Merge branch 'staging' into feat/workflow-as-mcp

Author: icecrasher321

apps/sim/app/api/billing/update-cost/route.ts

@@ -3,6 +3,7 @@ import { userStats } from '@sim/db/schema'
 import { eq, sql } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { logModelUsage } from '@/lib/billing/core/usage-log'
 import { checkAndBillOverageThreshold } from '@/lib/billing/threshold-billing'
 import { checkInternalApiKey } from '@/lib/copilot/utils'
 import { isBillingEnabled } from '@/lib/core/config/feature-flags'
@@ -14,6 +15,9 @@ const logger = createLogger('BillingUpdateCostAPI')
 const UpdateCostSchema = z.object({
   userId: z.string().min(1, 'User ID is required'),
   cost: z.number().min(0, 'Cost must be a non-negative number'),
+  model: z.string().min(1, 'Model is required'),
+  inputTokens: z.number().min(0).default(0),
+  outputTokens: z.number().min(0).default(0),
 })
 
 /**
@@ -71,11 +75,12 @@ export async function POST(req: NextRequest) {
       )
     }
 
-    const { userId, cost } = validation.data
+    const { userId, cost, model, inputTokens, outputTokens } = validation.data
 
     logger.info(`[${requestId}] Processing cost update`, {
       userId,
       cost,
+      model,
     })
 
     // Check if user stats record exists (same as ExecutionLogger)
@@ -107,6 +112,16 @@ export async function POST(req: NextRequest) {
       addedCost: cost,
     })
 
+    // Log usage for complete audit trail
+    await logModelUsage({
+      userId,
+      source: 'copilot',
+      model,
+      inputTokens,
+      outputTokens,
+      cost,
+    })
+
     // Check if user has hit overage threshold and bill incrementally
     await checkAndBillOverageThreshold(userId)
 

apps/sim/app/api/chat/[identifier]/route.ts

@@ -1,6 +1,6 @@
 import { randomUUID } from 'crypto'
 import { db } from '@sim/db'
-import { chat } from '@sim/db/schema'
+import { chat, workflow } from '@sim/db/schema'
 import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
@@ -94,6 +94,21 @@ export async function POST(
     if (!deployment.isActive) {
       logger.warn(`[${requestId}] Chat is not active: ${identifier}`)
 
+      const [workflowRecord] = await db
+        .select({ workspaceId: workflow.workspaceId })
+        .from(workflow)
+        .where(eq(workflow.id, deployment.workflowId))
+        .limit(1)
+
+      const workspaceId = workflowRecord?.workspaceId
+      if (!workspaceId) {
+        logger.warn(`[${requestId}] Cannot log: workflow ${deployment.workflowId} has no workspace`)
+        return addCorsHeaders(
+          createErrorResponse('This chat is currently unavailable', 403),
+          request
+        )
+      }
+
       const executionId = randomUUID()
       const loggingSession = new LoggingSession(
         deployment.workflowId,
@@ -104,7 +119,7 @@ export async function POST(
 
       await loggingSession.safeStart({
         userId: deployment.userId,
-        workspaceId: '', // Will be resolved if needed
+        workspaceId,
         variables: {},
       })
 
@@ -169,7 +184,14 @@ export async function POST(
 
     const { actorUserId, workflowRecord } = preprocessResult
     const workspaceOwnerId = actorUserId!
-    const workspaceId = workflowRecord?.workspaceId || ''
+    const workspaceId = workflowRecord?.workspaceId
+    if (!workspaceId) {
+      logger.error(`[${requestId}] Workflow ${deployment.workflowId} has no workspaceId`)
+      return addCorsHeaders(
+        createErrorResponse('Workflow has no associated workspace', 500),
+        request
+      )
+    }
 
     try {
       const selectedOutputs: string[] = []

apps/sim/app/api/logs/export/route.ts

@@ -57,7 +57,7 @@ export async function GET(request: NextRequest) {
       workflowName: workflow.name,
     }
 
-    let conditions: SQL | undefined = eq(workflow.workspaceId, params.workspaceId)
+    let conditions: SQL | undefined = eq(workflowExecutionLogs.workspaceId, params.workspaceId)
 
     if (params.level && params.level !== 'all') {
       const levels = params.level.split(',').filter(Boolean)
@@ -134,7 +134,7 @@ export async function GET(request: NextRequest) {
                 permissions,
                 and(
                   eq(permissions.entityType, 'workspace'),
-                  eq(permissions.entityId, workflow.workspaceId),
+                  eq(permissions.entityId, workflowExecutionLogs.workspaceId),
                   eq(permissions.userId, userId)
                 )
               )

apps/sim/app/api/logs/route.ts

@@ -130,6 +130,8 @@ export async function GET(request: NextRequest) {
               deploymentVersionName: sql<null>`NULL`,
             }
 
+      const workspaceFilter = eq(workflowExecutionLogs.workspaceId, params.workspaceId)
+
       const baseQuery = db
         .select(selectColumns)
         .from(workflowExecutionLogs)
@@ -141,18 +143,12 @@ export async function GET(request: NextRequest) {
           workflowDeploymentVersion,
           eq(workflowDeploymentVersion.id, workflowExecutionLogs.deploymentVersionId)
         )
-        .innerJoin(
-          workflow,
-          and(
-            eq(workflowExecutionLogs.workflowId, workflow.id),
-            eq(workflow.workspaceId, params.workspaceId)
-          )
-        )
+        .innerJoin(workflow, eq(workflowExecutionLogs.workflowId, workflow.id))
         .innerJoin(
           permissions,
           and(
             eq(permissions.entityType, 'workspace'),
-            eq(permissions.entityId, workflow.workspaceId),
+            eq(permissions.entityId, workflowExecutionLogs.workspaceId),
             eq(permissions.userId, userId)
           )
         )
@@ -300,7 +296,7 @@ export async function GET(request: NextRequest) {
       }
 
       const logs = await baseQuery
-        .where(conditions)
+        .where(and(workspaceFilter, conditions))
         .orderBy(desc(workflowExecutionLogs.startedAt))
         .limit(params.limit)
         .offset(params.offset)
@@ -312,22 +308,16 @@ export async function GET(request: NextRequest) {
           pausedExecutions,
           eq(pausedExecutions.executionId, workflowExecutionLogs.executionId)
         )
-        .innerJoin(
-          workflow,
-          and(
-            eq(workflowExecutionLogs.workflowId, workflow.id),
-            eq(workflow.workspaceId, params.workspaceId)
-          )
-        )
+        .innerJoin(workflow, eq(workflowExecutionLogs.workflowId, workflow.id))
         .innerJoin(
           permissions,
           and(
             eq(permissions.entityType, 'workspace'),
-            eq(permissions.entityId, workflow.workspaceId),
+            eq(permissions.entityId, workflowExecutionLogs.workspaceId),
             eq(permissions.userId, userId)
           )
         )
-        .where(conditions)
+        .where(and(eq(workflowExecutionLogs.workspaceId, params.workspaceId), conditions))
 
       const countResult = await countQuery
 

apps/sim/app/api/logs/triggers/route.ts

@@ -1,5 +1,5 @@
 import { db } from '@sim/db'
-import { permissions, workflow, workflowExecutionLogs } from '@sim/db/schema'
+import { permissions, workflowExecutionLogs } from '@sim/db/schema'
 import { and, eq, isNotNull, sql } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
@@ -42,23 +42,17 @@ export async function GET(request: NextRequest) {
           trigger: workflowExecutionLogs.trigger,
         })
         .from(workflowExecutionLogs)
-        .innerJoin(
-          workflow,
-          and(
-            eq(workflowExecutionLogs.workflowId, workflow.id),
-            eq(workflow.workspaceId, params.workspaceId)
-          )
-        )
         .innerJoin(
           permissions,
           and(
             eq(permissions.entityType, 'workspace'),
-            eq(permissions.entityId, workflow.workspaceId),
+            eq(permissions.entityId, workflowExecutionLogs.workspaceId),
             eq(permissions.userId, userId)
           )
         )
         .where(
           and(
+            eq(workflowExecutionLogs.workspaceId, params.workspaceId),
             isNotNull(workflowExecutionLogs.trigger),
             sql`${workflowExecutionLogs.trigger} NOT IN ('api', 'manual', 'webhook', 'chat', 'schedule')`
           )

