Skip to content

fix(backend): prevent workflow cloning when user revokes own access #4153

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
seongjinyoon wants to merge 4 commits into
base: main
Choose a base branch
from
Open

fix(backend): prevent workflow cloning when user revokes own access #4153

seongjinyoon wants to merge 4 commits into from

Conversation

@seongjinyoon
Copy link
Contributor

@seongjinyoon seongjinyoon commented Jan 12, 2026

What changes were proposed in this PR?

This PR fixes a bug where workflow were cloned when users revoked their own access to a shared workflow while having it open in the workspace.

Bug:
When a user revoked their own access while editing a shared workflow, the frontend's auto-persist would continue to save changes. The backend's persistWorkflow method would receive these save requests from a user who no longer has access, and create a new workflow.

Changes Made:
Backend (WorkflowResource.scala):

  • Modified persistWorkflow() method to distinguish between:
    • Creating a new workflow (workflow ID is null)
    • Persisting an existing workflow without access (workflow ID is not null)

Frontend (ShareAccessComponent):

  • Added verifyRevokeAccess() method that shows a confirmation modal before revoking access.
  • Made revokeAccess() private and updated it to return a flag when user revokes their own access.

Frontend (MenuComponent):

  • Added redirect logic to navigate users to the workflows list page when they revoke their own access while in the workspace.

Frontend (share-access.component.html):

  • Updated delete button to call verifyRevokeAccess() instead of revokeAccess() to trigger confirmation popup.

Before:

Before.mov

After:

After.mov

Any related issues, documentation, discussions?

None.

How was this PR tested?

Manually tested.

Was this PR authored or co-authored using generative AI tooling?

No.

@github-actions github-actions bot added engine fix frontend Changes related to the frontend GUI labels Jan 12, 2026
@seongjinyoon
Copy link
Contributor Author

seongjinyoon commented Jan 12, 2026

@Xiao-zhen-Liu Sorry, this is the correct PR.

@Xiao-zhen-Liu Xiao-zhen-Liu self-requested a review January 12, 2026 22:43
Xiao-zhen-Liu
Xiao-zhen-Liu approved these changes Jan 12, 2026
View reviewed changes
Copy link
Contributor

@Xiao-zhen-Liu Xiao-zhen-Liu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for the fix!

@Xiao-zhen-Liu
Copy link
Contributor

Xiao-zhen-Liu commented Jan 12, 2026

@seongjinyoon Please fix the test cases.

@seongjinyoon
Copy link
Contributor Author

seongjinyoon commented Jan 13, 2026

@Xiao-zhen-Liu Thank you for the review. I have made the according changes. Please merge the PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Xiao-zhen-Liu Xiao-zhen-Liu Xiao-zhen-Liu approved these changes

Assignees

No one assigned

Labels

engine fix frontend Changes related to the frontend GUI

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@seongjinyoon @Xiao-zhen-Liu