diff --git a/app/object_definitions/cms.py b/app/object_definitions/cms.py index e9e4801..c78aef8 100644 --- a/app/object_definitions/cms.py +++ b/app/object_definitions/cms.py @@ -26,66 +26,65 @@ cms_obj_li = { 'created_on', 'updated_on' ], }, - 'post': { - 'tbl': 'post', - 'tbl_default': 'v_post', - 'tbl_alt': 'v_post_detail', - 'tbl_update': 'post', - 'mdl': Post_Base, - 'mdl_default': Post_Base, - 'mdl_in': Post_Base, - 'mdl_out': Post_Base, - # Legacy V2 keys: - 'table_name': 'v_post', - 'table_name_alt': 'v_post_detail', - 'tbl_name_update': 'post', - 'base_name': Post_Base, - 'public_read': True, - 'exp_default': [ - 'post_id_random', - 'account_id_random', - 'title', 'content', - 'enable', 'hide', 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on', + 'post': { + 'tbl': 'post', + 'tbl_default': 'v_post', + 'tbl_alt': 'v_post_detail', + 'tbl_update': 'post', + 'mdl': Post_Base, + 'mdl_default': Post_Base, + 'mdl_in': Post_Base, + 'mdl_out': Post_Base, + # Legacy V2 keys: + 'table_name': 'v_post', + 'table_name_alt': 'v_post_detail', + 'tbl_name_update': 'post', + 'base_name': Post_Base, + 'exp_default': [ + 'post_id_random', + 'account_id_random', + 'title', 'content', + 'enable', 'hide', 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on', + ], + # V3 Search Security: + 'searchable_fields': [ + 'id', 'account_id', 'person_id', 'user_id', 'external_person_id', + 'post_id_random', 'account_id_random', 'organization_id_random', + 'person_id_random', 'user_id_random', 'external_person_id', 'title', 'content', + 'type_code', 'topic_code', 'category_code', 'tags', 'location', + 'enable', 'hide', 'priority', 'sort', 'group', 'notes', + 'archive_on', 'created_on', 'updated_on' ], - # V3 Search Security: - 'searchable_fields': [ - 'id', 'account_id', 'person_id', 'user_id', 'external_person_id', - 'post_id_random', 'account_id_random', 'organization_id_random', - 'person_id_random', 'user_id_random', 'external_person_id', 'title', 'content', - 'type_code', 'topic_code', 'category_code', 'tags', 'location', - 'enable', 'hide', 'priority', 'sort', 'group', 'notes', - 'archive_on', 'created_on', 'updated_on' - ], - }, - 'post_comment': { - 'tbl': 'post_comment', - 'tbl_default': 'v_post_comment', - 'tbl_alt': 'v_post_comment_detail', - 'tbl_update': 'post_comment', - 'mdl': Post_Comment_Base, - 'mdl_default': Post_Comment_Base, - 'mdl_in': Post_Comment_Base, - 'mdl_out': Post_Comment_Base, - # Legacy V2 keys: - 'table_name': 'v_post_comment', - 'table_name_alt': 'v_post_comment_detail', - 'tbl_name_update': 'post_comment', - 'base_name': Post_Comment_Base, - 'public_read': True, - 'exp_default': [ - 'post_comment_id_random', - 'account_id_random', 'post_id_random', - 'content', - 'enable', 'hide', 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on', + }, + 'post_comment': { + 'tbl': 'post_comment', + 'tbl_default': 'v_post_comment', + 'tbl_alt': 'v_post_comment_detail', + 'tbl_update': 'post_comment', + 'mdl': Post_Comment_Base, + 'mdl_default': Post_Comment_Base, + 'mdl_in': Post_Comment_Base, + 'mdl_out': Post_Comment_Base, + # Legacy V2 keys: + 'table_name': 'v_post_comment', + 'table_name_alt': 'v_post_comment_detail', + 'tbl_name_update': 'post_comment', + 'base_name': Post_Comment_Base, + 'exp_default': [ + 'post_comment_id_random', + 'account_id_random', 'post_id_random', + 'content', + 'enable', 'hide', 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on', + ], + # V3 Search Security: + 'searchable_fields': [ + 'id', 'post_id', 'account_id', 'person_id', 'user_id', 'external_person_id', + 'post_comment_id_random', 'account_id_random', 'post_id_random', + 'person_id_random', 'user_id_random', 'content', 'enable', 'hide', + 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on' ], - # V3 Search Security: - 'searchable_fields': [ - 'id', 'post_id', 'account_id', 'person_id', 'user_id', 'external_person_id', - 'post_comment_id_random', 'account_id_random', 'post_id_random', - 'person_id_random', 'user_id_random', 'content', 'enable', 'hide', - 'priority', 'sort', 'group', 'notes', 'created_on', 'updated_on' - ], - }, + }, + 'site': { 'tbl': 'site', 'tbl_default': 'site', diff --git a/app/object_definitions/events_general.py b/app/object_definitions/events_general.py index 680940f..8e831df 100644 --- a/app/object_definitions/events_general.py +++ b/app/object_definitions/events_general.py @@ -20,7 +20,6 @@ events_general_obj_li = { 'tbl_name_update': 'event', 'base_name': Event_Base, 'base_name_alt': Event_Meeting_Flat_Base, - 'public_read': True, 'exp_default': [ 'event_id_random', 'conference', 'type', @@ -66,7 +65,6 @@ events_general_obj_li = { 'table_name_alt': 'v_event_file', 'tbl_name_update': 'event_file', 'base_name': Event_File_Base, - 'public_read': True, # V3 Search Security: 'searchable_fields': [ 'event_id', 'event_file_id', 'hosted_file_id', diff --git a/app/object_definitions/events_presentation.py b/app/object_definitions/events_presentation.py index bba4024..0c110f3 100644 --- a/app/object_definitions/events_presentation.py +++ b/app/object_definitions/events_presentation.py @@ -61,7 +61,6 @@ events_presentation_obj_li = { 'table_name_alt': 'v_event_presentation_w_file_count', 'tbl_name_update': 'event_presentation', 'base_name': Event_Presentation_Base, - 'public_read': True, # V3 Search Security: 'searchable_fields': [ 'event_presentation_id_random', 'event_id_random', @@ -86,7 +85,6 @@ events_presentation_obj_li = { 'table_name_alt': 'v_event_presenter_w_file_count', 'tbl_name_update': 'event_presenter', 'base_name': Event_Presenter_Base, - 'public_read': True, 'exp_default': [ 'event_presenter_id_random', 'title_names', 'given_name', 'middle_name', 'family_name', 'designations', @@ -123,7 +121,6 @@ events_presentation_obj_li = { 'table_name': 'v_event_session', 'tbl_name_update': 'event_session', 'base_name': Event_Session_Base, - 'public_read': True, # V3 Search Security: 'searchable_fields': [ 'event_session_id_random', 'event_id_random', diff --git a/app/object_definitions/other.py b/app/object_definitions/other.py index 0909a30..5e0dfde 100644 --- a/app/object_definitions/other.py +++ b/app/object_definitions/other.py @@ -104,7 +104,6 @@ other_obj_li = { 'table_name': 'v_archive_content', 'tbl_name_update': 'archive_content', 'base_name': Archive_Content_Base, - 'public_read': True, # V3 Search Security: 'searchable_fields': [ 'id', 'account_id', 'archive_id', 'hosted_file_id', @@ -126,7 +125,6 @@ other_obj_li = { 'table_name': 'v_hosted_file', 'tbl_name_update': 'hosted_file', 'base_name': Hosted_File_Base, - 'public_read': True, 'exp_default': [ 'hosted_file_id_random', 'hash_sha256', diff --git a/tests/README.md b/tests/README.md index 6210eb7..29ca59a 100644 --- a/tests/README.md +++ b/tests/README.md @@ -17,6 +17,7 @@ These consolidated scripts are the primary verification tool for the V3 API. | Script | Description | | :--- | :--- | | `test_e2e_v3_search_engine.py` | **Primary Search**: Basic operators, Registry fields, Nested search, and Filter bypass. | +| `test_e2e_v3_security_audit.py` | **Core Security**: Verifies multi-tenant isolation, cross-account write blocking, and ID Vision compliance. | | `test_e2e_v3_auth_security.py` | **Primary Auth**: Site bootstrap, Passcode-to-JWT, and permission boundaries. | | `test_e2e_v3_actions_file_lifecycle.py` | **Primary Actions**: Upload, Download (ID/Hash/Streaming), and physical Deletion. | | `test_e2e_v3_data_store_lookup.py` | **V3 Parity**: Verifies code-based lookups and latency simulation. |