Merge pull request #2566 from trycompai/fix/single-fix-security-hardening

tofikwest · web-flow · commit 44c5a786d421 · 2026-04-15T23:00:19.000-04:00
fix(cloud-tests): derive organizationId from session, remove acknowledgment default
diff --git a/apps/app/src/app/(app)/[orgId]/cloud-tests/actions/single-fix.ts b/apps/app/src/app/(app)/[orgId]/cloud-tests/actions/single-fix.ts
@@ -6,7 +6,6 @@ import { headers } from 'next/headers';
 
 interface SingleFixInput {
   connectionId: string;
-  organizationId: string;
   checkResultId: string;
   remediationKey: string;
   acknowledgment?: string;
@@ -24,9 +23,14 @@ export async function startSingleFix(
       return { error: 'Unauthorized' };
     }
 
+    const organizationId = session.session?.activeOrganizationId;
+    if (!organizationId) {
+      return { error: 'No active organization' };
+    }
+
     const handle = await tasks.trigger('remediate-single', {
       connectionId: input.connectionId,
-      organizationId: input.organizationId,
+      organizationId,
       checkResultId: input.checkResultId,
       remediationKey: input.remediationKey,
       userId: session.user.id,
diff --git a/apps/app/src/app/(app)/[orgId]/cloud-tests/components/RemediationDialog.tsx b/apps/app/src/app/(app)/[orgId]/cloud-tests/components/RemediationDialog.tsx
@@ -12,7 +12,6 @@ import {
 } from '@trycompai/ui/dialog';
 import { useRealtimeRun } from '@trigger.dev/react-hooks';
 import { AlertTriangle, ListOrdered, Loader2, RotateCcw } from 'lucide-react';
-import { useParams } from 'next/navigation';
 import { useCallback, useEffect, useRef, useState } from 'react';
 import { toast } from 'sonner';
 import { startSingleFix } from '../actions/single-fix';
@@ -269,7 +268,6 @@ export function RemediationDialog({
   onComplete,
 }: RemediationDialogProps) {
   const api = useApi();
-  const { orgId } = useParams<{ orgId: string }>();
   const [preview, setPreview] = useState<PreviewData | null>(null);
   const [isLoadingPreview, setIsLoadingPreview] = useState(false);
   const [isExecuting, setIsExecuting] = useState(false);
@@ -399,7 +397,6 @@ export function RemediationDialog({
     try {
       const result = await startSingleFix({
         connectionId,
-        organizationId: orgId,
         checkResultId,
         remediationKey,
         acknowledgment: acknowledgment ?? undefined,
diff --git a/apps/app/src/trigger/tasks/cloud-security/remediate-single.ts b/apps/app/src/trigger/tasks/cloud-security/remediate-single.ts
@@ -58,7 +58,7 @@ export const remediateSingle = task({
           connectionId,
           checkResultId,
           remediationKey,
-          acknowledgment: acknowledgment ?? 'acknowledged',
+          acknowledgment,
         }),
       });
 
