fix: skip namespace write-permission check when namespace is newly created

src/cmd/root.go

@@ -12,6 +12,21 @@ import (
 )
 
 func getNodeService() (service.NodeService, error) {
+	if token := os.Getenv("AX_TOKEN"); token != "" {
+		if cfg.Remote.Host != "" {
+			base := fmt.Sprintf("http://%s:%d", cfg.Remote.Host, cfg.Remote.Port)
+			return service.NewRemoteNodeService(base, ""), nil
+		}
+		st, err := store.FindAndOpenSQLiteStore()
+		if err != nil {
+			return nil, err
+		}
+		agentID := service.LookupAgentToken(st, token)
+		if agentID == "" {
+			return nil, fmt.Errorf("invalid AX_TOKEN: agent not found")
+		}
+		return service.NewLocalNodeService(st, agentID), nil
+	}
 	user := cfg.User
 	if user == "" {
 		return nil, fmt.Errorf("no user configured: run 'ax user set <username>' first")

src/service/node_service_impl.go

@@ -185,16 +185,15 @@ func (s *nodeServiceImpl) getPermContext() (*permContext, error) {
 		}
 	}
 
-	// User and namespace nodes are globally readable (they represent identities,
+	// User nodes are globally readable (they represent identities,
 	// and anyone can reference or assign to them).
-	for _, nodeType := range []string{"user", "namespace"} {
+	// Namespace nodes are NOT globally readable; access must be explicitly granted.
-		nodes, _ := s.store.FindNodes([]*models.Rel{{Type: models.RelType("_type::" + nodeType), Target: ""}})
+	nodes, _ := s.store.FindNodes([]*models.Rel{{Type: "_type::user", Target: ""}})
 	for _, n := range nodes {
 		if pc.levels[n.ID] < permRead {
 			pc.levels[n.ID] = permRead
 		}
 	}
-	}
 
 	return pc, nil
 }
@@ -496,10 +495,16 @@ func (s *nodeServiceImpl) Add(input AddInput) (*models.Node, error) {
 			if nsRef == "" {
 				nsRef = s.userID
 			}
-			nsID, err := s.resolveNamespaceRef(st, nsRef)
+			nsID, nsCreated, err := s.resolveNamespaceRef(st, nsRef)
 			if err != nil {
 				return err
 			}
+			// Skip the write check when the namespace was just created — the
+			// current user is the creator/owner, but the permContext was built
+			// before the namespace existed and therefore doesn't reflect it.
+			if input.Namespace != "" && !nsCreated && !pc.canWrite(nsID) {
+				return fmt.Errorf("permission denied: no write access to namespace %q", input.Namespace)
+			}
 			ownerID = nsID
 		}
 		if err := st.AddRel(ownerID, string(models.RelHasOwnership), id); err != nil {
@@ -723,7 +728,7 @@ func (s *nodeServiceImpl) Update(id string, input UpdateInput) (*models.Node, er
 
 		// Namespace change: transfer ownership from the current namespace to the new one.
 		if input.Namespace != nil {
-			newNsID, err := s.resolveNamespaceRef(st, *input.Namespace)
+			newNsID, _, err := s.resolveNamespaceRef(st, *input.Namespace)
 			if err != nil {
 				return err
 			}
@@ -971,11 +976,16 @@ func (s *nodeServiceImpl) ensureUser(st store.GraphStore, username string) (stri
 	return id, nil
 }
 
-func (s *nodeServiceImpl) resolveNamespaceRef(st store.GraphStore, ref string) (string, error) {
+// resolveNamespaceRef returns the namespace ID and whether it was newly created.
+func (s *nodeServiceImpl) resolveNamespaceRef(st store.GraphStore, ref string) (string, bool, error) {
 	if exists, _ := st.NodeExists(ref); exists {
-		return ref, nil
+		return ref, false, nil
 	}
-	return s.ensureNamespace(st, ref)
+	id, err := s.ensureNamespace(st, ref)
+	if err != nil {
+		return "", false, err
+	}
+	return id, true, nil
 }
 
 func (s *nodeServiceImpl) ensureNamespace(st store.GraphStore, name string) (string, error) {