curo/kite - kite - Gitea: Git with a cup of tea

curo/kite

Fork 0

Commit Graph

Author	SHA1	Message	Date
curo1305	b28bb01995	feat(03-03): add get_regular_user dep; wire auth + ownership into /api/documents/* - Add get_regular_user FastAPI dep (rejects admin with 403) to deps/auth.py - Wire Depends(get_regular_user) into all 6 /api/documents/* handlers - upload-url: replace null-user/... object_key with str(current_user.id)/...; set user_id=current_user.id - confirm: remove Wave 2 doc.user_id is None guard — quota runs unconditionally; add ownership assertion (404 on cross-user) - list: filter by user_id=current_user.id via storage.list_metadata(user_id=...) - get/delete/classify: ownership assertion (doc.user_id != current_user.id → 404) - storage.list_metadata: add required user_id param + Document.user_id == user_id filter - storage.delete_document: remove if doc.user_id is not None guard; use CASE WHEN for SQLite-compat quota decrement - Tests: update existing tests to pass auth headers; implement test_cross_user_access_404, test_admin_cannot_access_documents, test_documents_require_auth; mark test_confirm_endpoint xfail(strict=False) for SQLite UUID mismatch	2026-05-23 20:05:34 +02:00
curo1305	c4613b6b87	feat(02-01): implement deps/auth.py FastAPI dependency chain with tests - get_current_user: validates Bearer JWT via decode_access_token, loads User from DB raises HTTP 401 on invalid/expired token, missing user, or deactivated account - get_current_admin: wraps get_current_user, raises HTTP 403 on role != 'admin' (T-02-07) - Admin impersonation architecturally excluded (ADMIN-07, T-02-08) — no code path bypasses role check - tests/test_auth_deps.py: 7 tests covering happy path, tampered token, inactive user, 403 non-admin, 200 admin	2026-05-22 19:25:16 +02:00

Author

SHA1

Message

Date

curo1305

b28bb01995

feat(03-03): add get_regular_user dep; wire auth + ownership into /api/documents/*

- Add get_regular_user FastAPI dep (rejects admin with 403) to deps/auth.py
- Wire Depends(get_regular_user) into all 6 /api/documents/* handlers
- upload-url: replace null-user/... object_key with str(current_user.id)/...; set user_id=current_user.id
- confirm: remove Wave 2 doc.user_id is None guard — quota runs unconditionally; add ownership assertion (404 on cross-user)
- list: filter by user_id=current_user.id via storage.list_metadata(user_id=...)
- get/delete/classify: ownership assertion (doc.user_id != current_user.id → 404)
- storage.list_metadata: add required user_id param + Document.user_id == user_id filter
- storage.delete_document: remove if doc.user_id is not None guard; use CASE WHEN for SQLite-compat quota decrement
- Tests: update existing tests to pass auth headers; implement test_cross_user_access_404, test_admin_cannot_access_documents, test_documents_require_auth; mark test_confirm_endpoint xfail(strict=False) for SQLite UUID mismatch

2026-05-23 20:05:34 +02:00

curo1305

c4613b6b87

feat(02-01): implement deps/auth.py FastAPI dependency chain with tests

- get_current_user: validates Bearer JWT via decode_access_token, loads User from DB
  raises HTTP 401 on invalid/expired token, missing user, or deactivated account
- get_current_admin: wraps get_current_user, raises HTTP 403 on role != 'admin' (T-02-07)
- Admin impersonation architecturally excluded (ADMIN-07, T-02-08) — no code path bypasses role check
- tests/test_auth_deps.py: 7 tests covering happy path, tampered token, inactive user, 403 non-admin, 200 admin

2026-05-22 19:25:16 +02:00

2 Commits