opensource/dify
2
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-04-16 02:16:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
6b7574023e
dify/api/controllers/console
History
hjlarry 6b7574023e fix(workflow): enforce tenant access in online users query 
Validate requested workflow_ids against current tenant before reading collaboration online-user state from Redis.

Move workflow access-id lookup into WorkflowService to keep controller thin and aligned with layering.

Limit query size, and stop exposing sid in REST response fields.

Add unit tests for inaccessible workflow filtering and workflow_ids limit checks.
2026-04-12 16:05:29 +08:00
..
app fix(workflow): enforce tenant access in online users query 2026-04-12 16:05:29 +08:00
auth fix: fix orm_exc.DetachedInstanceError (#34904) 2026-04-10 07:13:59 +00:00
billing refactor(api): clean redundant type ignore in request query parsing 🤖🤖🤖 (#34350) 2026-03-31 22:52:35 +00:00
datasets fix(api): prevent cross-tenant external API use-check disclosure (#34744) 2026-04-10 03:23:32 +00:00
explore refactor(api): deduplicate shared controller request schemas into controller_schemas.py (#34700) 2026-04-08 03:10:04 +00:00
socketio [autofix.ci] apply automated fixes 2026-01-24 07:26:47 +00:00
tag refactor: replace dict params with BaseModel payloads in TagService (#34422) 2026-04-07 04:20:02 +00:00
workspace Merge remote-tracking branch 'myori/main' into feat/collaboration2 2026-04-10 22:47:40 +08:00
__init__.py Merge remote-tracking branch 'myori/main' into feat/collaboration2 2026-04-09 11:27:12 +08:00
admin.py refactor(api): migrate dict returns to TypedDicts in billing service (#34649) 2026-04-07 05:56:02 +00:00
apikey.py refactor: use sessionmaker().begin() in console workspace and misc co… (#34284) 2026-03-31 14:28:05 +00:00
error.py Restructure the File errors in controller (#23801) 2025-08-13 17:06:07 +08:00
extension.py refactor: split changes for api/controllers/console/extension.py (#29888) 2025-12-24 09:41:42 +08:00
feature.py fix: revert "refactor: api/controllers/console/feature.py (test)" (#31850) 2026-02-03 12:26:47 +08:00
files.py refactor: port api/fields/file_fields.py (#30638) 2026-01-06 22:55:58 +08:00
human_input_form.py refactor: migrate console human_input_form from reqparse to PydanticBaseModel (#34858) 2026-04-09 15:38:47 +00:00
init_validate.py refactor: init_validate.py to v3 (#31457) 2026-01-30 22:39:02 +09:00
notification.py refactor(api): type notification response with NotificationResponseDict TypedDict (#34616) 2026-04-07 01:03:18 +00:00
ping.py feat: init fastopenapi (#30453) 2026-01-23 21:07:52 +09:00
remote_files.py refactor(api): use standalone graphon package (#34209) 2026-03-27 21:05:32 +00:00
setup.py refactor: select in console auth, setup and apikey (#33790) 2026-03-21 11:29:29 +09:00
spec.py refactor(router): apply ns.route style (#26339) 2025-09-28 13:37:06 +08:00
version.py refactor: api/controllers/console/version.py to v3 (#31463) 2026-01-26 15:04:25 +08:00
wraps.py chore(api): align Python support with 3.12 (#34419) 2026-04-02 05:07:32 +00:00