address comments and rebase

Author: henrypark133

crates/api/src/routes/vector_stores.rs

@@ -12,8 +12,8 @@ use crate::{
     models::{
         CreateVectorStoreFileBatchRequest, CreateVectorStoreFileRequest, CreateVectorStoreRequest,
         ErrorResponse, ModifyVectorStoreRequest, UpdateVectorStoreFileAttributesRequest,
-        VectorStoreDeleteResponse, VectorStoreFileDeleteResponse, VectorStoreFileListResponse,
-        VectorStoreFileObject, VectorStoreFileBatchObject, VectorStoreListResponse,
+        VectorStoreDeleteResponse, VectorStoreFileBatchObject, VectorStoreFileDeleteResponse,
+        VectorStoreFileListResponse, VectorStoreFileObject, VectorStoreListResponse,
         VectorStoreObject, VectorStoreSearchRequest, VectorStoreSearchResponse,
     },
     routes::api::AppState,
@@ -594,13 +594,24 @@ pub async fn create_vector_store_file_batch(
 ) -> Result<Json<Value>, (StatusCode, Json<ErrorResponse>)> {
     let vs_uuid = parse_uuid_with_prefix(&vector_store_id, PREFIX_VS)?;
 
-    // Try file_ids first, then files as fallback
+    // Enforce mutual exclusivity: only one of file_ids or files is allowed
+    let has_file_ids = body.get("file_ids").and_then(|v| v.as_array()).is_some();
+    let has_files = body.get("files").and_then(|v| v.as_array()).is_some();
+
+    if has_file_ids && has_files {
+        return Err((
+            StatusCode::BAD_REQUEST,
+            Json(ErrorResponse::new(
+                "file_ids and files are mutually exclusive; provide only one".to_string(),
+                "invalid_request_error".to_string(),
+            )),
+        ));
+    }
+
     let file_id_strs: Vec<&Value> =
         if let Some(file_ids) = body.get("file_ids").and_then(|v| v.as_array()) {
-            // Use file_ids array directly
             file_ids.iter().collect()
         } else if let Some(files) = body.get("files").and_then(|v| v.as_array()) {
-            // Extract file_id from each file spec in files array
             files.iter().collect()
         } else {
             return Err((

…rations/sql/V0044__add_vector_stores.sql …rations/sql/V0045__add_vector_stores.sqlcrates/database/src/migrations/sql/V0044__add_vector_stores.sql renamed to crates/database/src/migrations/sql/V0045__add_vector_stores.sql crates/database/src/migrations/sql/V0044__add_vector_stores.sql renamed to crates/database/src/migrations/sql/V0045__add_vector_stores.sql

@@ -477,34 +477,4 @@ impl FileRepositoryTrait for FileRepository {
     ) -> Result<Vec<File>, RepositoryError> {
         self.get_by_ids_and_workspace(ids, workspace_id).await
     }
-
-    async fn verify_workspace_ownership(
-        &self,
-        file_ids: &[Uuid],
-        workspace_id: Uuid,
-    ) -> Result<bool, RepositoryError> {
-        if file_ids.is_empty() {
-            return Ok(true);
-        }
-
-        let count: i64 = retry_db!("verify_file_workspace_ownership", {
-            let client = self
-                .pool
-                .get()
-                .await
-                .context("Failed to get database connection")
-                .map_err(RepositoryError::PoolError)?;
-
-            client
-                .query_one(
-                    "SELECT COUNT(*) AS cnt FROM files WHERE id = ANY($1) AND workspace_id = $2",
-                    &[&file_ids, &workspace_id],
-                )
-                .await
-                .map_err(map_db_error)
-        })?
-        .get("cnt");
-
-        Ok(count == file_ids.len() as i64)
-    }
 }

crates/database/src/repositories/file.rs

@@ -81,12 +81,4 @@ pub trait FileRepositoryTrait: Send + Sync {
         ids: &[Uuid],
         workspace_id: Uuid,
     ) -> Result<Vec<File>, RepositoryError>;
-
-    /// Verify that ALL given file IDs belong to the specified workspace.
-    /// Returns true if all files exist and belong to the workspace, false otherwise.
-    async fn verify_workspace_ownership(
-        &self,
-        file_ids: &[Uuid],
-        workspace_id: Uuid,
-    ) -> Result<bool, RepositoryError>;
 }

crates/services/src/files/ports.rs

@@ -27,9 +27,6 @@ pub const PREFIX_MCPR: &str = "mcpr_";
 /// Prefix for vector store IDs
 pub const PREFIX_VS: &str = "vs_";
 
-/// Prefix for vector store file IDs
-pub const PREFIX_VSF: &str = "vsf_";
-
 /// Prefix for vector store file batch IDs
 pub const PREFIX_VSFB: &str = "vsfb_";
 
