fix(security): harden HIGH deepsec findings across multiple attack surfaces

- Supabase tools (get_row, delete, update): validate table name with strict
  identifier regex and encodeURIComponent to prevent LLM-controlled path
  traversal to admin endpoints; add missing empty-filter guard to update
  matching the delete.ts pattern

- SFTP/SMTP/SharePoint upload routes: add verifyFileAccess ownership check
  before downloadFileFromStorage, matching the WordPress reference pattern;
  rejects files the requesting user does not own with 404

- Gmail labels, OneDrive folders, Wealthbox items (×2): replace bare
  resolveOAuthAccountId + workspace-only membership check with
  authorizeCredentialUse which enforces credentialMember table; use
  credentialOwnerUserId for token refresh instead of bare accountRow.userId

- A2A utils: thread pre-resolved IP from validateUrlWithDNS into A2A SDK
  via pinnedFetch (secureFetchWithPinnedIP) for JsonRpcTransportFactory,
  RestTransportFactory, and DefaultAgentCardResolver, closing the TOCTOU
  DNS rebinding window

- SSH utils: cap stdout/stderr accumulation at 16 MB with truncation marker
  to prevent OOM from unbounded command output

- Form DELETE route: replace db.delete() with db.update({archivedAt}) for
  true soft delete matching the schema's archivedAt column

- Workflow admin import: fix Array.isArray() guard that silently dropped
  all variables (export format is Record, not Array)

- Multipart upload: apply checkStorageQuota and MAX_WORKSPACE_FILE_SIZE to
  mothership context, closing the quota bypass for workspace-scoped storage

Author: waleedlatif1

apps/sim/app/api/auth/oauth/wealthbox/items/route.ts

@@ -1,14 +1,11 @@
-import { db } from '@sim/db'
-import { account } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
-import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { wealthboxOAuthItemsContract } from '@/lib/api/contracts/selectors/wealthbox'
 import { parseRequest } from '@/lib/api/server'
-import { getSession } from '@/lib/auth'
+import { authorizeCredentialUse } from '@/lib/auth/credential-access'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
-import { refreshAccessTokenIfNeeded, resolveOAuthAccountId } from '@/app/api/auth/oauth/utils'
+import { refreshAccessTokenIfNeeded } from '@/app/api/auth/oauth/utils'
 
 export const dynamic = 'force-dynamic'
 
@@ -30,51 +27,22 @@ export const GET = withRouteHandler(async (request: NextRequest) => {
   const requestId = generateRequestId()
 
   try {
-    const session = await getSession()
-
-    if (!session?.user?.id) {
-      logger.warn(`[${requestId}] Unauthenticated request rejected`)
-      return NextResponse.json({ error: 'User not authenticated' }, { status: 401 })
-    }
-
     const parsed = await parseRequest(wealthboxOAuthItemsContract, request, {})
     if (!parsed.success) return parsed.response
     const { credentialId, type } = parsed.data.query
     const query = parsed.data.query.query ?? ''
 
-    const resolved = await resolveOAuthAccountId(credentialId)
-    if (!resolved) {
-      return NextResponse.json({ error: 'Credential not found' }, { status: 404 })
-    }
-
-    if (resolved.workspaceId) {
-      const { getUserEntityPermissions } = await import('@/lib/workspaces/permissions/utils')
-      const perm = await getUserEntityPermissions(
-        session.user.id,
-        'workspace',
-        resolved.workspaceId
-      )
-      if (perm === null) {
-        return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
-      }
-    }
-
-    const credentials = await db
-      .select()
-      .from(account)
-      .where(eq(account.id, resolved.accountId))
-      .limit(1)
-
-    if (!credentials.length) {
-      logger.warn(`[${requestId}] Credential not found`, { credentialId })
-      return NextResponse.json({ error: 'Credential not found' }, { status: 404 })
+    const authz = await authorizeCredentialUse(request as any, {
+      credentialId,
+      requireWorkflowIdForInternal: false,
+    })
+    if (!authz.ok || !authz.credentialOwnerUserId) {
+      return NextResponse.json({ error: authz.error || 'Unauthorized' }, { status: 403 })
     }
 
