Merge branch 'staging' into feat/ppt-preview-improvement

Author: icecrasher321

apps/sim/app/api/auth/shopify/authorize/route.ts

@@ -1,7 +1,10 @@
 import { createLogger } from '@sim/logger'
 import { generateId } from '@sim/utils/id'
 import { type NextRequest, NextResponse } from 'next/server'
-import { shopifyAuthorizeQuerySchema } from '@/lib/api/contracts/oauth-connections'
+import {
+  shopifyAuthorizeQuerySchema,
+  shopifyShopDomainSchema,
+} from '@/lib/api/contracts/oauth-connections'
 import { getSession } from '@/lib/auth'
 import { env } from '@/lib/core/config/env'
 import { getBaseUrl } from '@/lib/core/utils/urls'
@@ -161,6 +164,11 @@ export const GET = withRouteHandler(async (request: NextRequest) => {
       cleanShop = `${cleanShop.replace('.myshopify.com', '')}.myshopify.com`
     }
 
+    if (!shopifyShopDomainSchema.safeParse(cleanShop).success) {
+      logger.warn('Rejected invalid Shopify shop domain', { shop: shopDomain })
+      return NextResponse.json({ error: 'Invalid Shopify shop domain' }, { status: 400 })
+    }
+
     const baseUrl = getBaseUrl()
     const redirectUri = `${baseUrl}/api/auth/oauth2/callback/shopify`
 

apps/sim/app/api/table/import-csv/route.ts

@@ -17,6 +17,7 @@ import {
   inferSchemaFromCsv,
   parseCsvBuffer,
   sanitizeName,
+  TABLE_LIMITS,
   type TableSchema,
 } from '@/lib/table'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
@@ -67,7 +68,10 @@ export const POST = withRouteHandler(async (request: NextRequest) => {
     const { headers, rows } = await parseCsvBuffer(buffer, delimiter)
 
     const { columns, headerToColumn } = inferSchemaFromCsv(headers, rows)
-    const tableName = sanitizeName(file.name.replace(/\.[^.]+$/, ''), 'imported_table')
+    const tableName = sanitizeName(file.name.replace(/\.[^.]+$/, ''), 'imported_table').slice(
+      0,
+      TABLE_LIMITS.MAX_TABLE_NAME_LENGTH
+    )
     const planLimits = await getWorkspaceTableLimits(workspaceId)
 