@@ -43,6 +40,5 @@ pub const ALL_PREFIXES: &[&str] = &[
     PREFIX_SK,
     PREFIX_MCPR,
     PREFIX_VS,
-    PREFIX_VSF,
     PREFIX_VSFB,
 ];

crates/services/src/id_prefixes.rs

@@ -176,6 +176,41 @@ pub struct RagFileMetadataEntry {
     pub filename: String,
 }
 
+// ---------------------------------------------------------------------------
+// Typed filter structs for RAG passthrough (prevents mass assignment)
+// ---------------------------------------------------------------------------
+
+/// Allowed fields for POST /v1/vector_stores/{id} (modify).
+#[derive(Debug, Serialize, Deserialize)]
+struct ModifyVectorStoreFilter {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    name: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    expires_after: Option<Value>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    metadata: Option<HashMap<String, Value>>,
+}
+
+/// Allowed fields for POST /v1/vector_stores/{id}/search.
+#[derive(Debug, Serialize, Deserialize)]
+struct SearchVectorStoreFilter {
+    query: Value,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    max_num_results: Option<u32>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    filters: Option<Value>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    ranking_options: Option<Value>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    rewrite_query: Option<bool>,
+}
+
+/// Allowed fields for POST /v1/vector_stores/{id}/files/{file_id} (update attributes).
+#[derive(Debug, Serialize, Deserialize)]
+struct UpdateFileAttributesFilter {
+    attributes: HashMap<String, Value>,
+}
+
 // ---------------------------------------------------------------------------
 // Service Error
 // ---------------------------------------------------------------------------
@@ -530,9 +565,15 @@ impl VectorStoreServiceTrait for VectorStoreServiceImpl {
     ) -> Result<Value, VectorStoreServiceError> {
         self.verify_vs(vs_uuid, workspace_id).await?;
 
+        // Filter to allowed fields only (prevents mass assignment)
+        let typed: ModifyVectorStoreFilter = serde_json::from_value(body)
+            .map_err(|e| VectorStoreServiceError::InvalidParams(e.to_string()))?;
+        let filtered_body = serde_json::to_value(&typed)
+            .map_err(|e| VectorStoreServiceError::InvalidParams(e.to_string()))?;
+
         let mut response = self
             .rag
-            .update_vector_store(&vs_uuid.to_string(), body)
+            .update_vector_store(&vs_uuid.to_string(), filtered_body)
             .await?;
         add_id_prefixes(&mut response);
         Ok(response)
@@ -563,9 +604,15 @@ impl VectorStoreServiceTrait for VectorStoreServiceImpl {
     ) -> Result<Value, VectorStoreServiceError> {
         self.verify_vs(vs_uuid, workspace_id).await?;
 
+        // Filter to allowed fields only (prevents mass assignment)
+        let typed: SearchVectorStoreFilter = serde_json::from_value(body)
+            .map_err(|e| VectorStoreServiceError::InvalidParams(e.to_string()))?;
+        let filtered_body = serde_json::to_value(&typed)
+            .map_err(|e| VectorStoreServiceError::InvalidParams(e.to_string()))?;
+
         let mut response = self
             .rag
-            .search_vector_store(&vs_uuid.to_string(), body)
+            .search_vector_store(&vs_uuid.to_string(), filtered_body)
             .await?;
         add_id_prefixes(&mut response);
         Ok(response)
@@ -642,9 +689,15 @@ impl VectorStoreServiceTrait for VectorStoreServiceImpl {
         self.verify_vs(vs_uuid, workspace_id).await?;
         self.verify_file(file_uuid, workspace_id).await?;
 
+        // Filter to allowed fields only (prevents mass assignment)
+        let typed: UpdateFileAttributesFilter = serde_json::from_value(body)
+            .map_err(|e| VectorStoreServiceError::InvalidParams(e.to_string()))?;
+        let filtered_body = serde_json::to_value(&typed)
+            .map_err(|e| VectorStoreServiceError::InvalidParams(e.to_string()))?;
+
         let mut response = self
             .rag
-            .update_vs_file(&vs_uuid.to_string(), &file_uuid.to_string(), body)
+            .update_vs_file(&vs_uuid.to_string(), &file_uuid.to_string(), filtered_body)
             .await?;
         add_id_prefixes(&mut response);
         Ok(response)
@@ -684,6 +737,9 @@ impl VectorStoreServiceTrait for VectorStoreServiceImpl {
             .map_err(|e| VectorStoreServiceError::InvalidParams(e.to_string()))?;
 
         if let Some(obj) = rag_body.as_object_mut() {
+            // Remove unverified files field — only verified file_ids should reach RAG
+            obj.remove("files");
+
             // Replace file_ids with raw UUIDs
             let uuid_strings: Vec<Value> = file_uuids
                 .iter()