feat(access-control): add ALLOWED_INTEGRATIONS env var for self-hosted block restrictions

waleedlatif1 · waleedlatif1 · commit 2f72a248a29e · 2026-02-17T15:56:33.000-08:00
diff --git a/apps/sim/app/api/settings/allowed-integrations/route.ts b/apps/sim/app/api/settings/allowed-integrations/route.ts
@@ -0,0 +1,8 @@
+import { NextResponse } from 'next/server'
+import { getAllowedIntegrationsFromEnv } from '@/lib/core/config/feature-flags'
+
+export async function GET() {
+  return NextResponse.json({
+    allowedIntegrations: getAllowedIntegrationsFromEnv(),
+  })
+}
diff --git a/apps/sim/ee/access-control/utils/permission-check.ts b/apps/sim/ee/access-control/utils/permission-check.ts
@@ -3,7 +3,11 @@ import { member, permissionGroup, permissionGroupMember } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { isOrganizationOnEnterprisePlan } from '@/lib/billing'
-import { isAccessControlEnabled, isHosted } from '@/lib/core/config/feature-flags'
+import {
+  getAllowedIntegrationsFromEnv,
+  isAccessControlEnabled,
+  isHosted,
+} from '@/lib/core/config/feature-flags'
 import {
   type PermissionGroupConfig,
   parsePermissionGroupConfig,
@@ -152,6 +156,12 @@ export async function validateBlockType(
     return
   }
 
+  const envAllowlist = getAllowedIntegrationsFromEnv()
+  if (envAllowlist !== null && !envAllowlist.includes(blockType)) {
+    logger.warn('Integration blocked by env allowlist', { blockType })
+    throw new IntegrationNotAllowedError(blockType)
+  }
+
   if (!userId) {
     return
   }
diff --git a/apps/sim/hooks/use-permission-config.ts b/apps/sim/hooks/use-permission-config.ts
@@ -1,6 +1,7 @@
 'use client'
 
 import { useMemo } from 'react'
+import { useQuery } from '@tanstack/react-query'
 import { getEnv, isTruthy } from '@/lib/core/config/env'
 import { isAccessControlEnabled, isHosted } from '@/lib/core/config/feature-flags'
 import {
@@ -21,12 +22,39 @@ export interface PermissionConfigResult {
   isInvitationsDisabled: boolean
 }
 
+interface AllowedIntegrationsResponse {
+  allowedIntegrations: string[] | null
+}
+
+function useAllowedIntegrationsFromEnv() {
+  return useQuery<AllowedIntegrationsResponse>({
+    queryKey: ['allowedIntegrations', 'env'],
+    queryFn: async () => {
+      const response = await fetch('/api/settings/allowed-integrations')
+      if (!response.ok) return { allowedIntegrations: null }
+      return response.json()
+    },
+    staleTime: 5 * 60 * 1000,
+  })
+}
+
+/**
+ * Intersects two allowlists. If either is null (unrestricted), returns the other.
+ * If both are set, returns only items present in both.
+ */
+function intersectAllowlists(a: string[] | null, b: string[] | null): string[] | null {
+  if (a === null) return b
+  if (b === null) return a
+  return a.filter((i) => b.includes(i))
+}
+
 export function usePermissionConfig(): PermissionConfigResult {
   const accessControlDisabled = !isHosted && !isAccessControlEnabled
   const { data: organizationsData } = useOrganizations()
   const activeOrganization = organizationsData?.activeOrganization
 
   const { data: permissionData, isLoading } = useUserPermissionConfig(activeOrganization?.id)
+  const { data: envAllowlistData } = useAllowedIntegrationsFromEnv()
 
   const config = useMemo(() => {
     if (accessControlDisabled) {
@@ -40,13 +68,18 @@ export function usePermissionConfig(): PermissionConfigResult {
 
   const isInPermissionGroup = !accessControlDisabled && !!permissionData?.permissionGroupId
 
