feat(canvas): added the ability to lock blocks

[waleedlatif1]

Summary

• added the ability to lock blocks

Type of Change

• Bug fix

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Feb 4, 2026 3:06am

[greptile-apps]

Greptile Overview

Greptile Summary

This PR implements a comprehensive block locking feature that prevents editing, deletion, and movement of workflow blocks. The implementation includes:

• Database schema change adding a locked boolean column to workflow_blocks
• Frontend lock/unlock UI in block menus and action bars (admin-only)
• Protection enforcement throughout the workflow editor:
  • Locked blocks cannot be dragged, deleted, renamed, or have edges modified
  • Blocks inside locked containers (loops/parallels) inherit protection
  • Duplicate blocks from locked containers are placed outside and unlocked
• Server-side validation prevents lock bypass via direct API calls
• Full collaborative editing support with real-time sync and undo/redo
• Comprehensive test coverage for lock behavior and edge cases

The lock feature cascades to children when locking loop/parallel containers, and provides clear user notifications when operations are blocked due to lock status.

Confidence Score: 4/5

• Safe to merge with one minor consideration about PR classification
• The implementation is comprehensive with strong test coverage and defense-in-depth validation on both frontend and backend. The logic is consistent across components, and edge cases are well-handled. Score is 4 instead of 5 due to the PR being labeled as a "Bug fix" when it's clearly a feature addition, though this doesn't affect code quality.
• No files require special attention - the implementation is solid across all modified files

Important Files Changed

Filename	Overview
apps/sim/stores/workflows/workflow/store.ts	Implemented lock logic in store actions: batchToggleEnabled/Handles skip locked blocks, duplicateBlock handles locked containers, added setBlockLocked and batchToggleLocked
apps/sim/socket/database/operations.ts	Added server-side lock enforcement: rename, add, remove, toggle, and parent updates check for locked blocks and locked parents
apps/sim/app/workspace/[workspaceId]/w/[workflowId]/utils/block-protection-utils.ts	New utility module with isBlockProtected, isEdgeProtected, and filterProtectedBlocks functions
apps/sim/app/workspace/[workspaceId]/w/[workflowId]/workflow.tsx	Integrated lock protection throughout workflow UI: draggable state, edge connections, deletion with user notifications, and lock toggle handler
apps/sim/hooks/use-collaborative-workflow.ts	Added collaborative lock operations with undo/redo support, filters locked blocks from enabled/handles toggles
apps/sim/hooks/use-undo-redo.ts	Implemented undo/redo for batch lock toggle, fixed toggle operations to use target state instead of negating previous states

Sequence Diagram

sequenceDiagram
    participant User
    participant UI as Workflow UI
    participant Store as Workflow Store
    participant Hook as Collaborative Hook
    participant Socket as Socket Server
    participant DB as Database
    
    Note over User,DB: Lock/Unlock Block Flow
    
    User->>UI: Right-click block(s) → Lock
    UI->>Hook: collaborativeBatchToggleLocked(blockIds)
    Hook->>Store: batchToggleLocked(blockIds)
    
    Note over Store: Collect blocks + children<br/>(if loop/parallel)
    Note over Store: Determine target: !firstBlock.locked
    
    Store->>Store: Update locked state for all blocks
    Hook->>Hook: Record undo/redo operation
    Hook->>Socket: Emit BATCH_TOGGLE_LOCKED operation
    Socket->>DB: Update workflow_blocks.locked
    Socket-->>Hook: Broadcast to collaborators
    Hook->>Store: Apply remote lock changes
    
    Note over User,DB: Protection Enforcement
    
    User->>UI: Try to delete locked block
    UI->>UI: filterProtectedBlocks()
    alt All blocks protected
        UI->>User: Show notification: Cannot delete locked blocks
    else Some protected
        UI->>User: Show notification: Skipped N protected blocks
        UI->>Hook: collaborativeBatchRemoveBlocks(deletableIds)
    end
    
    User->>UI: Try to drag locked block
    Note over UI: draggable={!isBlockProtected(id)}
    UI-->>User: Drag prevented (React Flow)
    
    User->>UI: Try to connect to locked block
    UI->>UI: isEdgeProtected(connection)
    UI->>User: Show notification: Cannot connect to locked blocks
    
    User->>UI: Try to rename locked block
    UI->>Hook: collaborativeUpdateBlockName()
    Hook->>Hook: Check if block.locked || parent.locked
    Hook->>User: Show notification: Cannot rename locked blocks
    
    Note over User,DB: Duplicate with Locked Parent
    
    User->>UI: Duplicate block inside locked loop
    UI->>Store: duplicateBlock(blockId)
    Store->>Store: Check if parent.locked
    Note over Store: Place outside container<br/>Remove parentId
    Store->>Store: Create unlocked duplicate
    Store->>UI: New block outside locked container

Loading

[greptile-apps]

_{7 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@greptile

[greptile-apps]

_{6 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}