AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.
fix(backend): allow admins to download submitted agents pending review (#12535)
## Why Admins cannot download submitted-but-not-yet-approved agents from `/admin/marketplace`. Clicking "Download" fails silently with a Server Components render error. This blocks admins from reviewing agents that companies have submitted. ## What Remove the redundant ownership/marketplace check from `get_graph_as_admin()` that was silently tightened in PR #11323 (Nov 2025). Add regression tests for both the admin download path and the non-admin marketplace access control. ## How **Root cause:** In PR #11323, Reinier refactored an inline `StoreListingVersion` query (which had no status filter) into a call to `is_graph_published_in_marketplace()` (which requires `submissionStatus: APPROVED`). This was collateral cleanup — his PR focused on sub-agent execution permissions — but it broke admin download of pending agents. **Fix:** Remove the ownership/marketplace check from `get_graph_as_admin()`, keeping only the null guard. This is safe because `get_graph_as_admin` is only callable through admin-protected routes (`requires_admin_user` at router level). **Tests added:** - `test_admin_can_access_pending_agent_not_owned` — admin can access a graph they don't own that isn't APPROVED - `test_admin_download_pending_agent_with_subagents` — admin export includes sub-graphs - `test_get_graph_non_owner_approved_marketplace_agent` — protects PR #11323: non-owners CAN access APPROVED agents - `test_get_graph_non_owner_pending_marketplace_agent_denied` — protects PR #11323: non-owners CANNOT access PENDING agents ### Checklist - [x] I have clearly listed my changes in the PR description - [x] I have made a test plan - [x] I have tested my changes according to the test plan: - [x] 4 regression tests pass locally - [x] Admin can download pending agents (verified via unit test) - [x] Non-admin marketplace access control preserved ## Test plan - [ ] Verify admin can download a submitted-but-not-approved agent from `/admin/marketplace` - [ ] Verify non-admin users still cannot access admin endpoints - [ ] Verify the download succeeds without console errors 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes access-control behavior for admin graph retrieval; risk is mitigated by route-level admin auth but misuse of `get_graph_as_admin()` outside admin-protected routes would expose non-approved graphs. > > **Overview** > Admins can now download/review **submitted-but-not-approved** marketplace agents: `get_graph_as_admin()` no longer enforces ownership or *marketplace APPROVED* checks, only returning `None` when the graph doesn’t exist. > > Adds regression tests covering the admin download/export path (including sub-graphs) and confirming non-admin behavior is unchanged: non-owners can fetch **APPROVED** marketplace graphs but cannot access **pending** ones. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit a6d2d69ae4e5cd47c4d8dddb5566c3052c8a90d0. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Claude Opus 4.6 (1M context) <[email protected]>
N
Nicholas Tindle committed
b80e5ea98796a40ff4816046517467b9365689a6
Parent: 3d4fcfa
Committed by GitHub <[email protected]>
on 3/24/2026, 7:40:17 AM