Fix tenant-scoped account filtering for workflow app logs

2026-05-10 05:56:31 +08:00 · 2026-03-02 22:10:12 +08:00 · 2026-03-02 22:10:12 +08:00 · bc41371975
commit bc41371975
parent 9c5c935ed5
2 changed files with 16 additions and 2 deletions
--- a/api/services/workflow_app_service.py
+++ b/api/services/workflow_app_service.py
@ -7,7 +7,7 @@ from sqlalchemy import and_, func, or_, select
 from sqlalchemy.orm import Session

 from core.workflow.enums import WorkflowExecutionStatus
-from models import Account, App, EndUser, WorkflowAppLog, WorkflowArchiveLog, WorkflowRun
+from models import Account, App, EndUser, TenantAccountJoin, WorkflowAppLog, WorkflowArchiveLog, WorkflowRun
 from models.enums import AppTriggerType, CreatorUserRole
 from models.trigger import WorkflowTriggerLog
 from services.plugin.plugin_service import PluginService
@ -132,7 +132,11 @@ class WorkflowAppService:
                ),
            )
        if created_by_account:
-            account = session.scalar(select(Account).where(Account.email == created_by_account))
+            account = session.scalar(
+                select(Account)
+                .join(TenantAccountJoin, TenantAccountJoin.account_id == Account.id)
+                .where(Account.email == created_by_account, TenantAccountJoin.tenant_id == app_model.tenant_id)
+            )
            if not account:
                raise ValueError(f"Account not found: {created_by_account}")

--- a/api/tests/test_containers_integration_tests/services/test_workflow_app_service.py
+++ b/api/tests/test_containers_integration_tests/services/test_workflow_app_service.py
@ -962,6 +962,16 @@ class TestWorkflowAppService:
        assert result_with_new_email["total"] == 3
        assert all(log.created_by_role == CreatorUserRole.ACCOUNT for log in result_with_new_email["data"])

+        # Create another account in a different tenant using the original email.
+        # Querying by the old email should still fail for this app's tenant.
+        cross_tenant_account = AccountService.create_account(
+            email=original_email,
+            name=fake.name(),
+            interface_language="en-US",
+            password=fake.password(length=12),
+        )
+        TenantService.create_owner_tenant_if_not_exist(cross_tenant_account, name=fake.company())
+
        # Old email unbound, is unexpected input, should raise ValueError
        with pytest.raises(ValueError) as exc_info:
            service.get_paginate_workflow_app_logs(