feat(microsoft-excel): add SharePoint drive support for Excel integration

[waleedlatif1]

Summary

• Add optional driveId parameter to all Microsoft Excel tools for SharePoint file access
• Add cascading site/drive selectors in basic mode (site → document library → spreadsheet → sheet)
• Add manual drive ID input in advanced mode
• Create /api/tools/microsoft_excel/drives route to list SharePoint document libraries
• Update file and sheet selectors to pass driveId context through the selector chain
• Fully backward-compatible — OneDrive users unaffected when driveId is omitted

Type of Change

• New feature

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Apr 14, 2026 10:42pm

[cursor]

PR Summary

Medium Risk
Adds SharePoint/drive-scoped Graph calls and new selector/API plumbing; mistakes in drive/site IDs or URL construction could break file/sheet discovery or tool execution for SharePoint users, while OneDrive remains the default path.

Overview
Adds optional SharePoint document library support to the Microsoft Excel integration by threading a new driveId through Excel tool params, selectors, and Graph API calls (falling back to me/drive when omitted).

Introduces a new /api/tools/microsoft_excel/drives endpoint plus a microsoft.excel.drives selector, and updates the Excel file and sheet selectors/UI to support a cascading site → drive → spreadsheet → sheet selection flow (with input validation for siteId/driveId).

Refactors Excel tool URL construction via getItemBasePath and updates metadata URL fetching (getSpreadsheetWebUrl) so reads/writes/table-add/worksheet-add work against either OneDrive items or SharePoint drives; docs are updated to document driveId for microsoft_excel_read/microsoft_excel_write.

^{Reviewed by Cursor Bugbot for commit f18af3c. Configure here.}

[greptile-apps]

Greptile Summary

This PR adds optional SharePoint drive support to the Microsoft Excel integration: a cascading site → document library → spreadsheet → sheet selector chain in basic mode, a manual driveId input in advanced mode, a new /api/tools/microsoft_excel/drives route to list document libraries, and driveId threading through all tool URL builders via the new getItemBasePath helper. The change is fully backward-compatible — existing OneDrive-based workflows are unaffected when driveId is omitted.

Confidence Score: 5/5

Safe to merge — no P0/P1 issues found; all previously reported security and logic concerns have been addressed.

All three security fixes from the prior round (siteId/driveId path-traversal validation, direct single-drive fetchById endpoint, driveId guard in the files route) are correctly implemented. The getItemBasePath helper consolidates drive-aware URL building cleanly, the dependsOn gates include credential in every any list so OneDrive users are never locked out, and the selector context correctly propagates driveId through the full chain. No fresh P0/P1 findings identified.

apps/sim/blocks/blocks/microsoft_excel.ts — dependsOn expressions are more complex than the original; worth a second read to confirm all mode combinations behave as expected.

Important Files Changed

Filename	Overview
apps/sim/app/api/tools/microsoft_excel/drives/route.ts	New route for listing/looking up SharePoint document libraries; validates siteId and driveId with regex before URL interpolation and handles both list and single-drive lookup in one endpoint.
apps/sim/blocks/blocks/microsoft_excel.ts	Adds site/drive selectors in basic mode and a manual driveId field in advanced mode; dependsOn gates include credential in every any list so OneDrive users are not locked out; siteId is correctly stripped from tool params.
apps/sim/hooks/selectors/registry.ts	Adds microsoft.excel.drives selector with correct enabled guard, fetchList using POST, and fetchById calling the direct single-drive endpoint; driveId threaded into microsoft.excel and microsoft.excel.sheets query keys.
apps/sim/tools/microsoft_excel/utils.ts	New getItemBasePath helper centralizes OneDrive vs SharePoint URL construction with driveId regex validation; getSpreadsheetWebUrl updated to accept optional driveId.
apps/sim/app/api/auth/oauth/microsoft/files/route.ts	Adds driveId query param with format validation before URL interpolation, routing search to the specified SharePoint drive when provided.
apps/sim/app/api/tools/microsoft_excel/sheets/route.ts	Adds driveId query param with validation; worksheets endpoint now uses /drives/{driveId}/items/{id} path when driveId is present.
apps/sim/tools/microsoft_excel/read.ts	All URL construction migrated to getItemBasePath; transformResponse now reads spreadsheetId/driveId from params instead of parsing response.url.
apps/sim/tools/microsoft_excel/write.ts	Same URL migration pattern as read.ts; driveId param added to both V1 and V2 write tools.
apps/sim/tools/microsoft_excel/table_add.ts	driveId support added; minor cleanup removes intermediate metadata object that was immediately destructured.
apps/sim/tools/microsoft_excel/worksheet_add.ts	driveId support added consistently with other tools; URL construction uses getItemBasePath.
apps/sim/tools/microsoft_excel/types.ts	driveId?: string added to all four tool param interfaces consistently.
apps/sim/hooks/selectors/types.ts	microsoft.excel.drives added to SelectorKey union; driveId?: string added to SelectorContext interface.
apps/sim/lib/workflows/subblocks/context.ts	driveId added to SELECTOR_CONTEXT_FIELDS, enabling it to flow from block params into selector context for downstream selectors.
apps/docs/content/docs/en/tools/microsoft_excel.mdx	driveId parameter documented for read and write tools; description accurately reflects optional nature and OneDrive fallback behavior.

Sequence Diagram

sequenceDiagram
    participant U as User (Basic Mode)
    participant SS as siteSelector
    participant DS as driveSelector
    participant FS as spreadsheetId selector
    participant SH as sheetName selector
    participant DR as /api/tools/microsoft_excel/drives
    participant MF as /api/auth/oauth/microsoft/files
    participant MS as /api/tools/microsoft_excel/sheets
    participant Graph as Microsoft Graph API

    U->>SS: Select SharePoint site
    SS-->>U: siteId set in context

    U->>DR: POST { credential, siteId }
    DR->>Graph: GET /sites/{siteId}/drives
    Graph-->>DR: drives[]
    DR-->>DS: { drives: [{id, name}] }
    DS-->>U: driveId set in context

    U->>MF: GET ?credentialId&driveId&query
    MF->>Graph: GET /drives/{driveId}/root/search(q=...)
    Graph-->>MF: files[]
    MF-->>FS: { files: [{id, name}] }
    FS-->>U: spreadsheetId set in context

    U->>MS: GET ?credentialId&spreadsheetId&driveId
    MS->>Graph: GET /drives/{driveId}/items/{id}/workbook/worksheets
    Graph-->>MS: worksheets[]
    MS-->>SH: { sheets: [{id, name}] }
    SH-->>U: sheetName set in context

    Note over U,Graph: On execution: getItemBasePath(spreadsheetId, driveId)

Loading

_{Reviews (5): Last reviewed commit: "lint" | Re-trigger Greptile}

[waleedlatif1]

@greptile

[waleedlatif1]

@cusror review

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[waleedlatif1]

@greptile

[waleedlatif1]

@cursor review

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

^{Reviewed by Cursor Bugbot for commit f18af3c. Configure here.}