fix(schedules): restore enabling/disabling of schedules, fix premature cron validation (#1807)

Author: waleedlatif1

apps/sim/app/api/schedules/[id]/route.ts

@@ -117,7 +117,7 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
     }
 
     const [workflowRecord] = await db
-      .select({ userId: workflow.userId })
+      .select({ userId: workflow.userId, workspaceId: workflow.workspaceId })
       .from(workflow)
       .where(eq(workflow.id, schedule.workflowId))
       .limit(1)
@@ -127,7 +127,18 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
       return NextResponse.json({ error: 'Workflow not found' }, { status: 404 })
     }
 
-    if (workflowRecord.userId !== session.user.id) {
+    let isAuthorized = workflowRecord.userId === session.user.id
+
+    if (!isAuthorized && workflowRecord.workspaceId) {
+      const userPermission = await getUserEntityPermissions(
+        session.user.id,
+        'workspace',
+        workflowRecord.workspaceId
+      )
+      isAuthorized = userPermission === 'write' || userPermission === 'admin'
+    }
+
+    if (!isAuthorized) {
       logger.warn(`[${requestId}] User not authorized to modify this schedule: ${scheduleId}`)
       return NextResponse.json({ error: 'Not authorized to modify this schedule' }, { status: 403 })
     }

apps/sim/app/api/schedules/route.ts

@@ -121,7 +121,7 @@ export async function GET(req: NextRequest) {
       .limit(1)
 
     const headers = new Headers()
-    headers.set('Cache-Control', 'max-age=30')
+    headers.set('Cache-Control', 'no-store, max-age=0')
 
     if (schedule.length === 0) {
       return NextResponse.json({ schedule: null }, { headers })
@@ -301,9 +301,13 @@ export async function POST(req: NextRequest) {
         time: scheduleTime || 'not specified',
       })
 
-      cronExpression = generateCronExpression(defaultScheduleType, scheduleValues)
+      const sanitizedScheduleValues =
+        defaultScheduleType !== 'custom'
+          ? { ...scheduleValues, cronExpression: null }
+          : scheduleValues
+
+      cronExpression = generateCronExpression(defaultScheduleType, sanitizedScheduleValues)
 
-      // Always validate the generated cron expression
       if (cronExpression) {
         const validation = validateCronExpression(cronExpression, timezone)
         if (!validation.isValid) {
@@ -318,7 +322,7 @@ export async function POST(req: NextRequest) {
         }
       }
 
-      nextRunAt = calculateNextRunTime(defaultScheduleType, scheduleValues)
+      nextRunAt = calculateNextRunTime(defaultScheduleType, sanitizedScheduleValues)
 
       logger.debug(
         `[${requestId}] Generated cron: ${cronExpression}, next run at: ${nextRunAt.toISOString()}`

apps/sim/lib/schedules/utils.ts

@@ -142,14 +142,6 @@ export function getScheduleTimeValues(starterBlock: BlockState): {
 
   const cronExpression = getSubBlockValue(starterBlock, 'cronExpression') || null
 
-  // Validate cron expression if provided
-  if (cronExpression) {
-    const validation = validateCronExpression(cronExpression)
-    if (!validation.isValid) {
-      throw new Error(`Invalid cron expression: ${validation.error}`)
-    }
-  }
-
   return {
     scheduleTime,
     scheduleStartAt,