curo/kite - kite - Gitea: Git with a cup of tea

curo/kite

Fork 0

Commit Graph

Author	SHA1	Message	Date
curo1305	5950a3f5c2	feat(03-03): wire get_current_user into /api/topics/*; add load_topics_for_user; POST /api/admin/topics - api/topics.py: add get_current_user dep to all 5 handlers (list, create, update, delete, suggest) - list_topics: uses load_topics_for_user (system topics + user's own) with user-scoped doc counts - create_topic: passes user_id=current_user.id (never creates system topics via regular endpoint) - update_topic/delete_topic: ownership assertion — system topics and other users' topics return 404 - api/admin.py: add SystemTopicCreate model + POST /api/admin/topics (user_id=NULL, admin-only) - services/storage.py: add or_ import; load_topics_for_user (D-17); create_topic gains user_id param with namespace-scoped dedup; topic_doc_counts gains optional user_id for user-scoped counts; add load_topics_for_user to __all__ - services/classifier.py: replace load_topics with load_topics_for_user(doc.user_id); pass user_id=doc.user_id to create_topic for AI-suggested topics (D-11) - Tests: update all topic tests to pass auth headers; implement test_topic_namespace, test_admin_create_system_topic, test_regular_user_cannot_create_system_topic, test_topics_require_auth	2026-05-23 20:15:44 +02:00
curo1305	f94e8d8b4a	feat(02-04): implement admin API endpoints — user CRUD, quota management, AI config - GET /api/admin/users: list users (safe fields only, ordered by created_at) - POST /api/admin/users: create user (password_must_change=True, quota init) - PATCH /api/admin/users/{id}/status: deactivate/reactivate with sole-admin guard - POST /api/admin/users/{id}/password-reset: Celery email dispatch (no token returned) - GET /api/admin/users/{id}/quota: quota view with MB helpers - PATCH /api/admin/users/{id}/quota: quota adjust with below-usage warning - PATCH /api/admin/users/{id}/ai-config: assign AI provider/model per user - _user_to_dict() whitelist helper prevents password_hash/credentials_enc leakage - No impersonation endpoint (ADMIN-07 enforced by omission) - get_current_admin Depends() on every handler (SEC-07) - Updated backend/main.py to include admin_router - Fixed test: mock send_reset_email.delay to avoid Redis in unit tests	2026-05-22 20:01:37 +02:00

Author

SHA1

Message

Date

curo1305

5950a3f5c2

feat(03-03): wire get_current_user into /api/topics/*; add load_topics_for_user; POST /api/admin/topics

- api/topics.py: add get_current_user dep to all 5 handlers (list, create, update, delete, suggest)
- list_topics: uses load_topics_for_user (system topics + user's own) with user-scoped doc counts
- create_topic: passes user_id=current_user.id (never creates system topics via regular endpoint)
- update_topic/delete_topic: ownership assertion — system topics and other users' topics return 404
- api/admin.py: add SystemTopicCreate model + POST /api/admin/topics (user_id=NULL, admin-only)
- services/storage.py: add or_ import; load_topics_for_user (D-17); create_topic gains user_id param with namespace-scoped dedup; topic_doc_counts gains optional user_id for user-scoped counts; add load_topics_for_user to __all__
- services/classifier.py: replace load_topics with load_topics_for_user(doc.user_id); pass user_id=doc.user_id to create_topic for AI-suggested topics (D-11)
- Tests: update all topic tests to pass auth headers; implement test_topic_namespace, test_admin_create_system_topic, test_regular_user_cannot_create_system_topic, test_topics_require_auth

2026-05-23 20:15:44 +02:00

curo1305

f94e8d8b4a

feat(02-04): implement admin API endpoints — user CRUD, quota management, AI config

- GET /api/admin/users: list users (safe fields only, ordered by created_at)
- POST /api/admin/users: create user (password_must_change=True, quota init)
- PATCH /api/admin/users/{id}/status: deactivate/reactivate with sole-admin guard
- POST /api/admin/users/{id}/password-reset: Celery email dispatch (no token returned)
- GET /api/admin/users/{id}/quota: quota view with MB helpers
- PATCH /api/admin/users/{id}/quota: quota adjust with below-usage warning
- PATCH /api/admin/users/{id}/ai-config: assign AI provider/model per user
- _user_to_dict() whitelist helper prevents password_hash/credentials_enc leakage
- No impersonation endpoint (ADMIN-07 enforced by omission)
- get_current_admin Depends() on every handler (SEC-07)
- Updated backend/main.py to include admin_router
- Fixed test: mock send_reset_email.delay to avoid Redis in unit tests

2026-05-22 20:01:37 +02:00

2 Commits