MCPcopy Index your code
hub / github.com/simstudioai/sim / validateWorkflowAccess

Function validateWorkflowAccess

apps/sim/app/api/workflows/middleware.ts:20–144  ·  view source on GitHub ↗
(
  request: NextRequest,
  workflowId: string,
  requireDeployment = true
)

Source from the content-addressed store, hash-verified

18}
19
20export async function validateWorkflowAccess(
21 request: NextRequest,
22 workflowId: string,
23 requireDeployment = true
24): Promise<ValidationResult> {
25 try {
26 const workflow = await getWorkflowById(workflowId)
27 if (!workflow) {
28 return {
29 error: {
30 message: 'Workflow not found',
31 status: 404,
32 },
33 }
34 }
35
36 if (!workflow.workspaceId) {
37 return {
38 error: {
39 message:
40 'This workflow is not attached to a workspace. Personal workflows are deprecated and cannot be accessed.',
41 status: 403,
42 },
43 }
44 }
45
46 if (!requireDeployment) {
47 const auth = await checkHybridAuth(request, { requireWorkflowId: false })
48 if (!auth.success || !auth.userId) {
49 return {
50 error: {
51 message: auth.error || 'Unauthorized',
52 status: 401,
53 },
54 }
55 }
56
57 if (auth.apiKeyType === 'workspace' && auth.workspaceId !== workflow.workspaceId) {
58 return {
59 error: {
60 message: 'API key is not authorized for this workspace',
61 status: 403,
62 },
63 }
64 }
65
66 const authorization = await authorizeWorkflowByWorkspacePermission({
67 workflowId,
68 userId: auth.userId,
69 action: 'read',
70 })
71 if (!authorization.allowed) {
72 return {
73 error: {
74 message: authorization.message || 'Access denied',
75 status: authorization.status,
76 },
77 }

Callers 8

route.tsFile · 0.90
route.tsFile · 0.90
middleware.test.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90

Calls 6

getWorkflowByIdFunction · 0.90
checkHybridAuthFunction · 0.90
updateApiKeyLastUsedFunction · 0.90
errorMethod · 0.80

Tested by

no test coverage detected