mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(api,web): add workspace context to widgets and auto-detect workspace ID (#532)
All checks were successful
ci/woodpecker/push/web Pipeline was successful
Details
ci/woodpecker/push/api Pipeline was successful
Details

Browse Source 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
This commit was merged in pull request #532.
This commit is contained in:
Jason Woltje
2026-02-27 04:53:07 +00:00
committed by jason.woltje
parent e3cba37e8c
commit edcff6a0e0
4 changed files with 43 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
apps/api/src/widgets/widgets.controller.ts
View File

@@ -1,22 +1,14 @@
import { import { Controller, Get, Post, Body, Param, UseGuards, Request } from "@nestjs/common";
Controller,
Get,
Post,
Body,
Param,
UseGuards,
Request,
UnauthorizedException,
} from "@nestjs/common";
import { WidgetsService } from "./widgets.service"; import { WidgetsService } from "./widgets.service";
import { WidgetDataService } from "./widget-data.service"; import { WidgetDataService } from "./widget-data.service";
import { AuthGuard } from "../auth/guards/auth.guard"; import { AuthGuard } from "../auth/guards/auth.guard";
import { WorkspaceGuard } from "../common/guards/workspace.guard";
import type { StatCardQueryDto, ChartQueryDto, ListQueryDto, CalendarPreviewQueryDto } from "./dto"; import type { StatCardQueryDto, ChartQueryDto, ListQueryDto, CalendarPreviewQueryDto } from "./dto";
import type { AuthenticatedRequest } from "../common/types/user.types"; import type { RequestWithWorkspace } from "../common/types/user.types";
/** /**
* Controller for widget definition and data endpoints * Controller for widget definition and data endpoints
* All endpoints require authentication * All endpoints require authentication; data endpoints also require workspace context
*/ */
@Controller("widgets") @Controller("widgets")
@UseGuards(AuthGuard) @UseGuards(AuthGuard)
@@ -51,12 +43,9 @@ export class WidgetsController {
* Get stat card widget data * Get stat card widget data
*/ */
@Post("data/stat-card") @Post("data/stat-card")
async getStatCardData(@Request() req: AuthenticatedRequest, @Body() query: StatCardQueryDto) { @UseGuards(WorkspaceGuard)
const workspaceId = req.user?.currentWorkspaceId ?? req.user?.workspaceId; async getStatCardData(@Request() req: RequestWithWorkspace, @Body() query: StatCardQueryDto) {
if (!workspaceId) { return this.widgetDataService.getStatCardData(req.workspace.id, query);
throw new UnauthorizedException("Workspace ID required");
}
return this.widgetDataService.getStatCardData(workspaceId, query);
} }
/** /**
@@ -64,12 +53,9 @@ export class WidgetsController {
* Get chart widget data * Get chart widget data
*/ */
@Post("data/chart") @Post("data/chart")
async getChartData(@Request() req: AuthenticatedRequest, @Body() query: ChartQueryDto) { @UseGuards(WorkspaceGuard)
const workspaceId = req.user?.currentWorkspaceId ?? req.user?.workspaceId; async getChartData(@Request() req: RequestWithWorkspace, @Body() query: ChartQueryDto) {
if (!workspaceId) { return this.widgetDataService.getChartData(req.workspace.id, query);
throw new UnauthorizedException("Workspace ID required");
}
return this.widgetDataService.getChartData(workspaceId, query);
} }
/** /**
@@ -77,12 +63,9 @@ export class WidgetsController {
* Get list widget data * Get list widget data
*/ */
@Post("data/list") @Post("data/list")
async getListData(@Request() req: AuthenticatedRequest, @Body() query: ListQueryDto) { @UseGuards(WorkspaceGuard)
const workspaceId = req.user?.currentWorkspaceId ?? req.user?.workspaceId; async getListData(@Request() req: RequestWithWorkspace, @Body() query: ListQueryDto) {
if (!workspaceId) { return this.widgetDataService.getListData(req.workspace.id, query);
throw new UnauthorizedException("Workspace ID required");
}
return this.widgetDataService.getListData(workspaceId, query);
} }
/** /**
@@ -90,15 +73,12 @@ export class WidgetsController {
* Get calendar preview widget data * Get calendar preview widget data
*/ */
@Post("data/calendar-preview") @Post("data/calendar-preview")
@UseGuards(WorkspaceGuard)
async getCalendarPreviewData( async getCalendarPreviewData(
@Request() req: AuthenticatedRequest, @Request() req: RequestWithWorkspace,
@Body() query: CalendarPreviewQueryDto @Body() query: CalendarPreviewQueryDto
) { ) {
const workspaceId = req.user?.currentWorkspaceId ?? req.user?.workspaceId; return this.widgetDataService.getCalendarPreviewData(req.workspace.id, query);
if (!workspaceId) {
throw new UnauthorizedException("Workspace ID required");
}
return this.widgetDataService.getCalendarPreviewData(workspaceId, query);
} }
/** /**
@@ -106,12 +86,9 @@ export class WidgetsController {
* Get active projects widget data * Get active projects widget data
*/ */
@Post("data/active-projects") @Post("data/active-projects")
async getActiveProjectsData(@Request() req: AuthenticatedRequest) { @UseGuards(WorkspaceGuard)
const workspaceId = req.user?.currentWorkspaceId ?? req.user?.workspaceId; async getActiveProjectsData(@Request() req: RequestWithWorkspace) {
if (!workspaceId) { return this.widgetDataService.getActiveProjectsData(req.workspace.id);
throw new UnauthorizedException("Workspace ID required");
}
return this.widgetDataService.getActiveProjectsData(workspaceId);
} }
/** /**
@@ -119,11 +96,8 @@ export class WidgetsController {
* Get agent chains widget data (active agent sessions) * Get agent chains widget data (active agent sessions)
*/ */
@Post("data/agent-chains") @Post("data/agent-chains")
async getAgentChainsData(@Request() req: AuthenticatedRequest) { @UseGuards(WorkspaceGuard)
const workspaceId = req.user?.currentWorkspaceId ?? req.user?.workspaceId; async getAgentChainsData(@Request() req: RequestWithWorkspace) {
if (!workspaceId) { return this.widgetDataService.getAgentChainsData(req.workspace.id);
throw new UnauthorizedException("Workspace ID required");
}
return this.widgetDataService.getAgentChainsData(workspaceId);
} }
} }

