* feat: Require workspace ID for API key operations
- Added validation to ensure `activeWorkspaceId` is present in user requests for all API key operations (get, create, update, import, delete).
- Updated `getWorkspaceSearchOptions` and `getWorkspaceSearchOptionsFromReq` to throw an error if `workspaceId` is not provided.
- Modified service methods to enforce `workspaceId` as a required parameter for database operations related to API keys.
* feat: Enforce workspace ID as a required field across multiple interfaces and services
- Updated various interfaces to make `workspaceId` a mandatory field instead of optional.
- Enhanced assistant and export-import service methods to require `workspaceId` for operations, ensuring proper validation and error handling.
- Modified database entity definitions to reflect the change in `workspaceId` from optional to required.
- Improved error handling in controllers to check for `activeWorkspaceId` before proceeding with requests.
* Require workspace ID in various controllers and services
- Updated controllers for credentials, datasets, document stores, evaluations, evaluators, and variables to enforce the presence of `workspaceId`.
- Enhanced error handling to throw appropriate errors when `workspaceId` is not provided.
- Modified service methods to accept `workspaceId` as a mandatory parameter for operations, ensuring consistent validation across the application.
* Update EvaluatorRunner and index to require workspaceId for evaluator retrieval
- Modified the runAdditionalEvaluators function to accept workspaceId as a parameter.
* lint fixes
* Enhancement/Integrate workspaceId in chatflow and flow-config services
- Updated chatflow and flow-config controllers to require workspaceId for fetching chatflows.
- Modified service methods to accept workspaceId as a parameter, ensuring proper context for chatflow retrieval.
* lint fix
* get rid of redundant isApiKeyValidated
* refactor: update permission checks for chatflows and agentflows routes
- Enhanced permission checks in chatflows routes to include agentflows permissions for create, read, update, and delete operations.
- Updated navigation paths in authentication views to redirect to the home page instead of chatflows after successful login or registration.
* fix(DefaultRedirect.jsx): add redirect unauthenticated users to login
* fix(RequireAuth.jsx): check permissions for routes without display property
* fix(DefaultRedirect.jsx): WorkspaceSwitcher api spam
* fix(routes/chatflows/index.ts): use checkAnyPermission for chatflow/has-changed/:id/:lastUpdatedDateTime
* fix(routes/chatflows/index.ts): use checkAnyPermission for delete request chatflow/:id
* fix(controllers/text-to-speech/index.ts): add workspace ID validation in generateTextToSpeech
* fix(controllers/internal-predictions/index.ts): add chatflow retrieval and validation using workspaceId
* feat(services\credentials\index.ts): add filter by workspaceId for getCredentialById
* chore(routes/chat-messages/index.ts): unused chat-messages route
* feat(services/chatflows/index.ts): add filter by workspaceId for deleteChatflow
* feat(services/marketplaces/index.ts): add filter by workspaceId for deleteCustomTemplate
* feat(tools): add filter by workspaceId for read, update, and delete
---------
Co-authored-by: Vinod Paidimarry <vinodkiran@outlook.in>
Co-authored-by: Yau <33013947+chungyau97@users.noreply.github.com>
Co-authored-by: chungyau97 <chungyau97@gmail.com>
* fix shared credentials not showing on ui
* Enhance credential retrieval by including createdDate, updatedDate, and workspaceId fields; sanitize shared item data by omitting encryptedData.
* feat: require old password when changing password
* update account settings page - require old password for changing passwords
* update profile dropdown - go to /account route for updating account details
* Remove all session based on user id after password change
* fix: run lint-fix
* remove unnecessary error page on account
* fix: prevent logout if user provides wrong current password
* fix: remove unused user profile page
* fix: import
---------
Co-authored-by: Henry <hzj94@hotmail.com>
* add tools warning
* Enhance file handling tools with security features
- Introduced new input parameters: workspacePath, enforceWorkspaceBoundaries, maxFileSize, and allowedExtensions for better control over file operations.
- Added validation for file paths and sizes to prevent unsafe operations.
- Implemented workspace boundary checks to restrict file access based on user-defined settings.
Added background toggle functionality across multiple components (AgentflowCanvas, MarketplaceCanvas, Canvas) with new icons for enabling/disabling background.
Enhance file upload functionality in createAttachment
- Added support for configurable allowed file types and file upload status in createFileAttachment.
- Implemented validation to ensure uploaded files match allowed types, throwing errors for disallowed types.
