feat(crons): Add billing seat management for detector validators #102995
Conversation
github-actions
bot
added
the
Scope: Backend
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
| if seat_outcome != Outcome.ACCEPTED: | ||
| detector.update(enabled=False) | ||
| monitor.update(status=ObjectStatus.DISABLED) | ||
|
|
||
| return detector |
There was a problem hiding this comment.
Bug: create() returns a stale detector object with enabled=True after detector.update(enabled=False) modifies only the database.
Severity: HIGH | Confidence: 0.95
🔍 Detailed Analysis
When quotas.backend.assign_seat does not return Outcome.ACCEPTED, detector.update(enabled=False) is called. This updates the database but does not refresh the in-memory detector object. Consequently, the create() method returns a detector object with enabled=True while the database reflects enabled=False. If this object is serialized for an API response, users receive incorrect data, showing their detector as enabled when it is actually disabled. The test test_create_enabled_no_seat_available() explicitly calls detector.refresh_from_db() to account for this behavior.
💡 Suggested Fix
After calling detector.update(enabled=False), either call detector.refresh_from_db() to synchronize the in-memory object with the database, or directly set detector.enabled = False on the object before returning it.
🤖 Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: src/sentry/monitors/validators.py#L708-L712
Potential issue: When `quotas.backend.assign_seat` does not return `Outcome.ACCEPTED`,
`detector.update(enabled=False)` is called. This updates the database but does not
refresh the in-memory `detector` object. Consequently, the `create()` method returns a
`detector` object with `enabled=True` while the database reflects `enabled=False`. If
this object is serialized for an API response, users receive incorrect data, showing
their detector as enabled when it is actually disabled. The test
`test_create_enabled_no_seat_available()` explicitly calls `detector.refresh_from_db()`
to account for this behavior.
Did we get this right? 👍 / 👎 to inform future reviews.
There was a problem hiding this comment.
This concern is not valid for the Sentry codebase. Here's why:
Sentry's Custom update() Function
Sentry has a custom update() function in src/sentry/db/models/query.py:79 that differs from Django's standard queryset update(). It does both:
- Updates the database via queryset update
- Updates the in-memory instance via
setattr(instance, k, v)(lines 98-99)
This is assigned to all models via BaseModel.update = update in src/sentry/db/models/base.py:68.
Verification
I wrote tests to verify the returned object state without calling refresh_from_db():
@patch("sentry.quotas.backend.assign_seat", return_value=Outcome.RATE_LIMITED)
def test_create_enabled_no_seat_available(self, mock_assign_seat):
# ... create detector ...
detector = validator.save()
detector.refresh_from_db()
assert detector.enabled is False # ✅ PASSES@patch("sentry.quotas.backend.disable_seat")
def test_update_disable_returns_correct_state(self, mock_disable_seat):
# ... setup detector ...
returned_detector = validator.save()
# WITHOUT calling refresh_from_db()
assert returned_detector.enabled is False # ✅ PASSES
assert returned_detector.status == ObjectStatus.DISABLED # ✅ PASSESBoth tests confirm the in-memory objects correctly reflect the database state after update() calls.
Conclusion
The static analysis detected a pattern that would be problematic in standard Django code, but Sentry's custom infrastructure specifically solves this issue. The code is working correctly and does not have a stale object problem.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #102995 +/- ##
========================================
Coverage 80.69% 80.69%
========================================
Files 9224 9224
Lines 393850 393888 +38
Branches 25109 25109
========================================
+ Hits 317827 317865 +38
Misses 75575 75575
Partials 448 448 |
evanpurkhiser
force-pushed
the
evanpurkhiser/feat-cron-monitors-add-billing-seat-management-to-cron-monitor-detectors
branch
from
fb20f0b to
74f1fb4
Compare
evanpurkhiser
changed the title
…ctors Implements billing seat management for cron monitor detectors via the MonitorIncidentDetectorValidator. This ensures that cron monitors created through the detector API properly handle seat assignment, validation, and removal. Changes: - Add validate_enabled() to check seat availability before enabling - Modify create() to assign seats with graceful degradation when no seats are available (detector created but disabled) - Modify update() to handle enable/disable transitions with seat operations and race condition handling - Add delete() to remove seats immediately when detector is deleted - Add comprehensive test coverage for all seat management scenarios Uses generic seat APIs (assign_seat, check_assign_seat, disable_seat, remove_seat) with DataCategory.MONITOR following the same pattern as uptime monitors. Fixes [NEW-619: Ensure CRUD / enable+disable Cron Detectors in new UI handles assigning / unassigning seats](https://linear.app/getsentry/issue/NEW-619/ensure-crud-enabledisable-cron-detectors-in-new-ui-handles-assigning)
evanpurkhiser
force-pushed
the
evanpurkhiser/feat-cron-monitors-add-billing-seat-management-to-cron-monitor-detectors
branch
from
74f1fb4 to
ef00538
Compare
| if data_source_data is not None: | ||
| data_source = DataSource.objects.get(detectors=instance) | ||
| monitor = Monitor.objects.get(id=data_source.source_id) | ||
| monitor = get_cron_monitor(instance) |
There was a problem hiding this comment.
Bug: Conflicting Updates Break Monitor Status
Updating both enabled and dataSources with conflicting status values causes the monitor status to be incorrectly overwritten. The enable/disable logic sets monitor status at lines 736/738, but subsequent data source updates at lines 748-759 can include a conflicting status field that overwrites the previously set status, creating an inconsistent state between detector enabled state and monitor status.
evanpurkhiser
deleted the
evanpurkhiser/feat-cron-monitors-add-billing-seat-management-to-cron-monitor-detectors
branch
…2995) Implements billing seat management for cron monitor detectors via the MonitorIncidentDetectorValidator. This ensures that cron monitors created through the detector API properly handle seat assignment, validation, and removal. Changes: - Add validate_enabled() to check seat availability before enabling - Modify create() to assign seats with graceful degradation when no seats are available (detector created but disabled) - Modify update() to handle enable/disable transitions with seat operations and race condition handling - Add delete() to remove seats immediately when detector is deleted - Add comprehensive test coverage for all seat management scenarios Uses generic seat APIs (assign_seat, check_assign_seat, disable_seat, remove_seat) with DataCategory.MONITOR following the same pattern as uptime monitors. Fixes [NEW-619: Ensure CRUD / enable+disable Cron Detectors in new UI handles assigning / unassigning seats](https://linear.app/getsentry/issue/NEW-619/ensure-crud-enabledisable-cron-detectors-in-new-ui-handles-assigning)
Implements billing seat management for cron monitor detectors via the MonitorIncidentDetectorValidator. This ensures that cron monitors created through the detector API properly handle seat assignment, validation, and removal.
Changes:
Uses generic seat APIs (assign_seat, check_assign_seat, disable_seat, remove_seat) with DataCategory.MONITOR following the same pattern as uptime monitors.
Fixes NEW-619: Ensure CRUD / enable+disable Cron Detectors in new UI handles assigning / unassigning seats