feat: Implement company code validation in flow management

- Enhanced the FlowController to include user company code validation for flow definitions, ensuring that users can only access and modify flows belonging to their company.
- Updated the FlowDefinitionService to accept company code as a parameter for create, update, and delete operations, enforcing ownership checks.
- Introduced sanitization methods in FlowConditionParser to prevent SQL injection for column and table names.
- Modified the FlowDataMoveService to validate table names and column names during data movement operations, enhancing security.
- Updated the frontend components to support batch data movement with proper validation and error handling.

This commit is contained in:

kjs

2026-03-03 10:38:38 +09:00

parent e2d88f01e3

commit fd5c61b12a

9 changed files with 207 additions and 56 deletions

									
										frontend/types/flow.ts
									
		+1
		
												View File
												
				@@ -235,6 +235,7 @@ export interface FlowStepDataList {

				export interface MoveDataRequest {

				  flowId: number;

				  fromStepId: number;

				  recordId: string;

				  toStepId: number;

				  note?: string;