Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Things are currently working. At least 90% sure they are.

Browse Source
This commit is contained in:
Scott Idem
2026-01-07 12:24:52 -05:00
parent c47ae47a2f
commit 7fb2f00846
3 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
GEMINI.md
View File

@@ -47,7 +47,17 @@ I am an interactive CLI agent assisting with software engineering tasks for One
- **Security Hardening:** Implemented a 5-level recursion depth limit and a field allowlist (`searchable_fields`) for the Search API. - **Security Hardening:** Implemented a 5-level recursion depth limit and a field allowlist (`searchable_fields`) for the Search API.
- **Non-blocking Concurrency:** Standardized on `asyncio.sleep()` for delay simulation to prevent Gunicorn worker hangs. - **Non-blocking Concurrency:** Standardized on `asyncio.sleep()` for delay simulation to prevent Gunicorn worker hangs.
## Session Learnings & Progress (Jan 2-6, 2026) ## Session Learnings & Progress (Jan 2-7, 2026)
### Agent Bridge & Docker Integration (Jan 7, 2026)
- **Agent Bridge Implementation**: Developed `app/routers/agent_bridge.py` to provide administrative insight into the Docker runtime environment.
- Endpoints include `/status`, `/system/usage`, `/logs`, `/logs/list`, `/processes`, and `/container/metadata`.
- Implemented `is_admin` helper for consistent security across administrative tools.
- Added support for listing and tailing various log files, with path sanitization.
- **MCP Docker Explorer**: Created `mcp_docker_explorer.py` as a standalone client to test the Model Context Protocol (MCP) Docker server integration. This script uses `npx` to run `@modelcontextprotocol/server-docker`.
- **Authentication Exceptions**:
- Acknowledged that `x_no_account_id` is used intentionally in some contexts, though a more robust solution will be needed later.
- **Direct Download Links**: Noted that Hosted Files and Event Files often require direct download links that cannot include custom headers, as they are often shared directly with users.
### V3 CRUD Infrastructure & Search ### V3 CRUD Infrastructure & Search
- **Modular Object Definitions**: Refactored `ae_obj_types_def.py` into modular domain files in `app/object_definitions/`. - **Modular Object Definitions**: Refactored `ae_obj_types_def.py` into modular domain files in `app/object_definitions/`.
@@ -66,11 +76,12 @@ I am an interactive CLI agent assisting with software engineering tasks for One
## Current To-Do List ## Current To-Do List
1. **Docker Environment Insight Improvements (Priority: High)**: Implement methods/endpoints to give the agent more insight into the actual Docker runtime environment. 1. **Docker MCP Integration (Priority: High)**: Proceed with integrating the Docker MCP server into the Gemini CLI environment for direct container management.
2. **Security - Field Allowlists (Priority: Done)**: Finished populating `searchable_fields` for all object definitions (Core, CMS, Events, Membership, Orders, Other). 2. **Security - Field Allowlists (Priority: Done)**: Finished populating `searchable_fields` for all object definitions (Core, CMS, Events, Membership, Orders, Other).
3. **Refactoring - Modularize `db_sql.py` (Priority: Done/Low)**: Successfully implemented a facade pattern, moving search builders and Redis helpers to modular files. This reduced `db_sql.py` by nearly 500 lines while preserving stability. Further modularization of core CRUD should only be attempted if stability risks are mitigated. 3. **Refactoring - Modularize `db_sql.py` (Priority: Done/Low)**: Successfully implemented a facade pattern, moving search builders and Redis helpers to modular files. This reduced `db_sql.py` by nearly 500 lines while preserving stability. Further modularization of core CRUD should only be attempted if stability risks are mitigated.
4. **Specialized Endpoints (Priority: Medium)**: Plan modernization of custom logic (importing, websockets) to match V3 patterns. 4. **Specialized Endpoints (Priority: Medium)**: Plan modernization of custom logic (importing, websockets) to match V3 patterns.
5. **Security - Authentication (Priority: High)**: Continue refining and enforcing JWT-based authentication across all V3 endpoints. 5. **Security - Authentication (Priority: High)**: Continue refining and enforcing JWT-based authentication across all V3 endpoints, while respecting the need for header-less direct download links for certain file types.
6. **Account ID Handling (Priority: Low)**: Address the `x_no_account_id` usage with a more permanent and secure architecture.
### Workflow & Collaboration ### Workflow & Collaboration
- **`GEMINI.md` Strategy:** The user is creating `GEMINI.md` files in key project directories. Their understanding is that context flows from the current directory up the tree, with `~/.gemini/GEMINI.md` serving as a global catch-all for general memories. - **`GEMINI.md` Strategy:** The user is creating `GEMINI.md` files in key project directories. Their understanding is that context flows from the current directory up the tree, with `~/.gemini/GEMINI.md` serving as a global catch-all for general memories.

