feat(access-control): add ALLOWED_INTEGRATIONS env var for self-hosted block restrictions

[waleedlatif1]

Summary

• Add ALLOWED_INTEGRATIONS server env var to restrict available blocks/integrations via allowlist
• Client fetches allowlist from /api/settings/allowed-integrations and merges with permission group config
• Server-side enforcement in validateBlockType blocks disallowed integrations at execution time
• Filters apply to sidebar, cmd-k, toolbar, copilot mentions, and tool input picker
• Empty = all allowed, set = only listed block types available

Type of Change

• New feature

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Feb 18, 2026 2:42am

[greptile-apps]

Greptile Summary

This PR adds an ALLOWED_INTEGRATIONS server environment variable that enables self-hosted deployments to restrict which block types/integrations are available to users. The implementation spans server-side enforcement (validateBlockType, copilot tools), client-side filtering (sidebar, cmd-k, toolbar, copilot mentions), and a new API endpoint for the client to fetch the env-based allowlist.

• New getAllowedIntegrationsFromEnv() function parses and lowercases the comma-separated env var
• Server-side mergeEnvAllowlist() intersects the env allowlist with any existing permission group config
• Client-side usePermissionConfig hook fetches the env allowlist via /api/settings/allowed-integrations and merges with permission group data
• All block type comparisons now use .toLowerCase() for case-insensitive matching
• integrations.tsx now normalizes service IDs (hyphen → underscore) to match block type format
• Comprehensive test coverage added for the new env allowlist behavior
• Helm chart updated with the new ALLOWED_INTEGRATIONS config option

Confidence Score: 4/5

• This PR is safe to merge with minor concerns around duplicated fallback patterns across copilot tools.
• The feature is well-designed with consistent server and client enforcement, case normalization, and good test coverage. The env allowlist merge logic is sound. Minor deductions for the repeated fallback pattern across multiple copilot tool files (could benefit from a shared helper) and a subtle inconsistency in the client-side intersectAllowlists that only lowercases one side of the intersection.
• apps/sim/ee/access-control/utils/permission-check.ts and apps/sim/hooks/use-permission-config.ts contain the core merge logic and deserve careful review.

Important Files Changed

Filename	Overview
apps/sim/app/api/settings/allowed-integrations/route.ts	New API route that serves the env-based integration allowlist. Includes session authentication. Simple and correct.
apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/integrations/integrations.tsx	Adds hyphen-to-underscore normalization for service ID comparison against the allowlist. Correctly bridges the service ID format (hyphens) to block type format (underscores).
apps/sim/ee/access-control/utils/permission-check.ts	Core logic for merging env allowlist with permission group config. Adds mergeEnvAllowlist function, updates validateBlockType to handle no-userId case, and applies case-insensitive matching.
apps/sim/ee/access-control/utils/permission-check.test.ts	New test suite covering IntegrationNotAllowedError, getUserPermissionConfig with env allowlist, validateBlockType with/without env allowlist, and service ID normalization.
apps/sim/hooks/use-permission-config.ts	Client-side hook now fetches env allowlist via API and merges it with permission group config using intersection logic. Adds useAllowedIntegrationsFromEnv and intersectAllowlists helpers.
apps/sim/lib/copilot/process-contents.ts	Updated processBlockMetadata to apply env allowlist fallback when userId is absent, and adds case-insensitive comparison for block IDs.
apps/sim/lib/core/config/feature-flags.ts	New getAllowedIntegrationsFromEnv function that parses and normalizes the ALLOWED_INTEGRATIONS env var to lowercase.

Flowchart

flowchart TD
    A["ALLOWED_INTEGRATIONS env var"] --> B["getAllowedIntegrationsFromEnv()"]
    B -->|"parse, lowercase, split"| C["string[] | null"]
    
    subgraph Server-Side
        C --> D["mergeEnvAllowlist()"]
        E["Permission Group Config"] --> D
        D -->|"intersect or fallback"| F["Merged PermissionGroupConfig"]
        F --> G["validateBlockType()"]
        F --> H["Copilot Server Tools"]
        F --> I["process-contents.ts"]
    end
    
    subgraph Client-Side
        C --> J["/api/settings/allowed-integrations"]
        J --> K["useAllowedIntegrationsFromEnv()"]
        K --> L["intersectAllowlists()"]
        M["useUserPermissionConfig()"] --> L
        L --> N["mergedAllowedIntegrations"]
        N --> O["Sidebar / Toolbar / Cmd-K"]
        N --> P["Copilot Mentions"]
        N --> Q["Integrations Settings"]
    end

Loading

_{Last reviewed commit: 4eaad05}

[greptile-apps]

_{6 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[greptile-apps]

_{7 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@cursor review

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[greptile-apps]

_{7 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[greptile-apps]

_{7 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[greptile-apps]

_{16 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Additional Comments (2)

apps/sim/lib/copilot/tools/server/blocks/get-blocks-and-tools.ts
Env allowlist not enforced when userId is absent

When context?.userId is undefined, permissionConfig is set to null, bypassing the ALLOWED_INTEGRATIONS env allowlist entirely. This means all integrations are shown in copilot when there's no user context (e.g., auth-disabled self-hosted deployments — the primary use case for ALLOWED_INTEGRATIONS).

The validateBlockType function handles this correctly on line 191 of permission-check.ts by falling back to mergeEnvAllowlist(null). The same pattern should be applied here.

    const permissionConfig = context?.userId ? await getUserPermissionConfig(context.userId) : null
    const envAllowlist = !context?.userId ? (await import('@/lib/core/config/feature-flags')).getAllowedIntegrationsFromEnv() : null
    const allowedIntegrations = permissionConfig?.allowedIntegrations ?? envAllowlist

---

apps/sim/lib/copilot/process-contents.ts
Env allowlist not enforced when userId is absent

When userId is undefined, this block is skipped entirely, so the ALLOWED_INTEGRATIONS env var has no effect on copilot block mentions. The same bypass exists in all the copilot server tools (get-block-config, get-block-options, get-blocks-metadata-tool, get-trigger-blocks).

Since ALLOWED_INTEGRATIONS is designed for self-hosted deployments (which may run with auth disabled and thus no userId), the env allowlist should be checked even when userId is absent. Consider restructuring to also call getAllowedIntegrationsFromEnv() in the no-userId branch, matching the pattern used in validateBlockType.

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[greptile-apps]

_{16 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR