Skip to content

fix(deployment): resolve schedule to its service before permission check in allByType#4733

Merged
Siumauricio merged 1 commit into
canaryfrom
fix/schedule-deployments-401-permission-check
Jul 5, 2026
Merged

fix(deployment): resolve schedule to its service before permission check in allByType#4733
Siumauricio merged 1 commit into
canaryfrom
fix/schedule-deployments-401-permission-check

Conversation

@Siumauricio

Copy link
Copy Markdown
Contributor

Summary

  • deployment.allByType passed the raw scheduleId into checkServicePermissionAndAccess, which expects a service (application/compose) id, causing members with valid access to get a 401 when viewing a schedule's deployment history.
  • Mirrors the resolution pattern already used by killProcess, removeDeployment, and readLogs: resolve the schedule to its applicationId/composeId for the service-scoped check, or fall back to an organization-level check for serverId-based schedules.

Fixes #4641

…eck in allByType

Members with access to a schedule's application/compose got a 401 on
deployment.allByType because it passed the scheduleId straight into
checkServicePermissionAndAccess, which expects a service id.
@dosubot dosubot Bot added size:S This PR changes 10-29 lines, ignoring generated files. bug Something isn't working labels Jul 5, 2026
@Siumauricio Siumauricio merged commit 8a0e442 into canary Jul 5, 2026
0 of 4 checks passed
@Siumauricio Siumauricio deleted the fix/schedule-deployments-401-permission-check branch July 5, 2026 22:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working size:S This PR changes 10-29 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Members with service access get 401 on schedule deployments (deployment.allByType passes scheduleId to checkServicePermissionAndAccess)

1 participant