@@ -29,19 +29,16 @@ export interface ScanResult {
2929 error ?: string ;
3030}
3131
32+ export class ConnectionNotFoundError extends Error {
33+ constructor ( ) {
34+ super ( 'Connection not found' ) ;
35+ }
36+ }
37+
3238@Injectable ( )
3339export class CloudSecurityService {
3440 private readonly logger = new Logger ( CloudSecurityService . name ) ;
3541
36- // Track which organization owns each trigger.dev run for authorization
37- private readonly runOwnership = new Map <
38- string ,
39- { organizationId : string ; createdAt : number }
40- > ( ) ;
41-
42- // Clean up stale entries older than 10 minutes
43- private readonly RUN_OWNERSHIP_TTL_MS = 10 * 60 * 1000 ;
44-
4542 constructor (
4643 private readonly credentialVaultService : CredentialVaultService ,
4744 private readonly oauthCredentialsService : OAuthCredentialsService ,
@@ -259,49 +256,36 @@ export class CloudSecurityService {
259256 runId : handle . id ,
260257 } ) ;
261258
262- // Track ownership for authorization on status checks
263- this . runOwnership . set ( handle . id , {
264- organizationId,
265- createdAt : Date . now ( ) ,
266- } ) ;
267- this . cleanupStaleRuns ( ) ;
268-
269259 return { runId : handle . id } ;
270260 }
271261
272262 async getRunStatus (
273263 runId : string ,
264+ connectionId : string ,
274265 organizationId : string ,
275266 ) : Promise < { completed : boolean ; success : boolean ; output : unknown } > {
276- // Verify the caller's organization owns this run
277- const ownership = this . runOwnership . get ( runId ) ;
278- if ( ! ownership || ownership . organizationId !== organizationId ) {
279- throw new Error ( 'Run not found' ) ;
267+ // Verify the connection belongs to the caller's organization
268+ const connection = await db . integrationConnection . findFirst ( {
269+ where : {
270+ id : connectionId ,
271+ organizationId,
272+ } ,
273+ select : { id : true } ,
274+ } ) ;
275+
276+ if ( ! connection ) {
277+ throw new ConnectionNotFoundError ( ) ;
280278 }
281279
282280 const run = await runs . retrieve ( runId ) ;
283281
284- // Clean up completed runs from the ownership map
285- if ( run . isCompleted ) {
286- this . runOwnership . delete ( runId ) ;
287- }
288-
289282 return {
290283 completed : run . isCompleted ,
291284 success : run . isCompleted ? run . isSuccess : false ,
292285 output : run . isCompleted ? run . output : null ,
293286 } ;
294287 }
295288
296- private cleanupStaleRuns ( ) : void {
297- const now = Date . now ( ) ;
298- for ( const [ runId , entry ] of this . runOwnership ) {
299- if ( now - entry . createdAt > this . RUN_OWNERSHIP_TTL_MS ) {
300- this . runOwnership . delete ( runId ) ;
301- }
302- }
303- }
304-
305289 private async storeFindings (
306290 connectionId : string ,
307291 provider : string ,
0 commit comments