Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security(v3): harden multi-tenant isolation and enhance failure feedback

Browse Source
This commit is contained in:
Scott Idem
2026-02-13 18:45:20 -05:00
parent 61e17f1efa
commit 2266f149f7
15 changed files with 389 additions and 317 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
app/models/event_session_models.py
View File

@@ -23,12 +23,22 @@ class Event_Session_Base(BaseModel):
id: Optional[str] = Field(None, **base_fields['event_session_id_random'])
event_session_id: Optional[str] = Field(None, **base_fields['event_session_id_random'])
account_id: Optional[str] = Field(None, **base_fields['account_id_random'])
event_id: Optional[str] = Field(None, **base_fields['event_id_random'])
event_location_id: Optional[str] = Field(None, **base_fields['event_location_id_random'])
event_track_id: Optional[str] = Field(None, **base_fields['event_track_id_random'])
poc_event_person_id: Optional[str] = Field(None, **base_fields['event_person_id_random'])
poc_person_id: Optional[str] = Field(None, **base_fields['person_id_random'])
# --- Standardized Legacy / Internal IDs (Excluded) ---
id_random: Optional[str] = Field(None, alias='event_session_id_random', exclude=True)
account_id_random: Optional[str] = Field(None, exclude=True)
event_id_random: Optional[str] = Field(None, exclude=True)
event_location_id_random: Optional[str] = Field(None, exclude=True)
event_track_id_random: Optional[str] = Field(None, exclude=True)
poc_event_person_id_random: Optional[str] = Field(None, exclude=True)
poc_person_id_random: Optional[str] = Field(None, exclude=True)
external_id: Optional[str] = Field(
# alias = 'event_session_external_id'
)
@@ -184,6 +194,8 @@ class Event_Session_Base(BaseModel):
values['id'] = rid
values['event_session_id'] = rid
if a_rid := values.get('account_id_random'):
values['account_id'] = a_rid
if e_rid := values.get('event_id_random'):
values['event_id'] = e_rid
if el_rid := values.get('event_location_id_random'):
@@ -196,7 +208,7 @@ class Event_Session_Base(BaseModel):
values['poc_person_id'] = pp_rid
# 2. Prevent "Collision Population"
for k in ['id', 'event_session_id', 'event_id', 'event_location_id', 'event_track_id', 'poc_event_person_id', 'poc_person_id']:
for k in ['id', 'event_session_id', 'account_id', 'event_id', 'event_location_id', 'event_track_id', 'poc_event_person_id', 'poc_person_id']:
if k in values and not isinstance(values[k], str) and values[k] is not None:
del values[k]