Allot of bug fixes#15
Conversation
…ken wasting issue and a lag issue This update makes the system security stronger. It also makes the system work better. It does this by fixing problems, with the action runner and by making sure that only the right people can use the API routes. It also makes the chat work efficiently by making the payload sizes smaller. These changes stop files from being written without anyone noticing they stop people from using tokens when they are not allowed to. They make the user interface work more smoothly. This is especially true when people upload images and when the system is sending out a lot of information to track what is going on.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: cf074d9172
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| export async function action({ request, params }: ActionFunctionArgs) { | ||
| if (!(await isTenantAdminAuthorized(request))) { | ||
| return json({ error: 'Forbidden' }, { status: 403 }); |
There was a problem hiding this comment.
Guard the dynamic managed-instance route instead
This new guard is attached to api.managed-instances..refresh.ts, which has no $slug segment, so params.slug is always empty and the actual dynamic endpoint remains the pre-existing unguarded app/routes/api.managed-instances.$slug.refresh.ts (same pattern for suspend). Requests to /api/managed-instances/<slug>/refresh will continue to hit the $slug route and bypass isTenantAdminAuthorized; the guard needs to be applied to the $slug refresh/suspend route files rather than these new double-dot routes.
Useful? React with 👍 / 👎.
This update makes the system security stronger. It also makes the system work better. It does this by fixing problems, with the action runner and by making sure that only the right people can use the API routes. It also makes the chat work efficiently by making the payload sizes smaller.
These changes stop files from being written without anyone noticing they stop people from using tokens when they are not allowed to. They make the user interface work more smoothly. This is especially true when people upload images and when the system is sending out a lot of information to track what is going on.