UN-2868 [FIX] Restrict workflow modifications to owners in shared workflows

[johnyrahul]

Summary

This PR implements ownership restrictions for shared workflows to prevent non-owners from modifying workflow configurations. This ensures data integrity and proper access control when workflows are shared across users.

Changes Made

1. Display Tool Name Instead of Tool ID

• Added getToolName() helper function to resolve tool names from tool IDs
• Implements three-tier fallback strategy:
  • First checks tool_instances from backend (includes name even if tool is no longer exported)
  • Falls back to exportedTools list
  • Finally displays tool ID if name cannot be resolved

2. Restrict Tool Modification to Workflow Owners

• Added isWorkflowOwner() helper function to compare current user ID with workflow creator ID
• Handles type differences between user IDs (integer vs string) by converting both to strings
• Disabled "Change Prompt Studio project" button for non-owners
• Disabled "Configure Settings" button for non-owners

3. Restrict Connector Configuration to Workflow Owners

• Extended ownership restrictions to source and destination connectors
• Disabled connector type dropdown for non-owners
• Disabled Configure button for non-owners
• Added helpful tooltip messages explaining ownership requirements
• Properly passed isWorkflowOwner prop through component hierarchy:
  • Agency → WorkflowCard → DsSettingsCard

Technical Details

• All ownership checks use string comparison to handle type differences between UUID strings and integers
• Components properly handle cases where workflow data hasn't loaded yet
• Maintains backward compatibility with existing deployment restrictions (allowChangeEndpoint)

Components Modified

• frontend/src/components/agency/agency/Agency.jsx
• frontend/src/components/agency/ds-settings-card/DsSettingsCard.jsx
• frontend/src/components/agency/workflow-card/WorkflowCard.jsx

Testing Checklist

• Workflow owner can modify all settings
• Non-owner cannot change Prompt Studio project
• Non-owner cannot configure tool settings
• Non-owner cannot modify source connector
• Non-owner cannot modify destination connector
• Tooltips display correct messages for non-owners
• Tool names display correctly even when tool is no longer exported
• Ownership check handles type differences correctly

🤖 Generated with Claude Code

[coderabbitai]

Summary by CodeRabbit

• New Features
  • Workflow ownership controls: Only the workflow owner can change the Prompt Studio project or configure settings. Non-owners see disabled actions with clear tooltips explaining restrictions.
  • Improved tool labeling: Tool names are resolved more reliably, with graceful fallbacks when a name isn’t available.
  • Consistent ownership handling: Ownership status is applied across workflow cards and settings, ensuring a unified permission experience throughout the interface.

Walkthrough

Introduces isWorkflowOwner ownership checks into Agency, WorkflowCard, and DsSettingsCard components, wiring the prop through and using it to disable actions and show tooltips. Adds helper getToolName in Agency for resolving tool names. Updates UI to restrict changing Prompt Studio project and settings to workflow owners.

Changes

Cohort / File(s)	Summary
Ownership gating propagation frontend/src/components/agency/agency/Agency.jsx, frontend/src/components/agency/workflow-card/WorkflowCard.jsx, frontend/src/components/agency/ds-settings-card/DsSettingsCard.jsx	Adds isWorkflowOwner determination in Agency and passes it to WorkflowCard and DsSettingsCard. Disables action buttons and shows tooltips when user is not the owner. Updates prop signatures and PropTypes to include isWorkflowOwner.
Tool name resolution frontend/src/components/agency/agency/Agency.jsx	Adds getToolName(toolId) to resolve names via tool_instances, then exportedTools, else fallback to toolId. Replaces direct lookup with getToolName in exported Prompt Studio project selector.
Component API updates frontend/src/components/agency/workflow-card/WorkflowCard.jsx, frontend/src/components/agency/ds-settings-card/DsSettingsCard.jsx	WorkflowCard and DsSettingsCard now accept isWorkflowOwner boolean prop; DsSettingsCard uses it alongside allowChangeEndpoint to control UI disablement and tooltips. PropTypes updated accordingly.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User
  participant Agency as Agency.jsx
  participant WF as WorkflowCard.jsx
  participant DS as DsSettingsCard.jsx

