[BUG][HIGH] Race condition in free cloud selection for self-assignment

[kambiz-aghaiepour]

Description

When cloud is not specified in a self-assignment request, CloudDao.get_free_clouds() picks the first free cloud. Two concurrent requests can retrieve the same cloud before either creates an assignment, leading to two active assignments on one cloud.

Affected Code

• src/quads/server/blueprints/assignments.py:373-381

_free_clouds = CloudDao.get_free_clouds()
if not _free_clouds:
    # ...
_cloud = _free_clouds[0]

Impact

• Multiple active assignments on the same cloud
• Network/VLAN conflicts
• Resource allocation corruption

Recommended Fix

Use database-level locking (SELECT ... FOR UPDATE) when selecting a free cloud, or perform cloud selection and assignment creation within a single transaction.

[sadsfae]

I don't think this is valid, when a cloud is defined it's locked for a period of time. Even if there is some small, atomic miniscule window it's not worth carrying heavy database overhead for what is effectively defensive programming.

or perform cloud selection and assignment creation within a single transaction.

This is not how QUADS works, and often cloud definition (which is protected once defined) happens first and some time passes before assignments are actually entered - we don't want to force usage changes here on anyone.

Note that self-scheduling and even quads-client workflows combine these actions anyway. Defer to @grafuls but I think we can close this.