fix(api): enforce ownership check for conversation delete (#32686)

2026-05-06 10:28:10 +08:00 · 2026-03-01 17:53:37 +08:00
parent f0f01c69aa
commit 53c62fde33
2 changed files with 41 additions and 2 deletions
--- a/api/services/conversation_service.py
+++ b/api/services/conversation_service.py
@ -180,6 +180,14 @@ class ConversationService:

    @classmethod
    def delete(cls, app_model: App, conversation_id: str, user: Union[Account, EndUser] | None):
+        """
+        Delete a conversation only if it belongs to the given user and app context.
+
+        Raises:
+            ConversationNotExistsError: When the conversation is not visible to the current user.
+        """
+        conversation = cls.get_conversation(app_model, conversation_id, user)
+
        try:
            logger.info(
                "Initiating conversation deletion for app_name %s, conversation_id: %s",
@ -187,10 +195,10 @@ class ConversationService:
                conversation_id,
            )

-            db.session.query(Conversation).where(Conversation.id == conversation_id).delete(synchronize_session=False)
+            db.session.delete(conversation)
            db.session.commit()

-            delete_conversation_related_data.delay(conversation_id)
+            delete_conversation_related_data.delay(conversation.id)

        except Exception as e:
            db.session.rollback()