* Add tts UI
* Add tts backend
* Add description to eleven labs credentials
* Fix issue with fetching eleven labs voices
* Fix issue with text to speech tab not showing correct saved voice
* Add option to autoplay tts audio after prediction completes
* Fix crash issue when first changing tts provider
* Set up streaming response for text to speech audio
* Update controllers - fix issue with sse client getting removed before tts events are sent
* Use existing sse streamer to stream tts audio before sse client is removed
* Add tts sse to redis publisher
* Fix issues with TTS - openai voices, streaming audio, rate limiting, speed of speech
* Refactor
* Refactor TTS - fix issues with tts loading and stop audio buttons
* Abort TTS SSE when clicking the stop button
* Update SSE handling for TTS
* Fix issue with test voice feature
* Fix issue with tts voices not loading
* Update generate tts endpoint and its usage in internal chat
* Whitelist tts generate endpoint
* Refactor Text-to-Speech Provider Selection and Enhance UI Components
- Updated the text-to-speech controller to select the active provider based on status instead of the first available provider
- Added audio waveform controls and test audio functionality in the TextToSpeech component, allowing users to play and pause test audio
- Integrated Autocomplete for voice selection in the TextToSpeech component
- Implemented TTS action management in ChatMessage to prevent auto-scrolling during TTS actions
* - Implemented stopAllTTS function calls to halt existing TTS audio before playing new audio or starting a new TTS stream
* Updated the condition for enabling TTS providers to exclude the 'none' provider, ensuring only valid providers are considered for text-to-speech functionality.
* Remove unnecessary code
* Add ability to abort audio streaming in TTS and release lock on chat input
* Remove logger
* Fix tts audio not playing when clicking speaker button
* update
* TTS abort controller
* Fix abort not working for TTS autoplay
* Send metadata event when aborting autoplay TTS
* Fix UI issue
* Remove elevenlabs sdk from root package.json
* Remove redundant condition for tts autoplay in chatflow
---------
Co-authored-by: Henry <hzj94@hotmail.com>
Remove cancel subscription functionality from account controller and UI components; update email background and logo URLs across multiple email templates.
* Feature: Update Loop Agentflow to include fallback message and version increment to 1.1
- Added a new input parameter 'fallbackMessage' to the Loop Agentflow for displaying a message when the loop count is exceeded.
- Incremented the version of Loop Agentflow from 1.0 to 1.1.
- Updated the processing logic to handle the fallback message appropriately when the maximum loop count is reached.
* - Introduced a new input parameter 'loopUpdateState' to allow updating the runtime state during workflow execution.
- Added a method to list runtime state keys for dynamic state management.
- Implemented logic to retrieve and utilize the current loop count in variable resolution.
- Updated the Loop Agentflow output to reflect the new state and final output content.
* fix gsuite tool params
* custom assistant only check for mandatory fields for visible params
* azure chat openai fix for gpt5
* return raw from executeJavaScriptCode
* add json5 for parsing
* azure chatopenai use maxCompletionTokens
* Fixed background color of file upload box in Chat configuration
* Refactor FileUpload to use useSelector for customization
* lint fix
---------
Co-authored-by: Henry Heng <henryheng@flowiseai.com>
* feat: Add agentflow name filter to executions page
- Add agentflow name text field to executions filter UI
- Implement backend filtering with case-insensitive partial matching
- Add database index on chat_flow.name for improved query performance
- Support filtering executions by agentflow name across all database types
* chore: Fix linting issues and remove screenshot
- Apply prettier formatting to migration files
- Fix formatting in executions service
- Remove accidentally committed screenshot file
* fix upser api for file loader
* - Introduced loaderName property in IDocumentStoreUpsertData interface.
- Updated upsertDocStore function to utilize loaderName if provided.
- Enhanced DocStoreAPIDialog to allow loaderName customization in API requests.
- Modified DocumentStoreDetail to display file names when available, improving source formatting logic.
* feature/bugfix: added otpional css selector to puppeteer web scraper, fixed error when puppeteerLoader does not work.
* feature: added button to add empty link in web scraper tools
* feature: added custom executable file path as an input to puppeteer to fix issues when puppeteer can not find/launch the browser.
* feature: added new puppeteer features to playwright aswell.
* fixed review comments
* - Added support for built-in OpenAI tools including web search, code interpreter, and image generation.
- Enhanced file handling by extracting artifacts and file annotations from response metadata.
- Implemented download functionality for file annotations in the UI.
- Updated chat history management to include additional kwargs for artifacts, file annotations, and used tools.
- Improved UI components to display used tools and file annotations effectively.
* remove redundant currentContainerId
* update comment
- Updated `validateMCPServerSecurity` to only allow whitelisted commands, removing the extensive list of dangerous commands.
- Introduced `validateArgsForLocalFileAccess` to check for potential local file access patterns and null byte injections.
- Updated `Supergateway_MCP` to utilize the new argument validation function.