  Note over Agency: Compute isWorkflowOwner by comparing<br/>details.created_by with sessionDetails.id
  User->>Agency: Open workflow
  Agency->>Agency: getToolName(selectedTool)
  Agency->>WF: Render WorkflowCard(isWorkflowOwner)
  WF->>DS: Render DsSettingsCard(isWorkflowOwner)

  alt isWorkflowOwner == true
    DS-->>User: Enable "Change Connector" and "Configure Settings"
    Agency-->>User: Enable "Change Prompt Studio project"
  else
    DS-->>User: Disable actions + show tooltips
    Agency-->>User: Disable project change + settings config
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The pull request description uses custom headings like Summary and Changes Made instead of the repository’s required template and omits mandatory sections such as What, Why, How, break impact assessment, Database Migrations, Env Config, Relevant Docs, Related Issues or PRs, Dependencies Versions, Notes on Testing, Screenshots, and the Checklist.	Please revise the description to match the repository template by including the required headings What, Why, How, Can this PR break any existing features, Database Migrations, Env Config, Relevant Docs, Related Issues or PRs, Dependencies Versions, Notes on Testing, Screenshots, and the Checklist.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title clearly and concisely summarizes the primary change by stating that workflow modifications are now restricted to owners in shared workflows and includes the relevant ticket identifier without extraneous details.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch UN-2868-sharing-of-workflow-and-etl-api-deployment-improvements

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

frontend/src/components/agency/agency/Agency.jsx (1)

393-400: Consider memoizing isWorkflowOwner() for performance.

The function is called four times in the render (lines 1122, 1141, 1161, 1179). While the comparison is inexpensive, memoizing with useMemo would prevent redundant string conversions on every render.

+  const isOwner = useMemo(() => {
+    if (!details?.created_by || !sessionDetails?.id) {
+      return false;
+    }
+    return String(details.created_by) === String(sessionDetails.id);
+  }, [details?.created_by, sessionDetails?.id]);
+
-  // Check if current user is the workflow owner
-  const isWorkflowOwner = () => {
-    if (!details?.created_by || !sessionDetails?.id) {
-      return false;
-    }
-    // Convert both to strings for comparison to handle type differences
-    return String(details.created_by) === String(sessionDetails.id);
-  };

Then replace isWorkflowOwner() calls with isOwner:

-                isWorkflowOwner={isWorkflowOwner()}
+                isWorkflowOwner={isOwner}

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to Reviews > Disable Cache setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 1057159 and 9c4ec59.

📒 Files selected for processing (3)

• frontend/src/components/agency/agency/Agency.jsx (5 hunks)
• frontend/src/components/agency/ds-settings-card/DsSettingsCard.jsx (4 hunks)
• frontend/src/components/agency/workflow-card/WorkflowCard.jsx (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build

🔇 Additional comments (7)

frontend/src/components/agency/ds-settings-card/DsSettingsCard.jsx (2)

238-251: LGTM! Well-structured two-tier access control.

The tooltip and disabled state logic correctly layers deployment restrictions (allowChangeEndpoint) with ownership restrictions (isWorkflowOwner), providing clear feedback to users about why actions are unavailable.

---

262-277: LGTM! Proper ownership check for configuration actions.

The Configure button correctly prioritizes the ownership tooltip over the connector type validation message, ensuring users understand access restrictions before configuration requirements.

frontend/src/components/agency/agency/Agency.jsx (4)

376-391: LGTM! Robust fallback logic for tool name resolution.

The three-tier fallback (tool_instances → exportedTools → toolId) ensures tool names are displayed reliably even when backend data is incomplete.

---

1122-1122: LGTM! Ownership restrictions properly propagated to connectors.

Both source and destination connector cards receive the ownership check, ensuring consistent access control across all workflow components.

Also applies to: 1141-1141

---

1155-1155: LGTM! Proper ownership restrictions on tool actions.

The UI correctly displays resolved tool names and restricts modification actions to workflow owners only. The "Configure Settings" button appropriately checks both tool selection and ownership.

Also applies to: 1161-1161, 1179-1179

---

393-400: Verify falsy ID behavior – I couldn’t find any instances of created_by or sessionDetails.id being initialized to 0 in the frontend code. If your user IDs are guaranteed to be nonzero (e.g. start at 1 or use UUIDs), this guard is safe; otherwise consider allowing 0 as a valid ID or explicitly checking for null/undefined.

frontend/src/components/agency/workflow-card/WorkflowCard.jsx (1)

76-76: LGTM! Clean prop forwarding.

The component correctly receives and passes the isWorkflowOwner prop to DsSettingsCard without introducing any side effects.

Also applies to: 104-104, 123-123

[chandrasekharan-zipstack]

@johnyrahul just to be on the safer side, do we have checks in place to prevent this from the backend?

[sonarqubecloud]

Quality Gate passed

Issues
4 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[johnyrahul]

@johnyrahul just to be on the safer side, do we have checks in place to prevent this from the backend?

@chandrasekharan-zipstack Not yet. When I checked, since it is a workflow level edits, it should ideally be available under the workflow view set, but instead, a few of the settings are under the tool_instance view set and models. Let me give it a try at how to restrict such actions based on workflow ownership