     const normalizedSchema: TableSchema = {

apps/sim/app/api/workflows/middleware.test.ts

@@ -0,0 +1,130 @@
+/**
+ * Tests for workflow access middleware — focused on the workspace-scoped
+ * API key boundary check in the `requireDeployment=false` branch.
+ *
+ * @vitest-environment node
+ */
+
+import {
+  hybridAuthMockFns,
+  workflowAuthzMock,
+  workflowAuthzMockFns,
+  workflowsUtilsMock,
+  workflowsUtilsMockFns,
+} from '@sim/testing'
+import { NextRequest } from 'next/server'
+import { beforeEach, describe, expect, it, vi } from 'vitest'
+
+vi.mock('@/lib/workflows/utils', () => workflowsUtilsMock)
+vi.mock('@sim/workflow-authz', () => workflowAuthzMock)
+vi.mock('@/lib/api-key/service', () => ({
+  authenticateApiKeyFromHeader: vi.fn(),
+  updateApiKeyLastUsed: vi.fn(),
+}))
+
+import { validateWorkflowAccess } from '@/app/api/workflows/middleware'
+
+function makeRequest() {
+  return new NextRequest(new URL('https://example.com/api/workflows/wf-1/log'))
+}
+
+describe('validateWorkflowAccess (requireDeployment=false)', () => {
+  beforeEach(() => {
+    vi.clearAllMocks()
+    workflowsUtilsMockFns.mockGetWorkflowById.mockResolvedValue({
+      id: 'wf-1',
+      workspaceId: 'ws-A',
+      isDeployed: true,
+    })
+    workflowAuthzMockFns.mockAuthorizeWorkflowByWorkspacePermission.mockResolvedValue({
+      allowed: true,
+      status: 200,
+      workflow: { id: 'wf-1', workspaceId: 'ws-A' },
+    })
+  })
+
+  it('rejects a workspace-scoped API key issued for a different workspace', async () => {
+    hybridAuthMockFns.mockCheckHybridAuth.mockResolvedValueOnce({
+      success: true,
+      userId: 'user-1',
+      authType: 'api_key',
+      apiKeyType: 'workspace',
+      workspaceId: 'ws-B',
+    })
+
+    const result = await validateWorkflowAccess(makeRequest(), 'wf-1', false)
+
+    expect(result.error).toEqual({
+      message: 'API key is not authorized for this workspace',
+      status: 403,
+    })
+    expect(workflowAuthzMockFns.mockAuthorizeWorkflowByWorkspacePermission).not.toHaveBeenCalled()
+  })
+
+  it('allows a workspace-scoped API key issued for the matching workspace', async () => {
+    hybridAuthMockFns.mockCheckHybridAuth.mockResolvedValueOnce({
+      success: true,
+      userId: 'user-1',
+      authType: 'api_key',
+      apiKeyType: 'workspace',
+      workspaceId: 'ws-A',
+    })
+
+    const result = await validateWorkflowAccess(makeRequest(), 'wf-1', false)
+
+    expect(result.error).toBeUndefined()
+    expect(result.workflow).toBeDefined()
+    expect(result.auth?.workspaceId).toBe('ws-A')
+    expect(workflowAuthzMockFns.mockAuthorizeWorkflowByWorkspacePermission).toHaveBeenCalledWith({
+      workflowId: 'wf-1',
+      userId: 'user-1',
+      action: 'read',
+    })
+  })
+
+  it('allows a personal API key regardless of workspaceId on the auth result', async () => {
+    hybridAuthMockFns.mockCheckHybridAuth.mockResolvedValueOnce({
+      success: true,
+      userId: 'user-1',
+      authType: 'api_key',
+      apiKeyType: 'personal',
+      workspaceId: 'ws-B',
+    })
+
+    const result = await validateWorkflowAccess(makeRequest(), 'wf-1', false)
+
+    expect(result.error).toBeUndefined()
+    expect(result.workflow).toBeDefined()
+  })
+
+  it('allows session auth (no apiKeyType) when workspace permission grants access', async () => {
+    hybridAuthMockFns.mockCheckHybridAuth.mockResolvedValueOnce({
+      success: true,
+      userId: 'user-1',
+      authType: 'session',
+    })
+
+    const result = await validateWorkflowAccess(makeRequest(), 'wf-1', false)
+
+    expect(result.error).toBeUndefined()
+    expect(result.workflow).toBeDefined()
+  })
+
+  it('still enforces workspace-permission rejection for personal keys', async () => {
+    hybridAuthMockFns.mockCheckHybridAuth.mockResolvedValueOnce({
+      success: true,
+      userId: 'user-1',
+      authType: 'api_key',
+      apiKeyType: 'personal',
+    })
+    workflowAuthzMockFns.mockAuthorizeWorkflowByWorkspacePermission.mockResolvedValueOnce({
+      allowed: false,
+      status: 403,
+      message: 'Access denied',
+    })
+
+    const result = await validateWorkflowAccess(makeRequest(), 'wf-1', false)
+
+    expect(result.error).toEqual({ message: 'Access denied', status: 403 })
+  })
+})

apps/sim/app/api/workflows/middleware.ts

@@ -54,6 +54,15 @@ export async function validateWorkflowAccess(
         }
       }
 
+      if (auth.apiKeyType === 'workspace' && auth.workspaceId !== workflow.workspaceId) {
+        return {
+          error: {
+            message: 'API key is not authorized for this workspace',
+            status: 403,
+          },
+        }
+      }
+
       const authorization = await authorizeWorkflowByWorkspacePermission({
         workflowId,
         userId: auth.userId,

apps/sim/app/workspace/[workspaceId]/tables/[tableId]/components/table-grid/cells/cell-render.tsx

