chihlasm/resolutionflow
1
0
Fork 0
Code Issues 23 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: use get_admin_db in access_share to handle cross-tenant session reads (public shares)

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
chihlasm
2026-04-10 06:50:00 +00:00
parent b641ac6c55
commit ac2b193909
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/app/api/endpoints/shares.py
View File

@@ -9,6 +9,7 @@ from sqlalchemy.orm import joinedload
from sqlalchemy.exc import IntegrityError from sqlalchemy.exc import IntegrityError
from app.core.database import get_db from app.core.database import get_db
from app.core.admin_database import get_admin_db
from app.models.session import Session from app.models.session import Session
from app.models.session_share import SessionShare, SessionShareView from app.models.session_share import SessionShare, SessionShareView
from app.models.user import User from app.models.user import User
@@ -210,7 +211,7 @@ async def _get_optional_user(request: Request, db: AsyncSession) -> Optional[Use
async def access_share( async def access_share(
share_token: str, share_token: str,
request: Request, request: Request,
db: Annotated[AsyncSession, Depends(get_db)], db: Annotated[AsyncSession, Depends(get_admin_db)],
): ):
"""Access a shared session via share token. """Access a shared session via share token.