MCPcopy Index your code
hub / github.com/simstudioai/sim / checkWorkspaceScope

Function checkWorkspaceScope

apps/sim/app/api/v1/middleware.ts:168–194  ·  view source on GitHub ↗
(
  rateLimit: RateLimitResult,
  requestedWorkspaceId: string
)

Source from the content-addressed store, hash-verified

166 * surface in `app/api/workflows/middleware.ts`.
167 */
168export async function checkWorkspaceScope(
169 rateLimit: RateLimitResult,
170 requestedWorkspaceId: string
171): Promise<NextResponse | null> {
172 if (
173 rateLimit.keyType === 'workspace' &&
174 rateLimit.workspaceId &&
175 rateLimit.workspaceId !== requestedWorkspaceId
176 ) {
177 return NextResponse.json(
178 { error: 'API key is not authorized for this workspace' },
179 { status: 403 }
180 )
181 }
182
183 if (rateLimit.keyType === 'personal') {
184 const settings = await getWorkspaceBillingSettings(requestedWorkspaceId)
185 if (!settings?.allowPersonalApiKeys) {
186 return NextResponse.json(
187 { error: 'Personal API keys are not allowed for this workspace' },
188 { status: 403 }
189 )
190 }
191 }
192
193 return null
194}
195
196/**
197 * Validates workspace-scoped API key bounds and the user's workspace permission.

Callers 7

route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
validateWorkspaceAccessFunction · 0.85

Calls 1

Tested by

no test coverage detected