@@ -1,29 +1,14 @@
 'use client'
 
 import type React from 'react'
+import { parse } from 'tldts'
 import { Badge, Checkbox, Tooltip } from '@/components/emcn'
 import { cn } from '@/lib/core/utils/cn'
 import type { RowExecutionMetadata } from '@/lib/table'
 import { StatusBadge } from '@/app/workspace/[workspaceId]/logs/utils'
 import { storageToDisplay } from '../../../utils'
 import type { DisplayColumn } from '../types'
 
-/**
- * Discriminated union describing every shape a table cell can take.
- *
- * Workflow-output cells follow a status state machine: they always render
- * *something* (a value, a status pill, or a dash), driven by the combination
- * of `executions[groupId]` state and dep satisfaction. Plain (non-workflow)
- * cells just render the typed value or empty.
- *
- * `'empty'` is the universal fallback used by both workflow cells (no exec,
- * no value, no waiting) and plain cells (null/undefined value).
- *
- * Adding a new cell appearance is a three-step mechanical change: add a
- * variant here, pick it in `resolveCellRender`, render it in `CellRender`.
- * TypeScript's exhaustiveness check on the renderer's `switch` (the
- * unreachable default) flags any branch you forgot.
- */
 export type CellRenderKind =
   // Workflow-output cells
   | { kind: 'value'; text: string }
@@ -38,6 +23,7 @@ export type CellRenderKind =
   | { kind: 'boolean'; checked: boolean }
   | { kind: 'json'; text: string }
   | { kind: 'date'; text: string }
+  | { kind: 'url'; text: string; href: string; domain: string }
   | { kind: 'text'; text: string }
   // Universal fallback
   | { kind: 'empty' }
@@ -46,20 +32,9 @@ interface ResolveCellRenderInput {
   value: unknown
   exec: RowExecutionMetadata | undefined
   column: DisplayColumn
-  /** Empty / undefined → not waiting; non-empty → render the Waiting pill. */
   waitingOnLabels: string[] | undefined
 }
 
-/**
- * Decide which `CellRenderKind` to render for a cell. Pure — easily
- * unit-testable in isolation, no JSX involved.
- *
- * Order matters for workflow cells: block-error wins over a value (the user
- * cares about the failure), value wins over running/queued (we have data
- * already), and the running/queued branch deliberately collapses pre-enqueue
- * `pending` and post-enqueue `queued` into one `Queued` pill so the cell
- * doesn't flicker as the row transitions from one to the other.
- */
 export function resolveCellRender({
   value,
   exec,
@@ -76,31 +51,20 @@ export function resolveCellRender({
 
     if (blockError) return { kind: 'block-error' }
 
-    // Active re-run of THIS column wins over its prior value — the value is
-    // about to be overwritten and the user should see the cell is changing.
     const inFlight =
       exec?.status === 'running' || exec?.status === 'queued' || exec?.status === 'pending'
     if (inFlight && blockRunning) return { kind: 'running' }
 
-    // Value wins over `pending-upstream`: once this column's output has
-    // landed, the cell is done from the user's perspective — even if the
-    // group is still running other blocks downstream. Without this, mid-run
-    // partial-write events (`status: 'running'` carrying outputs but tagging
-    // a different block as running) would flip a finished column back to the
-    // amber Pending pill until the terminal `completed` event arrives.
+    // Value wins over pending-upstream: a finished column stays finished even
+    // while other blocks in the group are still running.
     if (!isNull) return { kind: 'value', text: stringifyValue(value) }
 
     if (inFlight && !(groupHasBlockErrors && !blockRunning)) {
       if (exec?.status === 'queued' || exec?.status === 'pending') return { kind: 'queued' }
-      // `running` with this block not in `runningBlockIds` and no value yet =
-      // upstream block still going; surface as the amber Pending pill.
       return { kind: 'pending-upstream' }
     }
 
