dify/api/controllers/console/workspace/tool_providers.py at 36ff9b447d5073784badddc32795792f1592a072

mirror of https://github.com/langgenius/dify.git synced 2026-03-26 08:00:29 -04:00

Files

GareArc 990e8feee8 security: fix IDOR and privilege escalation in set_default_provider

- Add tenant_id verification to prevent IDOR attacks
- Add admin check for enterprise tenant-wide default changes
- Preserve non-enterprise behavior (users can set own defaults)

2026-02-06 13:32:18 +08:00

41 KiB

Raw Blame History

View Raw

41 KiB Raw Blame History

41 KiB

Raw Blame History