-    const accountRow = credentials[0]
-
     const accessToken = await refreshAccessTokenIfNeeded(
-      resolved.accountId,
-      accountRow.userId,
+      credentialId,
+      authz.credentialOwnerUserId,
       requestId
     )
 

apps/sim/app/api/files/multipart/route.ts

@@ -159,10 +159,27 @@ export const POST = withRouteHandler(async (request: NextRequest) => {
             )
           }
         } else if (context === 'mothership') {
+          const { MAX_WORKSPACE_FILE_SIZE } = await import('@/lib/uploads/shared/types')
+          if (typeof fileSize === 'number' && fileSize > MAX_WORKSPACE_FILE_SIZE) {
+            return NextResponse.json(
+              { error: `File size exceeds maximum of ${MAX_WORKSPACE_FILE_SIZE} bytes` },
+              { status: 413 }
+            )
+          }
+
           const { generateWorkspaceFileKey } = await import(
             '@/lib/uploads/contexts/workspace/workspace-file-manager'
           )
           customKey = generateWorkspaceFileKey(workspaceId, fileName)
+
+          const { checkStorageQuota } = await import('@/lib/billing/storage')
+          const quotaCheck = await checkStorageQuota(userId, fileSize)
+          if (!quotaCheck.allowed) {
+            return NextResponse.json(
+              { error: quotaCheck.error || 'Storage limit exceeded' },
+              { status: 413 }
+            )
+          }
         } else if (context === 'execution') {
           const workflowId = (data as { workflowId?: unknown }).workflowId
           const executionId = (data as { executionId?: unknown }).executionId

apps/sim/app/api/form/manage/[id]/route.ts

@@ -197,9 +197,12 @@ export const DELETE = withRouteHandler(
         return createErrorResponse('Form not found or access denied', 404)
       }
 
-      await db.delete(form).where(eq(form.id, id))
+      await db
+        .update(form)
+        .set({ archivedAt: new Date(), updatedAt: new Date() })
+        .where(eq(form.id, id))
 
-      logger.info(`Form ${id} deleted (soft delete)`)
+      logger.info(`Form ${id} soft deleted`)
 
       recordAudit({
         workspaceId: formWorkspaceId ?? null,

apps/sim/app/api/tools/gmail/labels/route.ts

@@ -1,11 +1,8 @@
-import { db } from '@sim/db'
-import { account } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
-import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { gmailLabelsSelectorContract } from '@/lib/api/contracts/selectors/google'
 import { parseRequest } from '@/lib/api/server'
-import { getSession } from '@/lib/auth'
+import { authorizeCredentialUse } from '@/lib/auth/credential-access'
 import { validateAlphanumericId } from '@/lib/core/security/input-validation'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
@@ -32,13 +29,6 @@ export const GET = withRouteHandler(async (request: NextRequest) => {
   const requestId = generateRequestId()
 
   try {
-    const session = await getSession()
-
-    if (!session?.user?.id) {
-      logger.warn(`[${requestId}] Unauthenticated labels request rejected`)
-      return NextResponse.json({ error: 'User not authenticated' }, { status: 401 })
-    }
-
     const parsed = await parseRequest(gmailLabelsSelectorContract, request, {})
     if (!parsed.success) return parsed.response
     const { credentialId, query } = parsed.data.query
@@ -50,23 +40,19 @@ export const GET = withRouteHandler(async (request: NextRequest) => {
       return NextResponse.json({ error: credentialIdValidation.error }, { status: 400 })
     }
 
+    const authz = await authorizeCredentialUse(request as any, {
+      credentialId,
+      requireWorkflowIdForInternal: false,
+    })
+    if (!authz.ok || !authz.credentialOwnerUserId) {
+      return NextResponse.json({ error: authz.error || 'Unauthorized' }, { status: 403 })
+    }
+
     const resolved = await resolveOAuthAccountId(credentialId)
     if (!resolved) {
       return NextResponse.json({ error: 'Credential not found' }, { status: 404 })
     }
 
