feat(foundry): task owner git auth + manual owner change UI (#263)

* Add task owner git auth proposal and sandbox architecture docs - Add proposal for primary user per task with OAuth token injection for sandbox git operations (.context/proposal-task-owner-git-auth.md) - Document sandbox architecture constraints in CLAUDE.md: single sandbox per task assumption, OAuth token security implications, git auto-auth requirement, and git error surfacing rules Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add proposals for reverting to queues and rivetkit sandbox resilience - proposal-revert-actions-to-queues.md: Detailed plan for reverting the actions-only pattern back to queues/workflows now that the RivetKit queue.iter() bug is fixed. Lists what to keep (lazy tasks, resolveTaskRepoId, sync override threading, E2B fixes, frontend fixes) vs what to revert (communication pattern only). - proposal-rivetkit-sandbox-resilience.md: Rivetkit sandbox actor changes for handling destroyed/paused sandboxes, keep-alive, and the UNIQUE constraint crash fix. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * feat(foundry): add manual task owner change via UI dropdown Add an owner dropdown to the Overview tab that lets users reassign task ownership to any organization member. The owner's GitHub credentials are used for git operations in the sandbox. Full-stack implementation: - Backend: changeTaskOwnerManually action on task actor, routed through org actor's changeWorkspaceTaskOwner action, with primaryUser schema columns on both task and org index tables - Client: changeOwner method on workspace client (mock + remote) - Frontend: owner dropdown in right sidebar Overview tab showing org members, with avatar and role display - Shared: TaskWorkspaceChangeOwnerInput type and primaryUser fields on workspace snapshot types Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-16 12:03:27 +00:00 · 2026-03-16 17:05:11 -07:00 · 2026-03-16 17:05:11 -07:00 · 4111aebfce
commit 4111aebfce
parent 167712ace7
22 changed files with 1114 additions and 11 deletions
--- a/foundry/packages/client/src/backend-client.ts
+++ b/foundry/packages/client/src/backend-client.ts
@ -12,6 +12,7 @@ import type {
  TaskRecord,
  TaskSummary,
  TaskWorkspaceChangeModelInput,
+  TaskWorkspaceChangeOwnerInput,
  TaskWorkspaceCreateTaskInput,
  TaskWorkspaceCreateTaskResponse,
  TaskWorkspaceDiffInput,
@ -110,6 +111,7 @@ interface OrganizationHandle {
  stopWorkspaceSession(input: TaskWorkspaceSessionInput & AuthSessionScopedInput): Promise<void>;
  closeWorkspaceSession(input: TaskWorkspaceSessionInput & AuthSessionScopedInput): Promise<void>;
  publishWorkspacePr(input: TaskWorkspaceSelectInput & AuthSessionScopedInput): Promise<void>;
+  changeWorkspaceTaskOwner(input: TaskWorkspaceChangeOwnerInput & AuthSessionScopedInput): Promise<void>;
  revertWorkspaceFile(input: TaskWorkspaceDiffInput & AuthSessionScopedInput): Promise<void>;
  adminReloadGithubOrganization(): Promise<void>;
  adminReloadGithubRepository(input: { repoId: string }): Promise<void>;
@ -304,6 +306,7 @@ export interface BackendClient {
  stopWorkspaceSession(organizationId: string, input: TaskWorkspaceSessionInput): Promise<void>;
  closeWorkspaceSession(organizationId: string, input: TaskWorkspaceSessionInput): Promise<void>;
  publishWorkspacePr(organizationId: string, input: TaskWorkspaceSelectInput): Promise<void>;
+  changeWorkspaceTaskOwner(organizationId: string, input: TaskWorkspaceChangeOwnerInput): Promise<void>;
  revertWorkspaceFile(organizationId: string, input: TaskWorkspaceDiffInput): Promise<void>;
  adminReloadGithubOrganization(organizationId: string): Promise<void>;
  adminReloadGithubRepository(organizationId: string, repoId: string): Promise<void>;
@ -1282,6 +1285,10 @@ export function createBackendClient(options: BackendClientOptions): BackendClien
      await (await organization(organizationId)).publishWorkspacePr(await withAuthSessionInput(input));
    },

