From 78fe671f5f3ae2a25d9e53caf3ccbcff8d8ab4f5 Mon Sep 17 00:00:00 2001 From: John Smith Date: Mon, 9 Dec 2024 11:28:43 +1030 Subject: [PATCH] feat: Add `enable_customer_auth` to Cluster (#245) * chore: Add enable-customer-auth column * feat: Check cluster customer auth status --- .../drizzle/0190_equal_luke_cage.sql | 1 + control-plane/drizzle/meta/0190_snapshot.json | 1639 +++++++++++++++++ control-plane/drizzle/meta/_journal.json | 7 + control-plane/src/modules/auth/auth.test.ts | 17 +- control-plane/src/modules/auth/auth.ts | 6 + control-plane/src/modules/cluster.ts | 1 + control-plane/src/modules/data.ts | 1 + control-plane/src/modules/test/util.ts | 2 + control-plane/src/modules/workflows/router.ts | 12 - 9 files changed, 1673 insertions(+), 13 deletions(-) create mode 100644 control-plane/drizzle/0190_equal_luke_cage.sql create mode 100644 control-plane/drizzle/meta/0190_snapshot.json diff --git a/control-plane/drizzle/0190_equal_luke_cage.sql b/control-plane/drizzle/0190_equal_luke_cage.sql new file mode 100644 index 00000000..fc66a3ae --- /dev/null +++ b/control-plane/drizzle/0190_equal_luke_cage.sql @@ -0,0 +1 @@ +ALTER TABLE "clusters" ADD COLUMN "enable_customer_auth" boolean DEFAULT false NOT NULL; \ No newline at end of file diff --git a/control-plane/drizzle/meta/0190_snapshot.json b/control-plane/drizzle/meta/0190_snapshot.json new file mode 100644 index 00000000..a45bf2df --- /dev/null +++ b/control-plane/drizzle/meta/0190_snapshot.json @@ -0,0 +1,1639 @@ +{ + "id": "8fbdfd4d-2ffc-416a-ac03-18c540a69a11", + "prevId": "ce2c6c65-8eee-4473-bc7d-f5536b589cc6", + "version": "7", + "dialect": "postgresql", + "tables": { + "public.analytics_snapshots": { + "name": "analytics_snapshots", + "schema": "", + "columns": { + "data": { + "name": "data", + "type": "json", + "primaryKey": false, + "notNull": true + }, + "timestamp": { + "name": "timestamp", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true + } + }, + "indexes": {}, + "foreignKeys": {}, + "compositePrimaryKeys": { + "analytics_snapshots_pkey": { + "name": "analytics_snapshots_pkey", + "columns": [ + "timestamp" + ] + } + }, + "uniqueConstraints": {} + }, + "public.api_keys": { + "name": "api_keys", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(255)", + "primaryKey": false, + "notNull": true + }, + "name": { + "name": "name", + "type": "varchar(255)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "secret_hash": { + "name": "secret_hash", + "type": "varchar(255)", + "primaryKey": false, + "notNull": true + }, + "type": { + "name": "type", + "type": "varchar(255)", + "primaryKey": false, + "notNull": true + }, + "created_by": { + "name": "created_by", + "type": "varchar(255)", + "primaryKey": false, + "notNull": true + }, + "created_at": { + "name": "created_at", + "type": "timestamp", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "revoked_at": { + "name": "revoked_at", + "type": "timestamp", + "primaryKey": false, + "notNull": false + } + }, + "indexes": { + "api_keys_secret_hash_index": { + "name": "api_keys_secret_hash_index", + "columns": [ + { + "expression": "secret_hash", + "isExpression": false, + "asc": true, + "nulls": "last" + } + ], + "isUnique": true, + "concurrently": false, + "method": "btree", + "with": {} + } + }, + "foreignKeys": { + "api_keys_cluster_id_clusters_id_fk": { + "name": "api_keys_cluster_id_clusters_id_fk", + "tableFrom": "api_keys", + "tableTo": "clusters", + "columnsFrom": [ + "cluster_id" + ], + "columnsTo": [ + "id" + ], + "onDelete": "no action", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "api_keys_cluster_id_id_pk": { + "name": "api_keys_cluster_id_id_pk", + "columns": [ + "cluster_id", + "id" + ] + } + }, + "uniqueConstraints": {} + }, + "public.blobs": { + "name": "blobs", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "name": { + "name": "name", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "workflow_id": { + "name": "workflow_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "job_id": { + "name": "job_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "data": { + "name": "data", + "type": "text", + "primaryKey": false, + "notNull": true + }, + "created_at": { + "name": "created_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "encoding": { + "name": "encoding", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "type": { + "name": "type", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "size": { + "name": "size", + "type": "integer", + "primaryKey": false, + "notNull": true + } + }, + "indexes": {}, + "foreignKeys": { + "blobs_cluster_id_job_id_jobs_cluster_id_id_fk": { + "name": "blobs_cluster_id_job_id_jobs_cluster_id_id_fk", + "tableFrom": "blobs", + "tableTo": "jobs", + "columnsFrom": [ + "cluster_id", + "job_id" + ], + "columnsTo": [ + "cluster_id", + "id" + ], + "onDelete": "cascade", + "onUpdate": "no action" + }, + "blobs_cluster_id_workflow_id_workflows_cluster_id_id_fk": { + "name": "blobs_cluster_id_workflow_id_workflows_cluster_id_id_fk", + "tableFrom": "blobs", + "tableTo": "workflows", + "columnsFrom": [ + "cluster_id", + "workflow_id" + ], + "columnsTo": [ + "cluster_id", + "id" + ], + "onDelete": "cascade", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "blobs_cluster_id_id_pk": { + "name": "blobs_cluster_id_id_pk", + "columns": [ + "cluster_id", + "id" + ] + } + }, + "uniqueConstraints": {} + }, + "public.clusters": { + "name": "clusters", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": true, + "notNull": true + }, + "name": { + "name": "name", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "debug": { + "name": "debug", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "enable_customer_auth": { + "name": "enable_customer_auth", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "enable_run_configs": { + "name": "enable_run_configs", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "enable_knowledgebase": { + "name": "enable_knowledgebase", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "description": { + "name": "description", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "organization_id": { + "name": "organization_id", + "type": "varchar", + "primaryKey": false, + "notNull": false + }, + "additional_context": { + "name": "additional_context", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "created_at": { + "name": "created_at", + "type": "timestamp (6) with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "deleted_at": { + "name": "deleted_at", + "type": "timestamp (6) with time zone", + "primaryKey": false, + "notNull": false + } + }, + "indexes": { + "clusters_id_org_index": { + "name": "clusters_id_org_index", + "columns": [ + { + "expression": "id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "organization_id", + "isExpression": false, + "asc": true, + "nulls": "last" + } + ], + "isUnique": false, + "concurrently": false, + "method": "btree", + "with": {} + } + }, + "foreignKeys": {}, + "compositePrimaryKeys": {}, + "uniqueConstraints": {} + }, + "public.embeddings": { + "name": "embeddings", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "model": { + "name": "model", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "group_id": { + "name": "group_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "created_at": { + "name": "created_at", + "type": "timestamp (6) with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "type": { + "name": "type", + "type": "text", + "primaryKey": false, + "notNull": true + }, + "embedding_1024": { + "name": "embedding_1024", + "type": "vector(1024)", + "primaryKey": false, + "notNull": false + }, + "raw_data": { + "name": "raw_data", + "type": "text", + "primaryKey": false, + "notNull": true + }, + "raw_data_hash": { + "name": "raw_data_hash", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "tags": { + "name": "tags", + "type": "json", + "primaryKey": false, + "notNull": false + } + }, + "indexes": { + "embedding1024Index": { + "name": "embedding1024Index", + "columns": [ + { + "expression": "embedding_1024", + "isExpression": false, + "asc": true, + "nulls": "last", + "opclass": "vector_cosine_ops" + } + ], + "isUnique": false, + "concurrently": false, + "method": "hnsw", + "with": {} + }, + "embeddingsLookupIndex": { + "name": "embeddingsLookupIndex", + "columns": [ + { + "expression": "cluster_id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "type", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "group_id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "raw_data_hash", + "isExpression": false, + "asc": true, + "nulls": "last" + } + ], + "isUnique": false, + "concurrently": false, + "method": "btree", + "with": {} + } + }, + "foreignKeys": {}, + "compositePrimaryKeys": { + "embeddings_cluster_id_id_type_pk": { + "name": "embeddings_cluster_id_id_type_pk", + "columns": [ + "cluster_id", + "id", + "type" + ] + } + }, + "uniqueConstraints": {} + }, + "public.events": { + "name": "events", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "type": { + "name": "type", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "job_id": { + "name": "job_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "machine_id": { + "name": "machine_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "service": { + "name": "service", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "target_fn": { + "name": "target_fn", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "result_type": { + "name": "result_type", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "status": { + "name": "status", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "run_id": { + "name": "run_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "user_id": { + "name": "user_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "tool_name": { + "name": "tool_name", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "model_id": { + "name": "model_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "token_usage_input": { + "name": "token_usage_input", + "type": "integer", + "primaryKey": false, + "notNull": false + }, + "token_usage_output": { + "name": "token_usage_output", + "type": "integer", + "primaryKey": false, + "notNull": false + }, + "attention_level": { + "name": "attention_level", + "type": "integer", + "primaryKey": false, + "notNull": false + }, + "created_at": { + "name": "created_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "meta": { + "name": "meta", + "type": "json", + "primaryKey": false, + "notNull": true, + "default": "'{}'::json" + } + }, + "indexes": { + "timeline_index": { + "name": "timeline_index", + "columns": [ + { + "expression": "cluster_id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "run_id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "attention_level", + "isExpression": false, + "asc": true, + "nulls": "last" + } + ], + "isUnique": false, + "concurrently": false, + "method": "btree", + "with": {} + } + }, + "foreignKeys": {}, + "compositePrimaryKeys": {}, + "uniqueConstraints": {} + }, + "public.integrations": { + "name": "integrations", + "schema": "", + "columns": { + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "toolhouse": { + "name": "toolhouse", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "langfuse": { + "name": "langfuse", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "created_at": { + "name": "created_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "updated_at": { + "name": "updated_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + } + }, + "indexes": {}, + "foreignKeys": { + "integrations_cluster_id_clusters_id_fk": { + "name": "integrations_cluster_id_clusters_id_fk", + "tableFrom": "integrations", + "tableTo": "clusters", + "columnsFrom": [ + "cluster_id" + ], + "columnsTo": [ + "id" + ], + "onDelete": "no action", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "integrations_pkey": { + "name": "integrations_pkey", + "columns": [ + "cluster_id" + ] + } + }, + "uniqueConstraints": {} + }, + "public.jobs": { + "name": "jobs", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "text", + "primaryKey": false, + "notNull": true + }, + "target_fn": { + "name": "target_fn", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "target_args": { + "name": "target_args", + "type": "text", + "primaryKey": false, + "notNull": true + }, + "cache_key": { + "name": "cache_key", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "status": { + "name": "status", + "type": "text", + "primaryKey": false, + "notNull": true + }, + "result": { + "name": "result", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "result_type": { + "name": "result_type", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "executing_machine_id": { + "name": "executing_machine_id", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "remaining_attempts": { + "name": "remaining_attempts", + "type": "integer", + "primaryKey": false, + "notNull": true + }, + "created_at": { + "name": "created_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "updated_at": { + "name": "updated_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "resulted_at": { + "name": "resulted_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": false + }, + "last_retrieved_at": { + "name": "last_retrieved_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": false + }, + "function_execution_time_ms": { + "name": "function_execution_time_ms", + "type": "integer", + "primaryKey": false, + "notNull": false + }, + "timeout_interval_seconds": { + "name": "timeout_interval_seconds", + "type": "integer", + "primaryKey": false, + "notNull": true, + "default": 300 + }, + "service": { + "name": "service", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "workflow_id": { + "name": "workflow_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "auth_context": { + "name": "auth_context", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "run_context": { + "name": "run_context", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "approval_requested": { + "name": "approval_requested", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "approved": { + "name": "approved", + "type": "boolean", + "primaryKey": false, + "notNull": false + } + }, + "indexes": { + "clusterServiceStatusIndex": { + "name": "clusterServiceStatusIndex", + "columns": [ + { + "expression": "cluster_id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "service", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "status", + "isExpression": false, + "asc": true, + "nulls": "last" + } + ], + "isUnique": false, + "concurrently": false, + "method": "btree", + "with": {} + }, + "clusterServiceStatusFnIndex": { + "name": "clusterServiceStatusFnIndex", + "columns": [ + { + "expression": "cluster_id", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "service", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "target_fn", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "status", + "isExpression": false, + "asc": true, + "nulls": "last" + } + ], + "isUnique": false, + "concurrently": false, + "method": "btree", + "with": {} + } + }, + "foreignKeys": {}, + "compositePrimaryKeys": { + "jobs_cluster_id_id": { + "name": "jobs_cluster_id_id", + "columns": [ + "cluster_id", + "id" + ] + } + }, + "uniqueConstraints": { + "jobs_id_unique": { + "name": "jobs_id_unique", + "nullsNotDistinct": false, + "columns": [ + "id" + ] + } + } + }, + "public.machines": { + "name": "machines", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "last_ping_at": { + "name": "last_ping_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true + }, + "sdk_version": { + "name": "sdk_version", + "type": "varchar(128)", + "primaryKey": false, + "notNull": false + }, + "sdk_language": { + "name": "sdk_language", + "type": "varchar(128)", + "primaryKey": false, + "notNull": false + }, + "ip": { + "name": "ip", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "status": { + "name": "status", + "type": "text", + "primaryKey": false, + "notNull": false, + "default": "'active'" + } + }, + "indexes": {}, + "foreignKeys": {}, + "compositePrimaryKeys": { + "machines_id_cluster_id": { + "name": "machines_id_cluster_id", + "columns": [ + "id", + "cluster_id" + ] + } + }, + "uniqueConstraints": {} + }, + "public.prompt_templates": { + "name": "prompt_templates", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "name": { + "name": "name", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "initial_prompt": { + "name": "initial_prompt", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "system_prompt": { + "name": "system_prompt", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "attached_functions": { + "name": "attached_functions", + "type": "json", + "primaryKey": false, + "notNull": true, + "default": "'[]'::json" + }, + "structured_output": { + "name": "structured_output", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "input_schema": { + "name": "input_schema", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "public": { + "name": "public", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "created_at": { + "name": "created_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "updated_at": { + "name": "updated_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + } + }, + "indexes": {}, + "foreignKeys": { + "prompt_templates_cluster_id_clusters_id_fk": { + "name": "prompt_templates_cluster_id_clusters_id_fk", + "tableFrom": "prompt_templates", + "tableTo": "clusters", + "columnsFrom": [ + "cluster_id" + ], + "columnsTo": [ + "id" + ], + "onDelete": "no action", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "prompt_templates_pkey": { + "name": "prompt_templates_pkey", + "columns": [ + "cluster_id", + "id" + ] + } + }, + "uniqueConstraints": {} + }, + "public.services": { + "name": "services", + "schema": "", + "columns": { + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "service": { + "name": "service", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "queue_url": { + "name": "queue_url", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "definition": { + "name": "definition", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "timestamp": { + "name": "timestamp", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": false + } + }, + "indexes": {}, + "foreignKeys": { + "services_cluster_id_clusters_id_fk": { + "name": "services_cluster_id_clusters_id_fk", + "tableFrom": "services", + "tableTo": "clusters", + "columnsFrom": [ + "cluster_id" + ], + "columnsTo": [ + "id" + ], + "onDelete": "no action", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "services_cluster_id_service": { + "name": "services_cluster_id_service", + "columns": [ + "cluster_id", + "service" + ] + } + }, + "uniqueConstraints": {} + }, + "public.tool_metadata": { + "name": "tool_metadata", + "schema": "", + "columns": { + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "service": { + "name": "service", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "function_name": { + "name": "function_name", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "user_defined_context": { + "name": "user_defined_context", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "result_keys": { + "name": "result_keys", + "type": "json", + "primaryKey": false, + "notNull": false, + "default": "'[]'::json" + } + }, + "indexes": {}, + "foreignKeys": { + "tool_metadata_cluster_id_clusters_id_fk": { + "name": "tool_metadata_cluster_id_clusters_id_fk", + "tableFrom": "tool_metadata", + "tableTo": "clusters", + "columnsFrom": [ + "cluster_id" + ], + "columnsTo": [ + "id" + ], + "onDelete": "no action", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "tool_metadata_pkey": { + "name": "tool_metadata_pkey", + "columns": [ + "cluster_id", + "service", + "function_name" + ] + } + }, + "uniqueConstraints": {} + }, + "public.versioned_entities": { + "name": "versioned_entities", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "type": { + "name": "type", + "type": "varchar(128)", + "primaryKey": false, + "notNull": true + }, + "version": { + "name": "version", + "type": "integer", + "primaryKey": false, + "notNull": true + }, + "entity": { + "name": "entity", + "type": "json", + "primaryKey": false, + "notNull": true + }, + "created_at": { + "name": "created_at", + "type": "timestamp with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + } + }, + "indexes": {}, + "foreignKeys": {}, + "compositePrimaryKeys": { + "versioned_entities_pkey": { + "name": "versioned_entities_pkey", + "columns": [ + "cluster_id", + "id", + "type", + "version" + ] + } + }, + "uniqueConstraints": {} + }, + "public.workflow_messages": { + "name": "workflow_messages", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "user_id": { + "name": "user_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "workflow_id": { + "name": "workflow_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "created_at": { + "name": "created_at", + "type": "timestamp (6) with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "updated_at": { + "name": "updated_at", + "type": "timestamp (6) with time zone", + "primaryKey": false, + "notNull": false + }, + "data": { + "name": "data", + "type": "json", + "primaryKey": false, + "notNull": true + }, + "type": { + "name": "type", + "type": "text", + "primaryKey": false, + "notNull": true + }, + "metadata": { + "name": "metadata", + "type": "json", + "primaryKey": false, + "notNull": false + } + }, + "indexes": {}, + "foreignKeys": { + "workflow_messages_workflow_id_cluster_id_workflows_id_cluster_id_fk": { + "name": "workflow_messages_workflow_id_cluster_id_workflows_id_cluster_id_fk", + "tableFrom": "workflow_messages", + "tableTo": "workflows", + "columnsFrom": [ + "workflow_id", + "cluster_id" + ], + "columnsTo": [ + "id", + "cluster_id" + ], + "onDelete": "cascade", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "workflow_messages_cluster_id_workflow_id_id": { + "name": "workflow_messages_cluster_id_workflow_id_id", + "columns": [ + "cluster_id", + "workflow_id", + "id" + ] + } + }, + "uniqueConstraints": {} + }, + "public.workflow_metadata": { + "name": "workflow_metadata", + "schema": "", + "columns": { + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "workflow_id": { + "name": "workflow_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "key": { + "name": "key", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "value": { + "name": "value", + "type": "text", + "primaryKey": false, + "notNull": true + } + }, + "indexes": { + "workflowMetadataIndex": { + "name": "workflowMetadataIndex", + "columns": [ + { + "expression": "key", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "value", + "isExpression": false, + "asc": true, + "nulls": "last" + }, + { + "expression": "cluster_id", + "isExpression": false, + "asc": true, + "nulls": "last" + } + ], + "isUnique": false, + "concurrently": false, + "method": "btree", + "with": {} + } + }, + "foreignKeys": { + "workflow_metadata_workflow_id_cluster_id_workflows_id_cluster_id_fk": { + "name": "workflow_metadata_workflow_id_cluster_id_workflows_id_cluster_id_fk", + "tableFrom": "workflow_metadata", + "tableTo": "workflows", + "columnsFrom": [ + "workflow_id", + "cluster_id" + ], + "columnsTo": [ + "id", + "cluster_id" + ], + "onDelete": "cascade", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "workflow_metadata_cluster_id_workflow_id_key": { + "name": "workflow_metadata_cluster_id_workflow_id_key", + "columns": [ + "cluster_id", + "workflow_id", + "key" + ] + } + }, + "uniqueConstraints": {} + }, + "public.workflows": { + "name": "workflows", + "schema": "", + "columns": { + "id": { + "name": "id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "result_function": { + "name": "result_function", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "result_schema": { + "name": "result_schema", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "name": { + "name": "name", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true, + "default": "''" + }, + "system_prompt": { + "name": "system_prompt", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": false + }, + "model_identifier": { + "name": "model_identifier", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "user_id": { + "name": "user_id", + "type": "varchar(1024)", + "primaryKey": false, + "notNull": true + }, + "cluster_id": { + "name": "cluster_id", + "type": "varchar", + "primaryKey": false, + "notNull": true + }, + "created_at": { + "name": "created_at", + "type": "timestamp (6) with time zone", + "primaryKey": false, + "notNull": true, + "default": "now()" + }, + "status": { + "name": "status", + "type": "text", + "primaryKey": false, + "notNull": false, + "default": "'pending'" + }, + "failure_reason": { + "name": "failure_reason", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "debug": { + "name": "debug", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "attached_functions": { + "name": "attached_functions", + "type": "json", + "primaryKey": false, + "notNull": true, + "default": "'[]'::json" + }, + "test": { + "name": "test", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "test_mocks": { + "name": "test_mocks", + "type": "json", + "primaryKey": false, + "notNull": false, + "default": "'{}'::json" + }, + "feedback_comment": { + "name": "feedback_comment", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "feedback_score": { + "name": "feedback_score", + "type": "integer", + "primaryKey": false, + "notNull": false + }, + "config_id": { + "name": "config_id", + "type": "varchar(128)", + "primaryKey": false, + "notNull": false + }, + "config_version": { + "name": "config_version", + "type": "integer", + "primaryKey": false, + "notNull": false + }, + "reasoning_traces": { + "name": "reasoning_traces", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": true + }, + "interactive": { + "name": "interactive", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": true + }, + "enable_summarization": { + "name": "enable_summarization", + "type": "boolean", + "primaryKey": false, + "notNull": true, + "default": false + }, + "customer_auth_token": { + "name": "customer_auth_token", + "type": "text", + "primaryKey": false, + "notNull": false + }, + "auth_context": { + "name": "auth_context", + "type": "json", + "primaryKey": false, + "notNull": false + }, + "context": { + "name": "context", + "type": "json", + "primaryKey": false, + "notNull": false + } + }, + "indexes": {}, + "foreignKeys": { + "workflows_cluster_id_clusters_id_fk": { + "name": "workflows_cluster_id_clusters_id_fk", + "tableFrom": "workflows", + "tableTo": "clusters", + "columnsFrom": [ + "cluster_id" + ], + "columnsTo": [ + "id" + ], + "onDelete": "no action", + "onUpdate": "no action" + } + }, + "compositePrimaryKeys": { + "workflows_cluster_id_id": { + "name": "workflows_cluster_id_id", + "columns": [ + "cluster_id", + "id" + ] + } + }, + "uniqueConstraints": {} + } + }, + "enums": {}, + "schemas": {}, + "_meta": { + "columns": {}, + "schemas": {}, + "tables": {} + } +} \ No newline at end of file diff --git a/control-plane/drizzle/meta/_journal.json b/control-plane/drizzle/meta/_journal.json index 0e2e1fa6..d6249c75 100644 --- a/control-plane/drizzle/meta/_journal.json +++ b/control-plane/drizzle/meta/_journal.json @@ -1324,6 +1324,13 @@ "when": 1733170569617, "tag": "0189_funny_nomad", "breakpoints": true + }, + { + "idx": 190, + "version": "7", + "when": 1733704811215, + "tag": "0190_equal_luke_cage", + "breakpoints": true } ] } \ No newline at end of file diff --git a/control-plane/src/modules/auth/auth.test.ts b/control-plane/src/modules/auth/auth.test.ts index ec9d39f0..4e0bd865 100644 --- a/control-plane/src/modules/auth/auth.test.ts +++ b/control-plane/src/modules/auth/auth.test.ts @@ -499,7 +499,9 @@ describe("extractAuthState", () => { describe("extractCustomerAuthState", () => { let owner: Awaited>; beforeEach(async () => { - owner = await createOwner(); + owner = await createOwner({ + enableCustomerAuth: true, + }); jest.resetAllMocks(); }); @@ -527,6 +529,19 @@ describe("extractCustomerAuthState", () => { }); }); + it("should throw if customer auth is not enabled for cluster", async () => { + owner = await createOwner({ + enableCustomerAuth: false, + }); + + mockCustomer.verifyCustomerProvidedAuth.mockResolvedValue({ + someAuthValue: "someValue", + }); + + await expect(extractCustomerAuthState("abc123", owner.clusterId)).rejects.toThrow("Customer auth is not enabled for this cluster"); + }); + + describe("isUser", () => { it("should throw", async () => { mockCustomer.verifyCustomerProvidedAuth.mockResolvedValue({ diff --git a/control-plane/src/modules/auth/auth.ts b/control-plane/src/modules/auth/auth.ts index 77afb1ee..c904223a 100644 --- a/control-plane/src/modules/auth/auth.ts +++ b/control-plane/src/modules/auth/auth.ts @@ -370,6 +370,12 @@ export const extractCustomerAuthState = async ( return undefined; } + if (!cluster.enable_customer_auth) { + throw new AuthenticationError( + "Customer auth is not enabled for this cluster", + ); + } + const context = await verifyCustomerProvidedAuth({ token: token, clusterId: clusterId, diff --git a/control-plane/src/modules/cluster.ts b/control-plane/src/modules/cluster.ts index 172859aa..be6b1add 100644 --- a/control-plane/src/modules/cluster.ts +++ b/control-plane/src/modules/cluster.ts @@ -26,6 +26,7 @@ export const getClusterDetails = async (clusterId: string) => { id: data.clusters.id, name: data.clusters.name, description: data.clusters.description, + enable_customer_auth: data.clusters.enable_customer_auth, additional_context: data.clusters.additional_context, organization_id: data.clusters.organization_id, deleted_at: data.clusters.deleted_at, diff --git a/control-plane/src/modules/data.ts b/control-plane/src/modules/data.ts index bc7f8828..85e6a31f 100644 --- a/control-plane/src/modules/data.ts +++ b/control-plane/src/modules/data.ts @@ -136,6 +136,7 @@ export const clusters = pgTable( id: varchar("id", { length: 1024 }).primaryKey(), name: varchar("name", { length: 1024 }).notNull(), debug: boolean("debug").notNull().default(false), + enable_customer_auth: boolean("enable_customer_auth").notNull().default(false), enable_run_configs: boolean("enable_run_configs").notNull().default(false), enable_knowledgebase: boolean("enable_knowledgebase") .notNull() diff --git a/control-plane/src/modules/test/util.ts b/control-plane/src/modules/test/util.ts index 32e8613e..feab0400 100644 --- a/control-plane/src/modules/test/util.ts +++ b/control-plane/src/modules/test/util.ts @@ -3,6 +3,7 @@ import * as data from "../data"; export const createOwner = async (params?: { clusterId?: string; organizationId?: string; + enableCustomerAuth?: boolean; }) => { const clusterId = params?.clusterId || `test-cluster-${Math.random()}`; @@ -15,6 +16,7 @@ export const createOwner = async (params?: { id: clusterId, name: clusterId, organization_id: organizationId, + enable_customer_auth: params?.enableCustomerAuth ?? false, }) .execute(); diff --git a/control-plane/src/modules/workflows/router.ts b/control-plane/src/modules/workflows/router.ts index 2d5e5e65..31bd0744 100644 --- a/control-plane/src/modules/workflows/router.ts +++ b/control-plane/src/modules/workflows/router.ts @@ -168,18 +168,6 @@ export const runsRouter = initServer().router( let customerProvidedAuth = undefined; if (auth.type === "customer-provided") { customerProvidedAuth = auth.isCustomerProvided(); - - if (!runConfig) { - throw new AuthenticationError( - "Customer provided auth can only trigger run configurations", - ); - } - - if (!runConfig.public) { - throw new AuthenticationError( - "Customer provided auth can only trigger public run configurations", - ); - } } const workflow = await createRunWithMessage({