ngskcloud
/
gcgj-dify-1.7.0
17
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs(api/repositories/sqlalchemy_api_workflow_node_execution_repository.py): Add tenant isolation warning in method docstring

Browse Source 
Signed-off-by: -LAN- <laipz8200@outlook.com>
pull/22581/head
-LAN- 10 months ago
parent 8a6d783dfb
commit 3c631aa94c
No known key found for this signature in database
GPG Key ID: 6BA0D108DED011FF
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File

4
api/repositories/sqlalchemy_api_workflow_node_execution_repository.py
Unescape Escape View File

@ -124,6 +124,10 @@ class DifyAPISQLAlchemyWorkflowNodeExecutionRepository(DifyAPIWorkflowNodeExecut
This method replicates the query pattern from WorkflowDraftVariableService This method replicates the query pattern from WorkflowDraftVariableService
and WorkflowService.single_step_run_workflow_node() using SQLAlchemy 2.0 style syntax. and WorkflowService.single_step_run_workflow_node() using SQLAlchemy 2.0 style syntax.
When `tenant_id` is None, it's the caller's responsibility to ensure proper data isolation between tenants.
If the `execution_id` comes from untrusted sources (e.g., retrieved from an API request), the caller should
set `tenant_id` to prevent horizontal privilege escalation.
Args: Args:
execution_id: The execution identifier execution_id: The execution identifier
tenant_id: Optional tenant identifier for additional filtering tenant_id: Optional tenant identifier for additional filtering

Write Preview
Loading…
Cancel
Save