fix(uploads): gate execution-context uploads behind write/admin permission#5404
Conversation
…ssion Fallback multipart upload route (/api/files/upload) had no workspace permission check for execution-context uploads, unlike the primary presigned-upload route which requires write/admin. Mirror that gate so both paths enforce the same access control.
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryMedium Risk Overview The execution branch now requires Tests add mocks for Reviewed by Cursor Bugbot for commit db30831. Configure here. |
Summary
/api/files/upload) had no workspace-permission check forexecution-context uploads, while the primary presigned-upload route (/api/files/presigned) already requires write/admin for the same upload type.write/admingate to the fallback route's execution branch, and now requireworkspaceId(in addition toworkflowId/executionId) before proceeding, matching the presigned route's validation.Note: self-hosted deployments without cloud storage configured will now require write/admin workspace permission for execution-context uploads via this fallback path, matching the existing requirement on the primary presigned-upload path.
Type of Change
Testing
bun run vitest run app/api/files/upload/route.test.ts— 19/19 passing.bun run check:api-validationpasses.Checklist
Supersedes #5403, whose source branch (
worktree-deepsec-fresh) had a polluted commit history (~100 unrelated commits from a bad rebase/merge). Same code, clean single-commit branch off current staging.