-    // Waiting wins over a stale terminal state: if deps are unmet right now,
-    // the prior `cancelled` / `error` is informational at best — the cell
-    // can't actually run until the user fills the missing input. Surface the
-    // actionable state instead of the stale one.
+    // Waiting wins over a stale terminal status — show the actionable state.
     if (waitingOnLabels && waitingOnLabels.length > 0) {
       return { kind: 'waiting', labels: waitingOnLabels }
     }
@@ -113,6 +77,12 @@ export function resolveCellRender({
   if (isNull) return { kind: 'empty' }
   if (column.type === 'json') return { kind: 'json', text: JSON.stringify(value) }
   if (column.type === 'date') return { kind: 'date', text: String(value) }
+  if (column.type === 'string') {
+    const text = stringifyValue(value)
+    const urlInfo = extractUrlInfo(text)
+    if (urlInfo) return { kind: 'url', text, href: urlInfo.href, domain: urlInfo.domain }
+    return { kind: 'text', text }
+  }
   return { kind: 'text', text: stringifyValue(value) }
 }
 
@@ -122,19 +92,32 @@ function stringifyValue(value: unknown): string {
   return JSON.stringify(value)
 }
 
+const BARE_DOMAIN_RE = /^([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$/
+
+function extractUrlInfo(text: string): { href: string; domain: string } | null {
+  const trimmed = text.trim()
+  if (!trimmed) return null
+  if (/^https?:\/\//i.test(trimmed)) {
+    try {
+      const url = new URL(trimmed)
+      return { href: trimmed, domain: url.hostname }
+    } catch {
+      return null
+    }
+  }
+  if (BARE_DOMAIN_RE.test(trimmed)) {
+    const parsed = parse(trimmed)
+    if (!parsed.isIcann) return null
+    return { href: `https://${trimmed}`, domain: trimmed }
+  }
+  return null
+}
+
 interface CellRenderProps {
   kind: CellRenderKind
-  /** When true the static content sits underneath the InlineEditor overlay
-   *  and should be visually hidden (but kept in flow to preserve cell size). */
   isEditing: boolean
 }
 
-/**
- * Pure renderer: takes a `CellRenderKind` and returns the JSX. No business
- * logic — adding a new cell appearance means adding a new `case` here. The
- * exhaustiveness check on the `switch` (the unreachable default) flags any
- * variant you forgot to handle.
- */
 export function CellRender({ kind, isEditing }: CellRenderProps): React.ReactElement | null {
   switch (kind.kind) {
     case 'value':
@@ -237,6 +220,35 @@ export function CellRender({ kind, isEditing }: CellRenderProps): React.ReactEle
         </span>
       )
 
+    case 'url':
+      return (
+        <span className={cn('flex min-w-0 items-center gap-1.5', isEditing && 'invisible')}>
+          <img
+            src={`https://www.google.com/s2/favicons?domain=${encodeURIComponent(kind.domain)}&sz=16`}
+            alt=''
+            width={12}
+            height={12}
+            className='shrink-0 rounded-[2px]'
+            onError={(e) => {
+              e.currentTarget.style.display = 'none'
+            }}
+          />
+          <a
+            href={kind.href}
+            target='_blank'
+            rel='noopener noreferrer'
+            className={cn(
+              'min-w-0 overflow-clip text-ellipsis text-[var(--text-primary)] underline underline-offset-2 hover:opacity-70',
+              isEditing && 'pointer-events-none'
+            )}
+            onClick={(e) => e.stopPropagation()}
+            onDoubleClick={(e) => e.stopPropagation()}
+          >
+            {kind.text}
+          </a>
+        </span>
+      )
+
     case 'text':
       return (
         <span
@@ -253,20 +265,12 @@ export function CellRender({ kind, isEditing }: CellRenderProps): React.ReactEle
       return null
 
     default: {
-      // Exhaustiveness guard: TypeScript flags this branch if a new
-      // `CellRenderKind` variant is added without a matching `case` above.
       const _exhaustive: never = kind
       return _exhaustive
     }
   }
 }
 
-/**
- * Workflow-output cells are hand-editable; while editing, the static content
- * must stay in flow (so the cell doesn't collapse) but be visually hidden so
- * the InlineEditor overlay shows through. Plain wrapper around any non-text
- * variant.
- */
 function Wrap({ isEditing, children }: { isEditing: boolean; children: React.ReactNode }) {
   if (!isEditing) return <>{children}</>
   return <div className='invisible'>{children}</div>