-poole merged 1 commit intomainfrom
lp/fix-plan-fallback-handling
Mar 11, 2026
Merged

fix: fall back to default plan for unknown X-User-Plan values#875
louise-poole merged 1 commit intomainfrom
lp/fix-plan-fallback-handling

Conversation

@louise-poole
Copy link
Collaborator

@louise-poole louise-poole commented Mar 11, 2026

PlansConfig::resolve() previously returned an error for unknown plan names, causing requests with unrecognized X-User-Plan headers to fail.

Now it falls back to the "default" plan if one is configured, or returns None (unrestricted) if no default exists. resolve_plan_restrictions() simplified from Result<Option<>> to Option<> since it can no longer fail.

@louise-poole @claude
fix: fall back to default plan for unknown X-User-Plan values
ea687df 
PlansConfig::resolve() previously returned an error for unknown plan
names, causing requests with unrecognized X-User-Plan headers to fail.

Now it falls back to the "default" plan if one is configured, or returns
None (unrestricted) if no default exists. resolve_plan_restrictions()
simplified from Result<Option<_>> to Option<_> since it can no longer
fail.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@github-project-automation github-project-automation bot moved this to Todo in Tycho Mar 11, 2026
@github-actions
Copy link

github-actions bot commented Mar 11, 2026

To run Claude review, comment /review or /claude-review on this PR.

@louise-poole
Copy link
Collaborator Author

louise-poole commented Mar 11, 2026

/review

@claude
Copy link
Contributor

claude bot commented Mar 11, 2026
edited
Loading

Claude finished @louise-poole's task in 1m 17s —— View job

One security concern — see inline comment.

claude[bot]
claude bot reviewed Mar 11, 2026
View reviewed changes
tycho-indexer/src/services/middleware/plan_restrictions.rs
defaulting to unrestricted"
);
}
default
Copy link
Contributor

@claude claude bot Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If plans are configured (e.g. free, pro) but no default key exists, an unrecognised header value returns None here — granting unrestricted access. That only makes sense when no plans are configured at all.

When self.plans is non-empty and no default key exists, an unknown plan name should probably be treated as an error (or at minimum use the most-restrictive available plan) rather than falling back to unrestricted. Fix this →

@github-project-automation github-project-automation bot moved this from Todo to In Progress in Tycho Mar 11, 2026
@louise-poole louise-poole merged commit 97827ee into main Mar 11, 2026
13 of 14 checks passed
@louise-poole louise-poole deleted the lp/fix-plan-fallback-handling branch March 11, 2026 09:46
@github-project-automation github-project-automation bot moved this from In Progress to Done in Tycho Mar 11, 2026
propellerci bot pushed a commit that referenced this pull request Mar 11, 2026
@semantic-release-bot
chore(release): 0.147.2 [skip ci]
6649082 
## [0.147.2](0.147.1...0.147.2) (2026-03-11)

### Bug Fixes

* fall back to default plan for unknown X-User-Plan values ([ea687df](ea687df))
* fall back to default plan for unknown X-User-Plan values ([#875](#875)) ([97827ee](97827ee))
@propellerci
Copy link

propellerci bot commented Mar 11, 2026

This PR is included in version 0.147.2 🎉

@propellerci propellerci bot added the true label Mar 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@zizou0x zizou0x zizou0x approved these changes

Assignees

No one assigned

Labels

true

Projects

Tycho
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@louise-poole @zizou0x