(cloudKey: string, userId: string)
| 569 | * so a not-yet-bound key cannot be deleted cross-tenant. |
| 570 | */ |
| 571 | export async function verifyKBFileWriteAccess(cloudKey: string, userId: string): Promise<boolean> { |
| 572 | try { |
| 573 | const binding = await getFileMetadataByKey(cloudKey, 'knowledge-base') |
| 574 | if (!binding?.workspaceId) { |
| 575 | logger.warn('KB file delete denied: no ownership binding', { userId, cloudKey }) |
| 576 | return false |
| 577 | } |
| 578 | const permission = await getUserEntityPermissions(userId, 'workspace', binding.workspaceId) |
| 579 | if (permission !== 'write' && permission !== 'admin') { |
| 580 | logger.warn('KB file delete denied: write/admin required on owner workspace', { |
| 581 | userId, |
| 582 | workspaceId: binding.workspaceId, |
| 583 | cloudKey, |
| 584 | }) |
| 585 | return false |
| 586 | } |
| 587 | return true |
| 588 | } catch (error) { |
| 589 | logger.error('Error verifying KB file write access', { cloudKey, userId, error }) |
| 590 | return false |
| 591 | } |
| 592 | } |
| 593 | |
| 594 | /** |
| 595 | * Verify access to chat files |
no test coverage detected