feat(BA-5737): add RBAC-enforced VFolder create mutations#11139
Draft
feat(BA-5737): add RBAC-enforced VFolder create mutations#11139
Conversation
github-actions
bot
added
size:XL
fregataa
added a commit
that referenced
this pull request
Apr 16, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a project-scoped mutation surface for vfolder v2 so project admin flows can create/delete vfolders via PROJECT-scoped RBAC (consistent with the existing projectVfolders query).
Changes:
- Introduce PROJECT-scoped vfolder actions (
Create/Delete/BulkDelete*InProject) and wire them throughScopeActionProcessorusing scope RBAC validators. - Expose new GraphQL mutations (
createProjectVfolderV2,deleteProjectVfolderV2,bulkDeleteProjectVfoldersV2) backed by the new adapter methods. - Add unit/component test coverage for delete/bulk-delete project-scoped paths and service routing.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/unit/manager/services/vfolder/test_vfolder_in_project_service.py | Unit tests for service delegation and project membership checks. |
| tests/component/vfolder_v2/test_vfolder_project_mutations.py | Component tests exercising RBAC + service behavior for project-scoped deletes. |
| src/ai/backend/manager/services/vfolder/services/vfolder.py | Adds create_in_project, delete_in_project, bulk_delete_in_project service methods. |
| src/ai/backend/manager/services/vfolder/processors/vfolder.py | Registers new PROJECT-scoped action processors and supported action specs. |
| src/ai/backend/manager/services/vfolder/actions/vfolder_in_project.py | New PROJECT-scoped action/result dataclasses for create/delete/bulk-delete. |
| src/ai/backend/manager/api/gql/vfolder_v2/resolver/mutation.py | Adds new GraphQL mutations for project-scoped create/delete/bulk-delete. |
| src/ai/backend/manager/api/gql/vfolder_v2/resolver/init.py | Exports the new mutation resolvers. |
| src/ai/backend/manager/api/gql/vfolder_v2/init.py | Re-exports new vfolder v2 mutations for schema wiring. |
| src/ai/backend/manager/api/gql/schema.py | Adds new mutation fields to the GraphQL Mutation type. |
| src/ai/backend/manager/api/adapters/vfolder.py | Adds adapter entrypoints that dispatch project-scoped actions to processors. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
fregataa
added a commit
that referenced
this pull request
Apr 16, 2026
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
from
c8a7a42 to
14fd0ed
Compare
jopemachine
reviewed
Apr 16, 2026
Member
|
I remembered there was a discussion about not using VFolderV2 in GraphQL because it would interfere with the agentic workflow. |
jopemachine
reviewed
Apr 16, 2026
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
from
e2e94f0 to
6021bea
Compare
github-actions
bot
added
comp:client
fregataa
added a commit
that referenced
this pull request
Apr 16, 2026
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
from
6021bea to
82bb6c1
Compare
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
2 times, most recently
from
cb815be to
eb22e8e
Compare
fregataa
added a commit
that referenced
this pull request
Apr 16, 2026
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
from
638554d to
3de71a7
Compare
fregataa
added a commit
that referenced
this pull request
Apr 16, 2026
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
2 times, most recently
from
a95a4d9 to
9e1e8e9
Compare
fregataa
commented
Apr 16, 2026
Comment on lines
+1637
to
+1639
| self, action: CreateVFolderInProjectAction | ||
| ) -> CreateVFolderInProjectActionResult: | ||
| """Create a vfolder owned by a project. |
Member
Author
There was a problem hiding this comment.
This function works same as create_v2() except permission check
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
2 times, most recently
from
5f76a19 to
2e5bb7c
Compare
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
from
69e108d to
e3e1065
Compare
fregataa
added a commit
that referenced
this pull request
Apr 16, 2026
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
2 times, most recently
from
6968641 to
bb99e05
Compare
Member
|
PR title seems outdated |
jopemachine
reviewed
Apr 17, 2026
| """ | ||
| Added in UNRELEASED. Create a virtual folder owned by the specified project. Requires project-scoped CREATE permission. | ||
| """ | ||
| createProjectVFolder(projectId: UUID!, input: CreateVFolderV2Input!): CreateVFolderV2Payload! @join__field(graph: STRAWBERRY) |
Member
There was a problem hiding this comment.
VFolderV2 is still included
Member
Author
There was a problem hiding this comment.
CreateVFolderV2Input is an existing type, not a new one
fregataa
changed the title
Add createProjectVFolder GraphQL mutation, REST POST endpoint, SDK method, and CLI command for creating vfolders within a project scope. Uses ScopeActionProcessor + scope_rbac_validators. Independent create_in_project() service — no legacy UserRole gate. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: octodog <mu001@lablup.com>
fregataa
force-pushed
the
feature/BA-5737-project-vfolder-mutations
branch
from
499eb4c to
305e551
Compare
Comment on lines
+6791
to
+6794
| """ | ||
| Added in UNRELEASED. Create a virtual folder owned by the specified project. Requires project-scoped CREATE permission. | ||
| """ | ||
| createProjectVFolder(projectId: UUID!, input: CreateVFolderV2Input!): CreateVFolderV2Payload! |
Collaborator
There was a problem hiding this comment.
It seems there’s already a mutation that uses CreateVFolderV2Input; please check that. Since the projectId value is already included, it feels like we’re setting a duplicate field.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
createProjectVfolderV2GraphQL mutations so project admin flows have a consistent project-scoped mutation surface alongside the existingprojectVfoldersquery.Test plan
pants fmt :: && pants fix :: && pants lint --changed-since=origin/main— greenResolves BA-5737
📚 Documentation preview 📚: https://sorna--11139.org.readthedocs.build/en/11139/
📚 Documentation preview 📚: https://sorna-ko--11139.org.readthedocs.build/ko/11139/