security: fix IDOR and privilege escalation in set_default_provider

- Add tenant_id verification to prevent IDOR attacks - Add admin check for enterprise tenant-wide default changes - Preserve non-enterprise behavior (users can set own defaults)
2026-05-06 10:28:10 +08:00 · 2026-01-26 16:00:43 -08:00
parent 57721225b9
commit 69b11cc364
2 changed files with 13 additions and 4 deletions
--- a/api/controllers/console/workspace/tool_providers.py
+++ b/api/controllers/console/workspace/tool_providers.py
@ -825,7 +825,11 @@ class ToolBuiltinProviderSetDefaultApi(Resource):
        current_user, current_tenant_id = current_account_with_tenant()
        args = parser_default_cred.parse_args()
        return BuiltinToolManageService.set_default_provider(
-            tenant_id=current_tenant_id, user_id=current_user.id, provider=provider, id=args["id"]
+            tenant_id=current_tenant_id,
+            user_id=current_user.id,
+            provider=provider,
+            id=args["id"],
+            account=current_user,
        )