apps/sim/app/api/users/me/usage-logs/route.ts

@@ -0,0 +1,105 @@
+import { type NextRequest, NextResponse } from 'next/server'
+import { z } from 'zod'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
+import { getUserUsageLogs, type UsageLogSource } from '@/lib/billing/core/usage-log'
+import { createLogger } from '@/lib/logs/console/logger'
+
+const logger = createLogger('UsageLogsAPI')
+
+const QuerySchema = z.object({
+  source: z.enum(['workflow', 'wand', 'copilot']).optional(),
+  workspaceId: z.string().optional(),
+  period: z.enum(['1d', '7d', '30d', 'all']).optional().default('30d'),
+  limit: z.coerce.number().min(1).max(100).optional().default(50),
+  cursor: z.string().optional(),
+})
+
+/**
+ * GET /api/users/me/usage-logs
+ * Get usage logs for the authenticated user
+ */
+export async function GET(req: NextRequest) {
+  try {
+    const auth = await checkHybridAuth(req, { requireWorkflowId: false })
+
+    if (!auth.success || !auth.userId) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+    }
+
+    const userId = auth.userId
+
+    const { searchParams } = new URL(req.url)
+    const queryParams = {
+      source: searchParams.get('source') || undefined,
+      workspaceId: searchParams.get('workspaceId') || undefined,
+      period: searchParams.get('period') || '30d',
+      limit: searchParams.get('limit') || '50',
+      cursor: searchParams.get('cursor') || undefined,
+    }
+
+    const validation = QuerySchema.safeParse(queryParams)
+
+    if (!validation.success) {
+      return NextResponse.json(
+        {
+          error: 'Invalid query parameters',
+          details: validation.error.issues,
+        },
+        { status: 400 }
+      )
+    }
+
+    const { source, workspaceId, period, limit, cursor } = validation.data
+
+    let startDate: Date | undefined
+    const endDate = new Date()
+
+    if (period !== 'all') {
+      startDate = new Date()
+      switch (period) {
+        case '1d':
+          startDate.setDate(startDate.getDate() - 1)
+          break
+        case '7d':
+          startDate.setDate(startDate.getDate() - 7)
+          break
+        case '30d':
+          startDate.setDate(startDate.getDate() - 30)
+          break
+      }
+    }
+
+    const result = await getUserUsageLogs(userId, {
+      source: source as UsageLogSource | undefined,
+      workspaceId,
+      startDate,
+      endDate,
+      limit,
+      cursor,
+    })
+
+    logger.debug('Retrieved usage logs', {
+      userId,
+      source,
+      period,
+      logCount: result.logs.length,
+      hasMore: result.pagination.hasMore,
+    })
+
+    return NextResponse.json({
+      success: true,
+      ...result,
+    })
+  } catch (error) {
+    logger.error('Failed to get usage logs', {
+      error: error instanceof Error ? error.message : String(error),
+    })
+
+    return NextResponse.json(
+      {
+        error: 'Failed to retrieve usage logs',
+      },
+      { status: 500 }
+    )
+  }
+}

apps/sim/app/api/v1/logs/filters.ts

@@ -25,8 +25,7 @@ export interface LogFilters {
 export function buildLogFilters(filters: LogFilters): SQL<unknown> {
   const conditions: SQL<unknown>[] = []
 
-  // Required: workspace and permissions check
-  conditions.push(eq(workflow.workspaceId, filters.workspaceId))
+  conditions.push(eq(workflowExecutionLogs.workspaceId, filters.workspaceId))
 
   // Cursor-based pagination
   if (filters.cursor) {

apps/sim/app/api/v1/logs/route.ts

@@ -105,7 +105,6 @@ export async function GET(request: NextRequest) {
     const conditions = buildLogFilters(filters)
     const orderBy = getOrderBy(params.order)
 
-    // Build and execute query
     const baseQuery = db
       .select({
         id: workflowExecutionLogs.id,
@@ -124,13 +123,7 @@ export async function GET(request: NextRequest) {
         workflowDescription: workflow.description,
       })
       .from(workflowExecutionLogs)
-      .innerJoin(
-        workflow,
-        and(
-          eq(workflowExecutionLogs.workflowId, workflow.id),
-          eq(workflow.workspaceId, params.workspaceId)
-        )
-      )
+      .innerJoin(workflow, eq(workflowExecutionLogs.workflowId, workflow.id))
       .innerJoin(
         permissions,
         and(
@@ -197,11 +190,8 @@ export async function GET(request: NextRequest) {
       return result
     })
 
-    // Get user's workflow execution limits and usage
     const limits = await getUserLimits(userId)
 
-    // Create response with limits information
-    // The rateLimit object from checkRateLimit is for THIS API endpoint's rate limits
     const response = createApiResponse(
       {
         data: formattedLogs,