MCPcopy Index your code
hub / github.com/simstudioai/sim / validateWorkflowPermissions

Function validateWorkflowPermissions

apps/sim/lib/workflows/utils.ts:314–366  ·  view source on GitHub ↗
(
  workflowId: string,
  requestId: string,
  action: 'read' | 'write' | 'admin' = 'read'
)

Source from the content-addressed store, hash-verified

312 * Returns session and workflow info if authorized, or error response if not
313 */
314export async function validateWorkflowPermissions(
315 workflowId: string,
316 requestId: string,
317 action: 'read' | 'write' | 'admin' = 'read'
318) {
319 const session = await getSession()
320 if (!session?.user?.id) {
321 logger.warn(`[${requestId}] No authenticated user session for workflow ${action}`)
322 return {
323 error: { message: 'Unauthorized', status: 401 },
324 session: null,
325 workflow: null,
326 }
327 }
328
329 const authorization = await authorizeWorkflowByWorkspacePermission({
330 workflowId,
331 userId: session.user.id,
332 action,
333 })
334
335 if (!authorization.workflow) {
336 logger.warn(`[${requestId}] Workflow ${workflowId} not found`)
337 return {
338 error: { message: 'Workflow not found', status: 404 },
339 session: null,
340 workflow: null,
341 }
342 }
343
344 if (!authorization.allowed) {
345 const message =
346 authorization.message || `Unauthorized: Access denied to ${action} this workflow`
347 logger.warn(
348 `[${requestId}] User ${session.user.id} unauthorized to ${action} workflow ${workflowId}`,
349 {
350 action,
351 workflowId,
352 }
353 )
354 return {
355 error: { message, status: authorization.status },
356 session: null,
357 workflow: null,
358 }
359 }
360
361 return {
362 error: null,
363 session,
364 workflow: authorization.workflow,
365 }
366}
367
368// ── Workflow CRUD ──
369

Callers 6

utils.test.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90
route.tsFile · 0.90

Calls 2

warnMethod · 0.65

Tested by

no test coverage detected