improvement(access-control): migrate to workspace scope

[icecrasher321]

Summary

Make access control workspace scoped instead of org scoped in line with new governance model.

Type of Change

• Other: UX Improvement

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Apr 21, 2026 10:29pm

[cursor]

PR Summary

High Risk
Shifts access-control/entitlement checks from organization-level to workspace-level and adds new enforcement in multiple execution and API entry points (providers proxy, MCP tool execution, guardrails, workflow deploy/execute, invitations). Errors or edge cases in the new workspace resolution logic could incorrectly block/allow actions across workspaces.

Overview
Access Control is migrated from organization-scoped to workspace-scoped permission groups, including updated docs and UI that treat membership as “one group per workspace” with workspace-admin management.

Backend APIs are reworked to serve and mutate permission groups under /api/workspaces/:id/... (including new bulk membership operations) while removing legacy org-scoped endpoints; admin cleanup/listing now supports filtering/deleting by workspaceId or organizationId (via workspace join) and records audit events on deletion.

Enforcement is tightened across runtime and API surfaces by passing workspaceId through permission checks and introducing a unified assertPermissionsAllowed gate (providers proxy, MCP tool execution, guardrails hallucination validation, executor block/tool/model checks). Invitation and public-API toggles now validate against workspace/organization scope, and workspace membership mutations auto-apply the workspace “auto-add group” behavior; workspace permissions responses add a server-computed viewer field to simplify admin detection in the UI.

^{Reviewed by Cursor Bugbot for commit 4f48b2f. Configure here.}

[greptile-apps]

Greptile Summary

This PR migrates access control (permission groups) from organization-scoped to workspace-scoped, updating the DB schema, data migration, all API routes, executor validation hooks, and the React UI to use workspaceId as the primary scope key. The change is broad (62 files) but follows a consistent pattern throughout; prior-round concerns around the ON COMMIT DROP temp table in the migration and the disablePublicApi bypass for null-workspaceId workflows remain open. All remaining new findings in this review are P2.

Confidence Score: 5/5

Safe to merge; all new findings are P2 quality/style issues and the prior P0/P1 concerns remain as open items from the prior review round.

All inline comments in this round are P2. The migration and schema changes are thorough and the permission scoping logic is consistently applied across all 62 files. The auto-add transaction-isolation concern is unlikely to cause correctness issues under default Postgres READ COMMITTED. No new P0/P1 issues found.

packages/db/migrations/0194_careless_pete_wisdom.sql (ON COMMIT DROP, flagged prior round), apps/sim/lib/permission-groups/auto-add.ts (entitlement check outside transaction)

Important Files Changed

Filename	Overview
packages/db/migrations/0194_careless_pete_wisdom.sql	Major schema migration rebasing permission_group from org-scoped to workspace-scoped; contains ON COMMIT DROP temp table (flagged in prior review), step-by-step data clone is careful but depends on Drizzle breakpoint isolation
apps/sim/ee/access-control/utils/permission-check.ts	All validators updated to accept workspaceId; new unified assertPermissionsAllowed entry point; org-scoped invitation path uses unindexed JSONB containment query (P2)
apps/sim/lib/billing/core/subscription.ts	Replaces hasAccessControlAccess(userId) with isWorkspaceOnEnterprisePlan(workspaceId), supporting both org-owned and personal workspace billing paths; logic is clean and well-commented
apps/sim/lib/permission-groups/auto-add.ts	New helper to auto-enroll users into workspace auto-add groups on permission grant; isWorkspaceOnEnterprisePlan queries via outer db not the passed transaction client (P2)
apps/sim/app/api/workspaces/[id]/permissions/route.ts	GET now returns viewer field with server-resolved permissions; PATCH triggers auto-add on new members inside transaction, but auto-add's entitlement check escapes transaction scope (P2)
apps/sim/app/api/workflows/[id]/execute/route.ts	Uses new workspace-scoped validatePublicApiAllowed; workflows with null workspaceId now return 401 (flagged in prior review), which is more restrictive than before

Sequence Diagram

sequenceDiagram
    participant Client
    participant PermissionsRoute as PATCH /workspaces/[id]/permissions
    participant AutoAdd as applyWorkspaceAutoAddGroup
    participant Billing as isWorkspaceOnEnterprisePlan (db)
    participant Tx as Transaction (tx)

    Client->>PermissionsRoute: PATCH {updates}
    PermissionsRoute->>Tx: BEGIN TRANSACTION
    loop for each update
        Tx->>Tx: DELETE old permissions row
        Tx->>Tx: INSERT new permissions row
        alt isNew member
            Tx->>AutoAdd: applyWorkspaceAutoAddGroup(tx, workspaceId, userId)
            AutoAdd->>Billing: isWorkspaceOnEnterprisePlan(workspaceId) [uses outer db!]
            Billing-->>AutoAdd: entitled
            alt entitled
                AutoAdd->>Tx: SELECT autoAddGroup (tx)
                AutoAdd->>Tx: SELECT existingMembership (tx)
                AutoAdd->>Tx: INSERT permissionGroupMember (tx)
            end
        end
    end
    Tx->>PermissionsRoute: COMMIT
    PermissionsRoute-->>Client: 200 OK

Loading

_{Reviews (3): Last reviewed commit: "address more comments" | Re-trigger Greptile}

[icecrasher321]

bugbot run

[icecrasher321]

@greptile

[icecrasher321]

bugbot run

[icecrasher321]

@greptile

[icecrasher321]

bugbot run

[icecrasher321]

@greptile

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

^{Reviewed by Cursor Bugbot for commit 4f48b2f. Configure here.}