🐛 fix(schema.py): handle empty list case in tags_to_list method to prevent potential errors

🐛 fix(service.py): add validation for missing API key when filter_by_user is True to avoid unauthorized access
2023-10-30 19:50:39 -03:00 · 2023-10-30 19:50:39 -03:00 · 127721e986
commit 127721e986
parent 5f2bfba9e3
2 changed files with 5 additions and 1 deletions
--- a/src/backend/langflow/services/store/schema.py
+++ b/src/backend/langflow/services/store/schema.py
@ -53,6 +53,8 @@ class ListComponentResponse(BaseModel):
    def tags_to_list(cls, v):
        # Check if all values are have id and name
        # if so, return v else transform to TagResponse
+        if not v:
+            return v
        if all(["id" in tag and "name" in tag for tag in v]):
            return v
        else:
--- a/src/backend/langflow/services/store/service.py
+++ b/src/backend/langflow/services/store/service.py
@ -168,8 +168,10 @@ class StoreService(Service):

        # Only public components or the ones created by the user
        # check for "public" or "Public"
+        if filter_by_user and not api_key:
+            raise ValueError("No API key provided")

-        if filter_by_user:
+        if filter_by_user and api_key:
            user_data = self._get(
                f"{self.base_url}/users/me", api_key, params={"fields": "id"}
            )