13
apps/web/src/app/(authenticated)/settings/credentials/audit/page.tsx
View File

@@ -14,6 +14,7 @@ import {
SelectValue, SelectValue,
} from "@/components/ui/select"; } from "@/components/ui/select";
import { fetchCredentialAuditLog, type AuditLogEntry } from "@/lib/api/credentials"; import { fetchCredentialAuditLog, type AuditLogEntry } from "@/lib/api/credentials";
import { useWorkspaceId } from "@/lib/hooks";
const ACTIVITY_ACTIONS = [ const ACTIVITY_ACTIONS = [
{ value: "CREDENTIAL_CREATED", label: "Created" }, { value: "CREDENTIAL_CREATED", label: "Created" },
@@ -39,17 +40,17 @@ export default function CredentialAuditPage(): React.ReactElement {
const [filters, setFilters] = useState<FilterState>({}); const [filters, setFilters] = useState<FilterState>({});
const [hasFilters, setHasFilters] = useState(false); const [hasFilters, setHasFilters] = useState(false);
// TODO: Get workspace ID from context/auth const workspaceId = useWorkspaceId();
const workspaceId = "default-workspace-id"; // Placeholder
useEffect(() => { useEffect(() => {
void loadLogs(); if (!workspaceId) return;
}, [page, filters]); void loadLogs(workspaceId);
}, [workspaceId, page, filters]);
async function loadLogs(): Promise<void> { async function loadLogs(wsId: string): Promise<void> {
try { try {
setIsLoading(true); setIsLoading(true);
const response = await fetchCredentialAuditLog(workspaceId, { const response = await fetchCredentialAuditLog(wsId, {
...filters, ...filters,
page, page,
limit, limit,

12
apps/web/src/app/(authenticated)/settings/credentials/page.tsx
View File

@@ -6,22 +6,24 @@ import Link from "next/link";
import { Button } from "@/components/ui/button"; import { Button } from "@/components/ui/button";
import { Card, CardContent } from "@/components/ui/card"; import { Card, CardContent } from "@/components/ui/card";
import { fetchCredentials, type Credential } from "@/lib/api/credentials"; import { fetchCredentials, type Credential } from "@/lib/api/credentials";
import { useWorkspaceId } from "@/lib/hooks";
export default function CredentialsPage(): React.ReactElement { export default function CredentialsPage(): React.ReactElement {
const [credentials, setCredentials] = useState<Credential[]>([]); const [credentials, setCredentials] = useState<Credential[]>([]);
const [isLoading, setIsLoading] = useState(true); const [isLoading, setIsLoading] = useState(true);
const [error, setError] = useState<string | null>(null); const [error, setError] = useState<string | null>(null);
const workspaceId = "default-workspace-id"; const workspaceId = useWorkspaceId();
useEffect(() => { useEffect(() => {
void loadCredentials(); if (!workspaceId) return;
}, []); void loadCredentials(workspaceId);
}, [workspaceId]);
async function loadCredentials(): Promise<void> { async function loadCredentials(wsId: string): Promise<void> {
try { try {
setIsLoading(true); setIsLoading(true);
const response = await fetchCredentials(workspaceId); const response = await fetchCredentials(wsId);
setCredentials(response.data); setCredentials(response.data);
setError(null); setError(null);
} catch (err) { } catch (err) {

10
apps/web/src/lib/api/client.ts
View File

@@ -202,9 +202,13 @@ export async function apiRequest<T>(endpoint: string, options: ApiRequestOptions
...baseHeaders, ...baseHeaders,
}; };
// Add workspace ID header if provided (recommended over query string) // Add workspace ID header — use explicit value, or auto-detect from localStorage
if (workspaceId) { const resolvedWorkspaceId =
headers["X-Workspace-Id"] = workspaceId; workspaceId ??
(typeof window !== "undefined" ? localStorage.getItem("mosaic-workspace-id") : null) ??
undefined;
if (resolvedWorkspaceId) {
headers["X-Workspace-Id"] = resolvedWorkspaceId;
} }
// Add CSRF token for state-changing requests (POST, PUT, PATCH, DELETE) // Add CSRF token for state-changing requests (POST, PUT, PATCH, DELETE)