Skip to content

fix: tighten profile state handling and downloaded-recording file mode#9

Open
kshahbw wants to merge 3 commits intomainfrom
fix/profile-state-handling
Open

fix: tighten profile state handling and downloaded-recording file mode#9
kshahbw wants to merge 3 commits intomainfrom
fix/profile-state-handling

Conversation

@kshahbw
Copy link
Copy Markdown
Contributor

@kshahbw kshahbw commented May 6, 2026
edited
Loading

  • band auth switch now updates the active profile alongside the legacy field, so subsequent commands see the new account.
  • config.Load no longer mutates stored profiles; BW_* env overlays are applied at read time inside ActiveProfileConfig.
  • band recording download writes with 0600 to match config.Save.

Tests added; go test ./..., go vet ./..., go build ./... clean.

kshahbw added 3 commits May 6, 2026 14:21
@kshahbw
fix(config): apply BW_* env overlays at read time, not at load
4ffbe17 
Load was applying BW_CLIENT_ID, BW_ACCOUNT_ID, and BW_ENVIRONMENT
through the live *Profile pointer inside cfg.Profiles, so any
subsequent Save would persist those session values onto the
previously-active profile on disk.

Move the overlay into ActiveProfileConfig, which now returns a fresh
copy with env vars applied on top. Stored profiles are no longer
mutated by Load. Existing env-overlay tests updated to match the
read-time contract; new tests cover the persistence and
copy-on-overlay invariants.
@kshahbw
fix(auth): persist switched account into active profile
0ad891b 
runSwitch was setting only the legacy top-level cfg.AccountID. Once a
profile exists in cfg.Profiles, ActiveProfileConfig reads from the
profile map, so the switch wasn't reflected in subsequent commands —
they continued routing to the pre-switch account.

Update the active profile's AccountID alongside the legacy field, the
same way auth login (via SetProfile) and auth use already do. Adds a
regression test that runs runSwitch end-to-end against a temp config
and asserts the active profile is the source of truth on the next
load.
@kshahbw
fix(recording): write downloaded media with 0600 permissions
8b99591 
Recordings can contain customer call audio. Match config.Save's
permissions for sensitive blobs instead of 0644.
@kshahbw kshahbw requested review from a team as code owners May 6, 2026 18:22
@bwappsec
Copy link
Copy Markdown

bwappsec commented May 6, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kshahbw @bwappsec