- Added a warning in `CustomMCP` regarding upcoming changes to Remote MCP support.
* feat: Implement SSO token caching and retrieval in CachePool
This implementation improves the authentication process by securely caching SSO tokens and managing user sessions.
* Removed commented code
* feat: add deleteSSOTokenCache in ssoSuccess
---------
Co-authored-by: Ong Chung Yau <33013947+chungyau97@users.noreply.github.com>
Co-authored-by: chungyau97 <chungyau97@gmail.com>
Refactor account and evaluations routes to use POST for billing and run-again endpoints
- Changed the billing route from GET to POST in account.route.ts and account.api.js for consistency with other account actions.
- Updated the run-again route from GET to POST in evaluations/index.ts and evaluations.js to align with the API design for creating actions.
refactor: Update code execution sandbox implementation across components
- Replaced NodeVM usage with a new createCodeExecutionSandbox function for improved sandbox management.
- Enhanced JavaScript code execution with executeJavaScriptCode function, allowing for better handling of libraries and output streaming.
- Updated multiple components to utilize the new sandboxing approach, ensuring consistent execution environment.
- Added validation for UUIDs and URLs in various tools to enhance input safety.
- Refactored input handling in CustomFunction and IfElseFunction to streamline variable management.
Refactor: Update pnpm-lock.yaml and enhance UI components for safe HTML rendering
- Updated pnpm-lock.yaml to improve dependency management and ensure consistency.
- Refactored the JSONViewer component to utilize a new JsonToken for syntax highlighting.
- Introduced SafeHTML component to sanitize and safely render HTML content in ViewMessagesDialog and NodeExecutionDetails.
- Replaced direct HTML rendering with SafeHTML in ChatMessage component for enhanced security.
Enhance file upload capabilities by adding support for additional file types (html, css, js, xml, md, excel, powerpoint) and updating related MIME type mappings. Improve user interface for file type selection in FileUpload component.
* style enhancements
* Introduce autocomplete to select usecases
* add grid gap property
* add tooltip to display remaining selected items on hover
* use ordered list to show more items
* common pagination component
* Pagination for Doc Store Dashboard
* Pagination for Executions Dashboard
* Pagination Support for Tables
* lint fixes
* update view message dialog UI
* initial loading was ignoring the pagination counts
* 1) default page size change
2) ensure page limits are passed on load
3) co-pilot review comments (n+1 query)
4)
* 1) default page size change
2) ensure page limits are passed on load
3) co-pilot review comments (n+1 query)
4) refresh lists after insert/delete.
* Enhancement: Improve handling of empty responses in DocumentStore and API key services
- Added check for empty entities in DocumentStoreDTO.fromEntities to return an empty array.
- Updated condition in getAllDocumentStores to handle total count correctly, allowing for zero total.
- Refined logic in getAllApiKeys to check for empty keys and ensure correct API key retrieval.
- Adjusted UI components to safely handle potential undefined apiKeys array.
* Refresh API key list on pagination change
* Enhancement: Update pagination and filter handling across components
- Increased default items per page in AgentExecutions from 10 to 12.
- Improved JSON parsing for chat type and feedback type filters in ViewMessagesDialog.
- Enhanced execution filtering logic in AgentExecutions to ensure proper pagination and state management.
- Refactored filter section in AgentExecutions for better readability and functionality.
- Updated refresh logic in Agentflows to use the correct agentflow version.
* add workspaceId to removeAllChatMessages
* Refactor chat message retrieval logic for improved efficiency and maintainability
- Introduced a new `handleFeedbackQuery` function to streamline feedback-related queries.
- Enhanced pagination handling for session-based queries in `getMessagesWithFeedback`.
- Updated `ViewMessagesDialog` to sort messages in descending order by default.
- Simplified image rendering logic in `DocumentStoreTable` for better readability.
* - Update `validateChatflowAPIKey` and `validateAPIKey` functions to get the correct keys array
- Enhanced error handling in the `sanitizeExecution` function to ensure safe access to nested properties
* Refactor API key validation logic for improved accuracy and error handling
- Consolidated API key validation in `validateAPIKey` to return detailed validation results.
- Updated `validateFlowAPIKey` to streamline flow API key validation.
- Introduced `getApiKeyById` function in the API key service for better key retrieval.
- Removed unused function `getAllChatSessionsFromChatflow` from the chat message API.
---------
Co-authored-by: Henry <hzj94@hotmail.com>
Lê Nam Khánh
Håvard Homb
Henry Heng
Ilango
Kushal Bhana
anatolii burtsev
Mewyii
Ong Chung Yau
Vinod Kiran
Karl Stoney
Anoop P
Kang Nahoon
satyam