fix(uploads): gate execution-context uploads behind write/admin permission#5403
fix(uploads): gate execution-context uploads behind write/admin permission#5403waleedlatif1 wants to merge 110 commits into
Conversation
…ership workflow edits via sockets, ui improvements
…ng improvements, posthog, secrets mutations
…ration, signup method feature flags, SSO improvements
…nts, secrets performance, polling refactors, drag resources in mothership
…y invalidation, HITL docs
…endar triggers, docs updates, integrations/models pages improvements
…ions, jira forms endpoints
…mat, logs performance improvements fix(csp): add missing analytics domains, remove unsafe-eval, fix workspace CSP gap (#4179) fix(landing): return 404 for invalid dynamic route slugs (#4182) improvement(seo): optimize sitemaps, robots.txt, and core web vitals across sim and docs (#4170) fix(gemini): support structured output with tools on Gemini 3 models (#4184) feat(brightdata): add Bright Data integration with 8 tools (#4183) fix(mothership): fix superagent credentials (#4185) fix(logs): close sidebar when selected log disappears from filtered list; cleanup (#4186)
v0.6.46: mothership streaming fixes, brightdata integration
…m integration, atlassian triggers
…ration, smooth streaming, security hardening, db fixes
…x, db migrations from ci, docs updates, read replicas v0.7.3: jira oauth scope fix, read-replica client, table wire data fix, db migrations from ci, docs updates, read replicas
…uting, trigger.dev, temporal, latex, quartr, brex, convex integrations
…rovements, styling consolidation
…, db perf improvements
…nges, code hygiene
…lassian assets and google calendar tools
…d, security fixes
…richment providers, deepseek models, db performance
…nce, file sharing, scheduled tasks granularity
…t harness, sakana fugu provider v0.7.13: pii redaction, react query frontend refactor, pi coding agent harness, sakana fugu provider
…ix, settings overhaul, thrive learning integration
…extension, workspace forking, slack trigger extension, new README
…ssion Fallback multipart upload route (/api/files/upload) had no workspace permission check for execution-context uploads, unlike the primary presigned-upload route which requires write/admin. Mirror that gate so both paths enforce the same access control.
PR SummaryMedium Risk Overview The execution branch no longer passes an empty Tests add an Execution Context Permission Gate suite (missing Reviewed by Cursor Bugbot for commit fe82691. Configure here. |

Summary
/api/files/upload) had no workspace-permission check forexecution-context uploads, while the primary presigned-upload route (/api/files/presigned) already requires write/admin for the same upload type.write/admingate to the fallback route's execution branch, and now requireworkspaceId(in addition toworkflowId/executionId) before proceeding, matching the presigned route's validation.Note: self-hosted deployments without cloud storage configured will now require write/admin workspace permission for execution-context uploads via this fallback path, matching the existing requirement on the primary presigned-upload path.
Type of Change
Testing
bun run vitest run app/api/files/upload/route.test.ts— 19/19 passing.bun run check:api-validationpasses.Checklist