fix(uploads): handle register retries and name-collision races

Two bugs in registerUploadedWorkspaceFile:

1. Register retry could orphan storage. When a successful response
   was lost on the wire and the client retried, the quota check saw
   the bytes already counted, failed, and cleanupOrphan deleted the
   already-registered storage object — leaving the DB row pointing
   to nothing. Fix: check getFileMetadataByKey before quota guard
   and short-circuit on existing record.

2. Concurrent same-named uploads could lose data. allocateUniqueWorkspaceFileName
   is best-effort; two racing uploads can pass it and both attempt
   the same display name. The loser's insert hits 23505, the catch
   block called cleanupOrphan, and successfully-uploaded bytes
   were deleted. Fix: retry on 23505 with a fresh allocateUniqueWorkspaceFileName,
   matching the pattern in uploadWorkspaceFile. Throw FileConflictError
   after exhaustion.

Author: waleedlatif1

apps/sim/lib/uploads/contexts/workspace/workspace-file-manager.ts

@@ -322,48 +322,75 @@ export async function registerUploadedWorkspaceFile(params: {
     throw new Error(`File size exceeds maximum of ${MAX_WORKSPACE_FILE_SIZE} bytes`)
   }
 
-  const quotaCheck = await checkStorageQuota(userId, verifiedSize)
-  if (!quotaCheck.allowed) {
-    await cleanupOrphan('quota rejection')
-    throw new Error(quotaCheck.error || 'Storage limit exceeded')
-  }
+  /**
+   * Existence check runs before the quota guard so a retry after a
+   * successful-but-network-dropped register does not (a) fail quota because
+   * the bytes are now counted, or (b) invoke cleanupOrphan on an already
+   * registered object.
+   */
+  const existing = await getFileMetadataByKey(key, 'workspace')
 
-  let fileId = `wf_${generateShortId()}`
-  let displayName: string
+  const fileId = existing?.id ?? `wf_${generateShortId()}`
+  let displayName = existing?.originalName ?? ''
   let created = false
-  const existing = await getFileMetadataByKey(key, 'workspace')
-  if (existing) {
-    fileId = existing.id
-    displayName = existing.originalName
-    logger.info(`Using existing metadata record for direct upload: ${key}`)
-  } else {
-    created = true
-    displayName = await allocateUniqueWorkspaceFileName(workspaceId, originalName)
-    try {
-      await insertFileMetadata({
-        id: fileId,
-        key,
-        userId,
-        workspaceId,
-        context: 'workspace',
-        originalName: displayName,
-        contentType,
-        size: verifiedSize,
-      })
-    } catch (insertError) {
+
+  if (!existing) {
+    const quotaCheck = await checkStorageQuota(userId, verifiedSize)
+    if (!quotaCheck.allowed) {
+      await cleanupOrphan('quota rejection')
+      throw new Error(quotaCheck.error || 'Storage limit exceeded')
+    }
+
+    let lastInsertError: unknown
+    for (let attempt = 0; attempt < MAX_UPLOAD_UNIQUE_RETRIES; attempt++) {
+      displayName = await allocateUniqueWorkspaceFileName(workspaceId, originalName)
+      try {
+        await insertFileMetadata({
+          id: fileId,
+          key,
+          userId,
+          workspaceId,
+          context: 'workspace',
+          originalName: displayName,
+          contentType,
+          size: verifiedSize,
+        })
+        created = true
+        lastInsertError = undefined
+        break
+      } catch (insertError) {
+        lastInsertError = insertError
+        if (getPostgresErrorCode(insertError) === '23505') {
+          logger.warn(
+            `Unique name conflict on register (attempt ${attempt + 1}/${MAX_UPLOAD_UNIQUE_RETRIES}), retrying with a new name`
+          )
+          continue
+        }
+        break
+      }
+    }
+
+    if (!created) {
       logger.error(
         'Failed to insert metadata after direct upload; cleaning up storage object',
-        insertError
+        lastInsertError
       )
       await cleanupOrphan('metadata insert failure')
-      throw insertError
+      if (getPostgresErrorCode(lastInsertError) === '23505') {
+        throw new FileConflictError(originalName)
+      }
+      throw lastInsertError instanceof Error
+        ? lastInsertError
+        : new Error('Failed to insert workspace file metadata')
     }
 
     try {
       await incrementStorageUsage(userId, verifiedSize)
     } catch (storageError) {
       logger.error('Failed to update storage tracking:', storageError)
     }
+  } else {
+    logger.info(`Using existing metadata record for direct upload: ${key}`)
   }
 
   const pathPrefix = getServePathPrefix()