-    if (resolved.workspaceId) {
-      const { getUserEntityPermissions } = await import('@/lib/workspaces/permissions/utils')
-      const perm = await getUserEntityPermissions(
-        session.user.id,
-        'workspace',
-        resolved.workspaceId
-      )
-      if (perm === null) {
-        return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
-      }
-    }
-
     let accessToken: string | null = null
 
     if (resolved.credentialType === 'service_account' && resolved.credentialId) {
@@ -76,26 +62,9 @@ export const GET = withRouteHandler(async (request: NextRequest) => {
         impersonateEmail
       )
     } else {
-      const credentials = await db
-        .select()
-        .from(account)
-        .where(eq(account.id, resolved.accountId))
-        .limit(1)
-
-      if (!credentials.length) {
-        logger.warn(`[${requestId}] Credential not found`)
-        return NextResponse.json({ error: 'Credential not found' }, { status: 404 })
-      }
-
-      const accountRow = credentials[0]
-
-      logger.info(
-        `[${requestId}] Using credential: ${accountRow.id}, provider: ${accountRow.providerId}`
-      )
-
       accessToken = await refreshAccessTokenIfNeeded(
-        resolved.accountId,
-        accountRow.userId,
+        credentialId,
+        authz.credentialOwnerUserId,
         requestId,
         getScopesForService('gmail')
       )

apps/sim/app/api/tools/onedrive/folders/route.ts

@@ -1,15 +1,12 @@
-import { db } from '@sim/db'
-import { account } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { generateId } from '@sim/utils/id'
-import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { onedriveFoldersQuerySchema } from '@/lib/api/contracts/selectors/microsoft'
 import { getValidationErrorMessage } from '@/lib/api/server'
-import { getSession } from '@/lib/auth'
+import { authorizeCredentialUse } from '@/lib/auth/credential-access'
 import { validateMicrosoftGraphId } from '@/lib/core/security/input-validation'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
-import { refreshAccessTokenIfNeeded, resolveOAuthAccountId } from '@/app/api/auth/oauth/utils'
+import { refreshAccessTokenIfNeeded } from '@/app/api/auth/oauth/utils'
 import type { MicrosoftGraphDriveItem } from '@/tools/onedrive/types'
 
 export const dynamic = 'force-dynamic'
@@ -23,11 +20,6 @@ export const GET = withRouteHandler(async (request: NextRequest) => {
   const requestId = generateId().slice(0, 8)
 
   try {
-    const session = await getSession()
-    if (!session?.user?.id) {
-      return NextResponse.json({ error: 'User not authenticated' }, { status: 401 })
-    }
-
     const { searchParams } = new URL(request.url)
     const validation = onedriveFoldersQuerySchema.safeParse({
       credentialId: searchParams.get('credentialId') ?? '',
@@ -51,37 +43,17 @@ export const GET = withRouteHandler(async (request: NextRequest) => {
       return NextResponse.json({ error: credentialIdValidation.error }, { status: 400 })
     }
 
-    const resolved = await resolveOAuthAccountId(credentialId)
-    if (!resolved) {
-      return NextResponse.json({ error: 'Credential not found' }, { status: 404 })
-    }
-
-    if (resolved.workspaceId) {
-      const { getUserEntityPermissions } = await import('@/lib/workspaces/permissions/utils')
-      const perm = await getUserEntityPermissions(
-        session.user.id,
-        'workspace',
-        resolved.workspaceId
-      )
-      if (perm === null) {
-        return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
-      }
-    }
-
-    const credentials = await db
-      .select()
-      .from(account)
-      .where(eq(account.id, resolved.accountId))
-      .limit(1)
-    if (!credentials.length) {
-      return NextResponse.json({ error: 'Credential not found' }, { status: 404 })
+    const authz = await authorizeCredentialUse(request as any, {
+      credentialId,
+      requireWorkflowIdForInternal: false,
+    })
+    if (!authz.ok || !authz.credentialOwnerUserId) {
+      return NextResponse.json({ error: authz.error || 'Unauthorized' }, { status: 403 })
     }
 
