ack PR comments

apps/sim/app/api/knowledge/[id]/connectors/[connectorId]/documents/route.ts

@@ -84,7 +84,13 @@ export async function GET(request: NextRequest, { params }: RouteParams) {
             processingStatus: document.processingStatus,
           })
           .from(document)
-          .where(and(eq(document.connectorId, connectorId), eq(document.userExcluded, true)))
+          .where(
+            and(
+              eq(document.connectorId, connectorId),
+              eq(document.userExcluded, true),
+              isNull(document.deletedAt)
+            )
+          )
           .orderBy(document.filename)
       : []
 
@@ -130,6 +136,22 @@ export async function PATCH(request: NextRequest, { params }: RouteParams) {
       return NextResponse.json({ error: status === 404 ? 'Not found' : 'Unauthorized' }, { status })
     }
 
+    const connectorRows = await db
+      .select({ id: knowledgeConnector.id })
+      .from(knowledgeConnector)
+      .where(
+        and(
+          eq(knowledgeConnector.id, connectorId),
+          eq(knowledgeConnector.knowledgeBaseId, knowledgeBaseId),
+          isNull(knowledgeConnector.deletedAt)
+        )
+      )
+      .limit(1)
+
+    if (connectorRows.length === 0) {
+      return NextResponse.json({ error: 'Connector not found' }, { status: 404 })
+    }
+
     const body = await request.json()
     const parsed = PatchSchema.safeParse(body)
     if (!parsed.success) {

apps/sim/app/workspace/[workspaceId]/knowledge/[id]/components/add-connector-modal/add-connector-modal.tsx

@@ -66,7 +66,7 @@ export function AddConnectorModal({ open, onOpenChange, knowledgeBaseId }: AddCo
   )
 
   const { data: credentials = [], isLoading: credentialsLoading } = useOAuthCredentials(
-    connectorConfig?.oauth.provider,
+    connectorProviderId ?? undefined,
     Boolean(connectorConfig)
   )
 

apps/sim/connectors/confluence/confluence.ts

@@ -6,6 +6,13 @@ import { getConfluenceCloudId } from '@/tools/confluence/utils'
 
 const logger = createLogger('ConfluenceConnector')
 
+/**
+ * Escapes a value for use inside CQL double-quoted strings.
+ */
+function escapeCql(value: string): string {
+  return value.replace(/\\/g, '\\\\').replace(/"/g, '\\"')
+}
+
 /**
  * Strips HTML tags from content and decodes HTML entities.
  */
@@ -515,7 +522,7 @@ async function listDocumentsViaCql(
     .filter(Boolean)
 
   // Build CQL query
-  let cql = `space="${spaceKey}"`
+  let cql = `space="${escapeCql(spaceKey)}"`
 
   if (contentType === 'blogpost') {
     cql += ' AND type="blogpost"'
@@ -525,9 +532,9 @@ async function listDocumentsViaCql(
   // contentType === 'all' — no type filter
 
   if (labels.length === 1) {
-    cql += ` AND label="${labels[0]}"`
+    cql += ` AND label="${escapeCql(labels[0])}"`
   } else if (labels.length > 1) {
-    const labelList = labels.map((l) => `"${l}"`).join(',')
+    const labelList = labels.map((l) => `"${escapeCql(l)}"`).join(',')
     cql += ` AND label in (${labelList})`
   }
 

apps/sim/connectors/jira/jira.ts

@@ -8,6 +8,13 @@ const logger = createLogger('JiraConnector')
 
 const PAGE_SIZE = 50
 
+/**
+ * Escapes a value for use inside JQL double-quoted strings.
+ */
+function escapeJql(value: string): string {
+  return value.replace(/\\/g, '\\\\').replace(/"/g, '\\"')
+}
+
 /**
  * Computes a SHA-256 hash of the given content.
  */
@@ -140,9 +147,9 @@ export const jiraConnector: ConnectorConfig = {
 
     const cloudId = await getJiraCloudId(domain, accessToken)
 
-    let jql = `project = "${projectKey}" ORDER BY updated DESC`
+    let jql = `project = "${escapeJql(projectKey)}" ORDER BY updated DESC`
     if (jqlFilter.trim()) {
-      jql = `project = "${projectKey}" AND (${jqlFilter.trim()}) ORDER BY updated DESC`
+      jql = `project = "${escapeJql(projectKey)}" AND (${jqlFilter.trim()}) ORDER BY updated DESC`
     }
 
     const startAt = cursor ? Number(cursor) : 0
@@ -256,7 +263,7 @@ export const jiraConnector: ConnectorConfig = {
 
       // Verify the project exists by running a minimal search
       const params = new URLSearchParams()
-      params.append('jql', `project = "${projectKey}"`)
+      params.append('jql', `project = "${escapeJql(projectKey)}"`)
       params.append('maxResults', '0')
 
       const url = `https://api.atlassian.com/ex/jira/${cloudId}/rest/api/3/search?${params.toString()}`