QuantumGhost 874406d934 security(api): fix privilege escalation vulnerability in model config and chat message APIs (#25518) ... The `ChatMessageApi` (`POST /console/api/apps/{app_id}/chat-messages`) and `ModelConfigResource` (`POST /console/api/apps/{app_id}/model-config`) endpoints do not properly validate user permissions, allowing users without `editor` permission to access restricted functionality. This PR addresses this issue by adding proper permission check.		2025-09-11 14:53:35 +08:00
..
__init__.py	feat: add MCP support (#20716)	2025-07-10 14:01:34 +08:00
_workflow_exc.py	feat: Persist Variables for Enhanced Debugging Workflow (#20699)	2025-06-24 09:05:29 +08:00
account.py	security(api): fix privilege escalation vulnerability in model config and chat message APIs (#25518)	2025-09-11 14:53:35 +08:00
api_based_extension.py	replace db with sa to get typing support (#23240)	2025-08-02 23:54:23 +08:00
base.py	example add more type check (#24999)	2025-09-02 19:13:43 +08:00
dataset.py	update sql in batch (#24801)	2025-09-10 13:00:17 +08:00
engine.py	feat(api): Add image multimodal support for LLMNode (#17372)	2025-04-30 17:28:02 +08:00
enums.py	moving the `MessageStatus` class from the `models.model` module to `models.enums` module (#21867)	2025-07-03 13:56:23 +08:00
model.py	update sql in batch (#24801)	2025-09-10 13:00:17 +08:00
provider.py	[Chore/Refactor] Improve type annotations in models module (#25281)	2025-09-08 09:42:27 +08:00
source.py	replace db with sa to get typing support (#23240)	2025-08-02 23:54:23 +08:00
task.py	chore: apply static type checks on celery async task dispatches and imports (#24418)	2025-08-24 23:07:22 +08:00
tools.py	feat: add MCP server headers support #22718 (#24760)	2025-09-08 14:10:55 +08:00
types.py	[Chore/Refactor] Improve type annotations in models module (#25281)	2025-09-08 09:42:27 +08:00
web.py	replace db with sa to get typing support (#23240)	2025-08-02 23:54:23 +08:00
workflow.py	[Chore/Refactor] Improve type annotations in models module (#25281)	2025-09-08 09:42:27 +08:00