1
admin/requirements.txt
View File

@@ -46,6 +46,7 @@ pycparser
pydantic pydantic
PyJWT PyJWT
pyparsing pyparsing
psutil
python-dateutil python-dateutil
python-dotenv python-dotenv
python-multipart python-multipart

13
app/main.py
View File

@@ -16,7 +16,8 @@ import logging
import app.log import app.log
# Import the routers here first: # Import the routers here first:
from app.routers import ae_obj, aether_cfg, api_crud, api_crud_v2, api_crud_v3, agent_bridge, api, importing, sql, account, activity_log, address, archive, archive_content, contact, data_store, event, event_abstract, event_badge, event_badge_importing, event_badge_template, event_device, event_exhibit, event_exhibit_tracking, event_file, event_importing, event_location, event_person, event_person_detail, event_person_tracking, event_presentation, event_presenter, event_registration, event_session, flask_cfg, fundraising, grant, hosted_file, journal, journal_entry, log_client_viewing, lookup, membership_cfg, membership_group, membership_person_group, membership_person, membership_person_profile, membership_type, membership_person_type, order, order_v3, order_line, order_cart, organization, page, person, person_user, post, post_comment, product, qr, site, site_domain, user, util_email, websockets_redis, e_confex, e_cvent, c_idaa, e_impexium, e_stripe from app.routers import ae_obj, aether_cfg, api_crud, api_crud_v2, api_crud_v3, api, importing, sql, account, activity_log, address, archive, archive_content, contact, data_store, event, event_abstract, event_badge, event_badge_importing, event_badge_template, event_device, event_exhibit, event_exhibit_tracking, event_file, event_importing, event_location, event_person, event_person_detail, event_person_tracking, event_presentation, event_presenter, event_registration, event_session, flask_cfg, fundraising, grant, hosted_file, journal, journal_entry, log_client_viewing, lookup, membership_cfg, membership_group, membership_person_group, membership_person, membership_person_profile, membership_type, membership_person_type, order, order_v3, order_line, order_cart, organization, page, person, person_user, post, post_comment, product, qr, site, site_domain, user, util_email, websockets_redis, e_confex, e_cvent, c_idaa, e_impexium, e_stripe
# from app.routers import agent_bridge
# cont_edu_cert, cont_edu_cert_person, # cont_edu_cert, cont_edu_cert_person,
# from app.routers import aether_cfg, sql # from app.routers import aether_cfg, sql
@@ -120,11 +121,11 @@ app.include_router(
prefix='/v3/crud', prefix='/v3/crud',
tags=['CRUD v3'], tags=['CRUD v3'],
) )
app.include_router( # app.include_router(
agent_bridge.router, # agent_bridge.router,
prefix='/agent', # prefix='/agent',
tags=['Agent Bridge'], # tags=['Agent Bridge'],
) # )
app.include_router( app.include_router(
api.router, api.router,
prefix='/api', prefix='/api',