-    const accountRow = credentials[0]
-
     const accessToken = await refreshAccessTokenIfNeeded(
-      resolved.accountId,
-      accountRow.userId,
+      credentialId,
+      authz.credentialOwnerUserId,
       requestId
     )
     if (!accessToken) {

apps/sim/app/api/tools/sftp/upload/route.ts

@@ -7,6 +7,7 @@ import { generateRequestId } from '@/lib/core/utils/request'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
+import { verifyFileAccess } from '@/app/api/files/authorization'
 import {
   createSftpConnection,
   getSftp,
@@ -95,6 +96,22 @@ export const POST = withRouteHandler(async (request: NextRequest) => {
 
         for (const file of userFiles) {
           try {
+            if (typeof file.key !== 'string' || file.key.length === 0) {
+              logger.warn(`[${requestId}] File access check rejected: missing key`)
+              return NextResponse.json({ success: false, error: 'File not found' }, { status: 404 })
+            }
+            if (!authResult.userId) {
+              logger.warn(`[${requestId}] File access check requires userId but none available`)
+              return NextResponse.json({ success: false, error: 'File not found' }, { status: 404 })
+            }
+            const hasAccess = await verifyFileAccess(file.key, authResult.userId)
+            if (!hasAccess) {
+              logger.warn(`[${requestId}] File access denied for user`, {
+                userId: authResult.userId,
+                key: file.key,
+              })
+              return NextResponse.json({ success: false, error: 'File not found' }, { status: 404 })
+            }
             logger.info(
               `[${requestId}] Downloading file for upload: ${file.name} (${file.size} bytes)`
             )

apps/sim/app/api/tools/sharepoint/upload/route.ts

@@ -9,6 +9,7 @@ import { generateRequestId } from '@/lib/core/utils/request'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
+import { verifyFileAccess } from '@/app/api/files/authorization'
 import type { MicrosoftGraphDriveItem } from '@/tools/onedrive/types'
 import type { SharepointSkippedFile, SharepointUploadError } from '@/tools/sharepoint/types'
 
@@ -82,6 +83,22 @@ export const POST = withRouteHandler(async (request: NextRequest) => {
     const errors: SharepointUploadError[] = []
 
     for (const userFile of userFiles) {
+      if (typeof userFile.key !== 'string' || userFile.key.length === 0) {
+        logger.warn(`[${requestId}] File access check rejected: missing key`)
+        return NextResponse.json({ success: false, error: 'File not found' }, { status: 404 })
+      }
+      if (!authResult.userId) {
+        logger.warn(`[${requestId}] File access check requires userId but none available`)
+        return NextResponse.json({ success: false, error: 'File not found' }, { status: 404 })
+      }
+      const hasAccess = await verifyFileAccess(userFile.key, authResult.userId)
+      if (!hasAccess) {
+        logger.warn(`[${requestId}] File access denied for user`, {
+          userId: authResult.userId,
+          key: userFile.key,
+        })
+        return NextResponse.json({ success: false, error: 'File not found' }, { status: 404 })
+      }
       logger.info(`[${requestId}] Uploading file: ${userFile.name}`)
 
       const buffer = await downloadFileFromStorage(userFile, requestId, logger)

apps/sim/app/api/tools/smtp/send/route.ts

@@ -10,6 +10,7 @@ import { generateRequestId } from '@/lib/core/utils/request'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
+import { verifyFileAccess } from '@/app/api/files/authorization'
 
 export const dynamic = 'force-dynamic'
 
@@ -122,6 +123,22 @@ export const POST = withRouteHandler(async (request: NextRequest) => {
         const attachmentBuffers = await Promise.all(
           attachments.map(async (file) => {
             try {
+              if (typeof file.key !== 'string' || file.key.length === 0) {
+                logger.warn(`[${requestId}] File access check rejected: missing key`)
+                throw new Error('File not found')
+              }
+              if (!authResult.userId) {
+                logger.warn(`[${requestId}] File access check requires userId but none available`)
+                throw new Error('File not found')
+              }
+              const hasAccess = await verifyFileAccess(file.key, authResult.userId)
+              if (!hasAccess) {
+                logger.warn(`[${requestId}] File access denied for user`, {
+                  userId: authResult.userId,
+                  key: file.key,
+                })
+                throw new Error('File not found')
+              }
               logger.info(
                 `[${requestId}] Downloading attachment: ${file.name} (${file.size} bytes)`
               )