+    async changeWorkspaceTaskOwner(organizationId: string, input: TaskWorkspaceChangeOwnerInput): Promise<void> {
+      await (await organization(organizationId)).changeWorkspaceTaskOwner(await withAuthSessionInput(input));
+    },
+
    async revertWorkspaceFile(organizationId: string, input: TaskWorkspaceDiffInput): Promise<void> {
      await (await organization(organizationId)).revertWorkspaceFile(await withAuthSessionInput(input));
    },
--- a/foundry/packages/client/src/mock/backend-client.ts
+++ b/foundry/packages/client/src/mock/backend-client.ts
@ -188,6 +188,8 @@ export function createMockBackendClient(defaultOrganizationId = "default"): Back
      unread: tab.unread,
      created: tab.created,
    })),
+    primaryUserLogin: null,
+    primaryUserAvatarUrl: null,
  });

  const buildTaskDetail = (task: TaskWorkspaceSnapshot["tasks"][number]): WorkspaceTaskDetail => ({
@ -750,6 +752,15 @@ export function createMockBackendClient(defaultOrganizationId = "default"): Back
      emitTaskUpdate(input.taskId);
    },

+    async changeWorkspaceTaskOwner(
+      _organizationId: string,
+      input: { repoId: string; taskId: string; targetUserId: string; targetUserName: string; targetUserEmail: string },
+    ): Promise<void> {
+      await workspace.changeOwner(input);
+      emitOrganizationSnapshot();
+      emitTaskUpdate(input.taskId);
+    },
+
    async revertWorkspaceFile(_organizationId: string, input: TaskWorkspaceDiffInput): Promise<void> {
      await workspace.revertFile(input);
      emitOrganizationSnapshot();
--- a/foundry/packages/client/src/mock/workspace-client.ts
+++ b/foundry/packages/client/src/mock/workspace-client.ts
@ -349,7 +349,10 @@ class MockWorkspaceStore implements TaskWorkspaceClient {

      return {
        ...currentTask,
-        activeSessionId: currentTask.activeSessionId === input.sessionId ? (currentTask.sessions.find((candidate) => candidate.id !== input.sessionId)?.id ?? null) : currentTask.activeSessionId,
+        activeSessionId:
+          currentTask.activeSessionId === input.sessionId
+            ? (currentTask.sessions.find((candidate) => candidate.id !== input.sessionId)?.id ?? null)
+            : currentTask.activeSessionId,
        sessions: currentTask.sessions.filter((candidate) => candidate.id !== input.sessionId),
      };
    });
@ -396,6 +399,14 @@ class MockWorkspaceStore implements TaskWorkspaceClient {
    }));
  }

+  async changeOwner(input: { repoId: string; taskId: string; targetUserId: string; targetUserName: string; targetUserEmail: string }): Promise<void> {
+    this.updateTask(input.taskId, (currentTask) => ({
+      ...currentTask,
+      primaryUserLogin: input.targetUserName,
+      primaryUserAvatarUrl: null,
+    }));
+  }
+
  private updateState(updater: (current: TaskWorkspaceSnapshot) => TaskWorkspaceSnapshot): void {
    const nextSnapshot = updater(this.snapshot);
    this.snapshot = {
--- a/foundry/packages/client/src/remote/workspace-client.ts
+++ b/foundry/packages/client/src/remote/workspace-client.ts
@ -1,6 +1,7 @@
 import type {
  TaskWorkspaceAddSessionResponse,
  TaskWorkspaceChangeModelInput,
+  TaskWorkspaceChangeOwnerInput,
  TaskWorkspaceCreateTaskInput,
  TaskWorkspaceCreateTaskResponse,
  TaskWorkspaceDiffInput,
@ -140,6 +141,11 @@ class RemoteWorkspaceStore implements TaskWorkspaceClient {
    await this.refresh();
  }

+  async changeOwner(input: TaskWorkspaceChangeOwnerInput): Promise<void> {
+    await this.backend.changeWorkspaceTaskOwner(this.organizationId, input);
+    await this.refresh();
+  }
+
  private ensureStarted(): void {
    if (!this.unsubscribeWorkspace) {
      this.unsubscribeWorkspace = this.backend.subscribeWorkspace(this.organizationId, () => {
--- a/foundry/packages/client/src/workspace-client.ts
+++ b/foundry/packages/client/src/workspace-client.ts
@ -1,6 +1,7 @@
 import type {
  TaskWorkspaceAddSessionResponse,
  TaskWorkspaceChangeModelInput,
+  TaskWorkspaceChangeOwnerInput,
  TaskWorkspaceCreateTaskInput,
  TaskWorkspaceCreateTaskResponse,
  TaskWorkspaceDiffInput,
@ -43,6 +44,7 @@ export interface TaskWorkspaceClient {
  closeSession(input: TaskWorkspaceSessionInput): Promise<void>;
  addSession(input: TaskWorkspaceSelectInput): Promise<TaskWorkspaceAddSessionResponse>;
  changeModel(input: TaskWorkspaceChangeModelInput): Promise<void>;
+  changeOwner(input: TaskWorkspaceChangeOwnerInput): Promise<void>;
 }

 export function createTaskWorkspaceClient(options: CreateTaskWorkspaceClientOptions): TaskWorkspaceClient {