From 24377eab8f8b1cbd234d93e345f45baaee6c192f Mon Sep 17 00:00:00 2001
From: Alexander Renz <renz@uuxo.net>
Date: Thu, 8 Jan 2026 09:46:53 +0100
Subject: [PATCH] v3.42.12: Require cleanup confirmation for cluster restore
 with existing DBs

- Block cluster restore if existing databases found and cleanup not enabled
- User must press 'c' to enable 'Clean All First' before proceeding
- Prevents accidental data conflicts during disaster recovery
- Bug #24: Missing safety gate for cluster restore
---
 internal/tui/restore_preview.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/internal/tui/restore_preview.go b/internal/tui/restore_preview.go
index af4ed30..8c71251 100755
--- a/internal/tui/restore_preview.go
+++ b/internal/tui/restore_preview.go
@@ -306,6 +306,12 @@ func (m RestorePreviewModel) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 				return m, nil
 			}
 
+			// Cluster-specific check: must enable cleanup if existing databases found
+			if m.mode == "restore-cluster" && m.existingDBCount > 0 && !m.cleanClusterFirst {
+				m.message = errorStyle.Render("[FAIL] Cannot proceed - press 'c' to enable cleanup of " + fmt.Sprintf("%d", m.existingDBCount) + " existing database(s) first")
+				return m, nil
+			}
+
 			// Proceed to restore execution
 			exec := NewRestoreExecution(m.config, m.logger, m.parent, m.ctx, m.archive, m.targetDB, m.cleanFirst, m.createIfMissing, m.mode, m.cleanClusterFirst, m.existingDBs, m.saveDebugLog, m.workDir)
 			return exec, exec.Init()