MCPcopy
hub / github.com/simstudioai/sim / verifyCopilotFileAccess

Function verifyCopilotFileAccess

apps/sim/app/api/files/authorization.ts:401–467  ·  view source on GitHub ↗

* Verify access to copilot files * Priority: Database lookup > Metadata > Path pattern (legacy)

(
  cloudKey: string,
  userId: string,
  customConfig?: StorageConfig
)

Source from the content-addressed store, hash-verified

399 * Priority: Database lookup > Metadata > Path pattern (legacy)
400 */
401async function verifyCopilotFileAccess(
402 cloudKey: string,
403 userId: string,
404 customConfig?: StorageConfig
405): Promise<boolean> {
406 try {
407 // Priority 1: Check workspaceFiles table (new system)
408 const fileRecord = await getFileMetadataByKey(cloudKey, 'copilot')
409
410 if (fileRecord) {
411 if (fileRecord.userId === userId) {
412 logger.debug('Copilot file access granted (workspaceFiles table)', {
413 userId,
414 cloudKey,
415 })
416 return true
417 }
418 logger.warn('User does not own copilot file', {
419 userId,
420 fileUserId: fileRecord.userId,
421 cloudKey,
422 })
423 return false
424 }
425
426 // Priority 2: Check metadata (for files not yet in database)
427 const config: StorageConfig = customConfig || {}
428 const metadata = await getFileMetadata(cloudKey, config)
429 const fileUserId = metadata.userId
430
431 if (fileUserId) {
432 if (fileUserId === userId) {
433 logger.debug('Copilot file access granted (metadata)', { userId, cloudKey })
434 return true
435 }
436 logger.warn('User does not own copilot file (metadata)', {
437 userId,
438 fileUserId,
439 cloudKey,
440 })
441 return false
442 }
443
444 // Priority 3: Legacy path pattern check (userId/filename format)
445 // This handles old copilot files that may have been stored with userId prefix
446 const parts = cloudKey.split('/')
447 if (parts.length >= 2) {
448 const fileUserId = parts[0]
449 if (fileUserId && fileUserId === userId) {
450 logger.debug('Copilot file access granted (path pattern)', { userId, cloudKey })
451 return true
452 }
453 logger.warn('User does not own copilot file (path pattern)', {
454 userId,
455 fileUserId,
456 cloudKey,
457 })
458 return false

Callers 1

verifyFileAccessFunction · 0.85

Calls 5

getFileMetadataByKeyFunction · 0.90
getFileMetadataFunction · 0.90
debugMethod · 0.80
errorMethod · 0.80
warnMethod · 0.65

Tested by

no test coverage detected