fix(files-upload): enforce workspace authorization on mothership uploads#5604
Conversation
The mothership context in POST /api/files/upload skipped the workspace permission and storage quota checks that every sibling context enforces, letting a caller write files into a workspace they have no access to.
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryHigh Risk Overview
Tests add a Mothership Context Permission Gate suite (missing workspace, non-member, read-only, over-quota, write/admin, multi-file quota sizing) and mock Reviewed by Cursor Bugbot for commit eb71402. Configure here. |
Greptile SummaryThis PR tightens authorization for mothership file uploads. The main changes are:
Confidence Score: 5/5This looks safe to merge.
Important Files Changed
Reviews (2): Last reviewed commit: "fix(files-upload): check mothership quot..." | Re-trigger Greptile |
Resolve the mothership permission and quota check once per request (mirroring the existing execution-context pattern) instead of per file: a per-file quota check let a multi-file batch exceed the caller's quota since each file's own size fit even when the combined total did not. Also corrects the missing-workspaceId error message, which named the chat context instead of mothership.
|
Addressed both findings in eb71402:
|
|
@greptile review |
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit eb71402. Configure here.
Summary
mothershipcontext inPOST /api/files/uploadwas missing the workspace permission check that every other context (workspace,knowledge-base,execution) already enforceswrite/admingetUserEntityPermissionsgate, plus the storage quota check other paths also applymothershipin the multipart and presigned upload routesType of Change
Testing
Added a
Mothership Context Permission Gatetest suite covering missing workspaceId, non-member, read-only member, over-quota, and write/admin-permission cases. Full route test suite passes (25/25).Checklist