OSIT-AE-API-FastAPI

Scott.Idem/OSIT-AE-API-FastAPI

Fork 0

Commit Graph

Author	SHA1	Message	Date
Scott Idem	4629e1ec63	feat(site_domain): restore access_key enforcement for FQDN lookups - api_crud_v3: strip falsy access_key values; restrict keyless queries to public domains (both site_access_key and site_domain_access_key must be NULL/empty); 75-line recursive block replaced with ~16 lines - lib_sql_search: expand virtual 'access_key' field into priority SQL — site_access_key first, site_domain_access_key as fallback - cms.py: add site_domain_access_key to site_domain searchable_fields - docs: update frontend guide with access key behavior and examples - e2e test: expand to cover all valid/invalid access key scenarios (15/15) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-31 14:46:33 -04:00
Scott Idem	2266f149f7	security(v3): harden multi-tenant isolation and enhance failure feedback	2026-02-13 18:45:20 -05:00

Author

SHA1

Message

Date

Scott Idem

4629e1ec63

feat(site_domain): restore access_key enforcement for FQDN lookups

- api_crud_v3: strip falsy access_key values; restrict keyless queries
  to public domains (both site_access_key and site_domain_access_key
  must be NULL/empty); 75-line recursive block replaced with ~16 lines
- lib_sql_search: expand virtual 'access_key' field into priority SQL —
  site_access_key first, site_domain_access_key as fallback
- cms.py: add site_domain_access_key to site_domain searchable_fields
- docs: update frontend guide with access key behavior and examples
- e2e test: expand to cover all valid/invalid access key scenarios (15/15)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-31 14:46:33 -04:00

Scott Idem

2266f149f7

security(v3): harden multi-tenant isolation and enhance failure feedback

2026-02-13 18:45:20 -05:00

2 Commits