opensource/dify
2
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-04-15 18:06:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

tighten workflow room app lookup

Browse Source
This commit is contained in:
hjlarry 2026-04-12 21:43:03 +08:00
parent dfcf7f3a11
commit 5fcda1aaac
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/services/workflow_collaboration_service.py
View File

@ -80,7 +80,7 @@ class WorkflowCollaborationService:
def _can_access_workflow(self, workflow_id: str, tenant_id: str) -> bool:
"""Check that the collaboration room belongs to an active app in the caller's current tenant."""
app_id = db.session.scalar(
select(App.id).where(App.id == workflow_id, App.tenant_id == tenant_id).limit(1)
select(App.id).where(App.id == workflow_id, App.tenant_id == tenant_id, App.status == "normal").limit(1)
)
return app_id is not None