+  const mergedAllowedIntegrations = useMemo(() => {
+    const envAllowlist = envAllowlistData?.allowedIntegrations ?? null
+    return intersectAllowlists(config.allowedIntegrations, envAllowlist)
+  }, [config.allowedIntegrations, envAllowlistData])
+
   const isBlockAllowed = useMemo(() => {
     return (blockType: string) => {
       if (blockType === 'start_trigger') return true
-      if (config.allowedIntegrations === null) return true
-      return config.allowedIntegrations.includes(blockType)
+      if (mergedAllowedIntegrations === null) return true
+      return mergedAllowedIntegrations.includes(blockType)
     }
-  }, [config.allowedIntegrations])
+  }, [mergedAllowedIntegrations])
 
   const isProviderAllowed = useMemo(() => {
     return (providerId: string) => {
@@ -57,13 +90,12 @@ export function usePermissionConfig(): PermissionConfigResult {
 
   const filterBlocks = useMemo(() => {
     return <T extends { type: string }>(blocks: T[]): T[] => {
-      if (config.allowedIntegrations === null) return blocks
+      if (mergedAllowedIntegrations === null) return blocks
       return blocks.filter(
-        (block) =>
-          block.type === 'start_trigger' || config.allowedIntegrations!.includes(block.type)
+        (block) => block.type === 'start_trigger' || mergedAllowedIntegrations.includes(block.type)
       )
     }
-  }, [config.allowedIntegrations])
+  }, [mergedAllowedIntegrations])
 
   const filterProviders = useMemo(() => {
     return (providerIds: string[]): string[] => {
diff --git a/apps/sim/lib/core/config/env.ts b/apps/sim/lib/core/config/env.ts
@@ -93,6 +93,7 @@ export const env = createEnv({
     EXA_API_KEY:                           z.string().min(1).optional(),           // Exa AI API key for enhanced online search
     BLACKLISTED_PROVIDERS:                 z.string().optional(),                  // Comma-separated provider IDs to hide (e.g., "openai,anthropic")
     BLACKLISTED_MODELS:                    z.string().optional(),                  // Comma-separated model names/prefixes to hide (e.g., "gpt-4,claude-*")
+    ALLOWED_INTEGRATIONS:                  z.string().optional(),                  // Comma-separated block types to allow (e.g., "slack,github,agent"). Empty = all allowed.
 
     // Azure Configuration - Shared credentials with feature-specific models
     AZURE_OPENAI_ENDPOINT:                 z.string().url().optional(),            // Shared Azure OpenAI service endpoint
diff --git a/apps/sim/lib/core/config/feature-flags.ts b/apps/sim/lib/core/config/feature-flags.ts
@@ -123,6 +123,18 @@ export const isReactGrabEnabled = isDev && isTruthy(env.REACT_GRAB_ENABLED)
  */
 export const isReactScanEnabled = isDev && isTruthy(env.REACT_SCAN_ENABLED)
 
+/**
+ * Returns the parsed allowlist of integration block types from the environment variable.
+ * If not set or empty, returns null (meaning all integrations are allowed).
+ */
+export function getAllowedIntegrationsFromEnv(): string[] | null {
+  if (!env.ALLOWED_INTEGRATIONS) return null
+  const parsed = env.ALLOWED_INTEGRATIONS.split(',')
+    .map((i) => i.trim().toLowerCase())
+    .filter(Boolean)
+  return parsed.length > 0 ? parsed : null
+}
+
 /**
  * Get cost multiplier based on environment
  */
diff --git a/helm/sim/values.yaml b/helm/sim/values.yaml
@@ -194,6 +194,9 @@ app:
     BLACKLISTED_PROVIDERS: ""                            # Comma-separated provider IDs to hide from UI (e.g., "openai,anthropic,google")
     BLACKLISTED_MODELS: ""                               # Comma-separated model names/prefixes to hide (e.g., "gpt-4,claude-*")
 
+    # Integration/Block Restrictions (leave empty if not restricting)
+    ALLOWED_INTEGRATIONS: ""                             # Comma-separated block types to allow (e.g., "slack,github,agent"). Empty = all allowed.
+
     # Invitation Control
     DISABLE_INVITATIONS: ""                              # Set to "true" to disable workspace invitations globally
     NEXT_PUBLIC_DISABLE_INVITATIONS: ""                  # Set to "true" to hide invitation UI elements
