WildDragonLLC/dragonflight
1
0
Fork 0
Code Issues 18 Pull requests 3 Projects Releases Packages Wiki Activity Actions

BUG: deleteObject in asset hard-delete may throw — route has no catch per-item #62

New issue
Closed
opened 2026-05-25 02:59:36 -04:00 by zgaetano · 0 comments
zgaetano commented 2026-05-25 02:59:36 -04:00
Owner
Copy link

Bug

DELETE /api/v1/assets/:id?hard=true calls deleteObject(proxy_s3_key), deleteObject(thumbnail_s3_key), deleteObject(original_s3_key) sequentially. If any one of these throws (S3 unavailable, bucket missing, key not found), the entire request fails 500 — but the previous S3 objects may already have been deleted. The asset row still exists because the SQL DELETE hasn't executed yet.

Impact

  • Partial delete: some S3 objects gone, asset row still in DB
  • Re-trying the DELETE will fail on the already-deleted S3 objects (S3 NoSuchKey throws unless DeleteObjectCommand is idempotent — need to verify)
  • Orphaned asset row with dangling keys

Location

services/mam-api/src/routes/assets.js:295-301

if (asset.proxy_s3_key)     await deleteObject(asset.proxy_s3_key);
if (asset.thumbnail_s3_key) await deleteObject(asset.thumbnail_s3_key);
if (asset.original_s3_key)  await deleteObject(asset.original_s3_key);
await pool.query('DELETE FROM assets WHERE id = $1', [id]);

Recommended

  • Wrap each delete in try/catch (log + continue) — S3 deletion is best-effort during cleanup
  • Or delete the DB row FIRST, then best-effort clean S3 objects
## Bug `DELETE /api/v1/assets/:id?hard=true` calls `deleteObject(proxy_s3_key)`, `deleteObject(thumbnail_s3_key)`, `deleteObject(original_s3_key)` sequentially. If any one of these throws (S3 unavailable, bucket missing, key not found), the *entire* request fails 500 — but the previous S3 objects may already have been deleted. The asset row still exists because the SQL DELETE hasn't executed yet. ## Impact - Partial delete: some S3 objects gone, asset row still in DB - Re-trying the DELETE will fail on the already-deleted S3 objects (S3 `NoSuchKey` throws unless `DeleteObjectCommand` is idempotent — need to verify) - Orphaned asset row with dangling keys ## Location `services/mam-api/src/routes/assets.js:295-301` ```js if (asset.proxy_s3_key) await deleteObject(asset.proxy_s3_key); if (asset.thumbnail_s3_key) await deleteObject(asset.thumbnail_s3_key); if (asset.original_s3_key) await deleteObject(asset.original_s3_key); await pool.query('DELETE FROM assets WHERE id = $1', [id]); ``` ## Recommended - Wrap each delete in try/catch (log + continue) — S3 deletion is best-effort during cleanup - Or delete the DB row FIRST, then best-effort clean S3 objects
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
feat/playout-mcr
feat/user-permissions
feat/recorder-codec-bitrate
feat/hls-vod-playback
feat/uxp-plugin-swap
feat/nvenc-hevc-ingest
feat/all-intra-hevc-ingest
redesign/panel-icon-rail
feat/premiere-installer
feat/youtube-importer
fix/library-and-signal-indicator
fix/srt-rtmp-thumbnail
v0.phase1-editor
Labels
Clear labels   
bug

Bug report

  
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
bug
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: WildDragonLLC/dragonflight#62
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?