Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,064 Commits 4 Branches 0 Tags
6d13b952c45c4ef435a17afe9c1d408e1f24ac11
Commit Graph

1040 Commits

Author SHA1 Message Date
Scott Idem
6d13b952c4 Implement V3 API security hardening and multi-tenant data isolation 
- Enhanced AuthContext with role-aware fields (administrator, manager, super).
- Implemented deferred database lookups for user roles in get_v3_auth_context.
- Added global account isolation in api_crud_v3.py using check_account_access and apply_forced_account_filter.
- Hardened all V3 CRUD endpoints (GET, POST, PATCH, DELETE) and nested routes with ownership verification.
- Enforced forced account filtering at the SQL level for Listing and Searching.
- Updated documentation with details on the new security and data isolation architecture.
 2026-01-07 13:34:38 -05:00
Scott Idem
270712f905 Another quick snapshot in case something breaks again. There are issues with this new agent bridge and the psutil and Gemini CLI. Not sure, but it causes problems. 2026-01-07 13:10:16 -05:00
Scott Idem
7fb2f00846 Things are currently working. At least 90% sure they are. 2026-01-07 12:24:52 -05:00
Scott Idem
c47ae47a2f Add agent_bridge.py administrative endpoints and mcp_docker_explorer.py script 
- Implemented /status, /system/usage, /logs, /logs/list, /processes, and /container/metadata in agent_bridge.py.
- Added mcp_docker_explorer.py for Docker MCP integration testing.
- Enhanced administrative access checks in agent_bridge.py.
 2026-01-07 12:01:48 -05:00
Scott Idem
75b771f87c feat: add 'archive_on' to searchable_fields for posts and update agent bridge auth logic 2026-01-07 11:07:45 -05:00
Scott Idem
ec4656eca9 Bug fix to make lookup_id_random_pop work again. 2026-01-07 10:02:57 -05:00
Scott Idem
836ed97d07 feat(agent): implement Agent Bridge for secure diagnostics 2026-01-06 19:00:03 -05:00
Scott Idem
6470af0a01 feat(v3): populate searchable_fields for all remaining object definitions 2026-01-06 18:18:39 -05:00
Scott Idem
c33ae332e9 refactor(sql): clean up db_sql.py by removing commented-out code and consolidating logic 2026-01-06 18:12:51 -05:00
Scott Idem
a6ec6d1b2b Saving our work just in case. 2026-01-06 18:06:45 -05:00
Scott Idem
55033d0749 feat(events): add conference to searchable fields and update progress 2026-01-06 18:03:57 -05:00
Scott Idem
868a0060dc refactor(sql): complete modularization of search builders and ID resolution 2026-01-06 17:58:34 -05:00
Scott Idem
56fe7ed953 refactor(sql): modularize Redis and ID lookup functions 2026-01-06 17:32:22 -05:00
Scott Idem
a6a5162385 refactor(sql): modularize status and where query builders 2026-01-06 17:24:47 -05:00
Scott Idem
b5e874bd99 refactor(sql): modularize basic search query builders 2026-01-06 17:22:10 -05:00
Scott Idem
d584457997 fix(legacy): resolve 422 error on site domain lookup and enhance V3 filtering 2026-01-06 16:29:09 -05:00
Scott Idem
459bd89198 feat(v3): implement schema discovery endpoint 2026-01-06 16:03:54 -05:00
Scott Idem
45f6303219 feat(v3): robust search wildcards, smart status filtering, and fixed ID population 2026-01-06 15:54:31 -05:00
Scott Idem
a42f32acf4 Added more documentation. Improved CRUD V3 endpoints and better responses. 2026-01-06 13:52:05 -05:00
Scott Idem
9c06b07665 Saving changes now that most things have been migrated to CRUD V3 and appear to be working. This still needs testing though. 2026-01-06 13:11:03 -05:00
Scott Idem
552ca31603 Adding more searchable_fields for security. Broke up large files to make them easier to manage. 2026-01-06 11:14:37 -05:00
Scott Idem
b8a417a5d7 Key Accomplishments: 
1. Badge Model Updates: Added print_count, print_first_datetime, and print_last_datetime to the
      Event_Badge_Basic_Base model.
   2. Soft Delete in V3 CRUD: Implemented a method query parameter (delete, hide, disable) for the DELETE
      endpoints in api_crud_v3.py.
   3. Security Hardening: Populated searchable_fields allowlists for all objects across the V3 CRUD
      definitions (core.py, events.py, orders.py, cms.py, lookups.py, membership.py, other.py).
   4. Shared Documentation: Created /home/scott/agents_sync/Aether/api_v3.md to coordinate these V3 API
      features with the Svelte agent and other tools.
 2026-01-05 20:05:33 -05:00
Scott Idem
314a031dd1 Now with some soft delete options for safer operations. 2026-01-05 19:49:28 -05:00
Scott Idem
3790983b5e Quick update to include some more fields. 2026-01-05 19:24:17 -05:00
Scott Idem
f5ab2118ad Fix: Enhance V3 Search with 'contains', 'startswith', 'endswith' operators and improve error reporting. 2026-01-02 20:42:19 -05:00
Scott Idem
f865b1cfb7 Security: Implement modern JWT authentication for V3 CRUD and Search; update documentation and to-do list. 2026-01-02 20:26:44 -05:00
Scott Idem
53d252b23d Fix: Add robust JSON parsing for V3 query params and fix missing Any import causing startup failure. 2026-01-02 20:24:51 -05:00
Scott Idem
09ec231303 Security: Implement recursion depth limits and field allowlists for Advanced Search; add reference SQL exports. 2026-01-02 19:38:37 -05:00
Scott Idem
5a4c82e4cb Cleanup: Comment out unused cont_edu_cert routers in main.py. 2026-01-02 19:16:25 -05:00
Scott Idem
81af707091 Refactor: Modularize object definitions and implement V3 Search beta recommendations. 2026-01-02 19:16:06 -05:00
Scott Idem
bf16f988c5 Saving recommended updates by the Svelte Gemini agent. 2026-01-02 18:57:37 -05:00
Scott Idem
bd2739eb13 Refactor: Modularize object definitions and migrate event-related objects to V3 CRUD. 2026-01-02 17:53:35 -05:00
Scott Idem
2f24a5588b Feature: Implement advanced POST-based search with recursive logical grouping and unique parameterization (Verified Working). 2026-01-02 17:09:29 -05:00
Scott Idem
7b9ec69e7b Refactor: Add legacy V2 support to modern object definitions and document V3 architecture. 2026-01-02 16:14:41 -05:00
Scott Idem
95f58e3b4d Another quick save before we start working on documentation and specialized endpoints. 2026-01-02 16:10:06 -05:00
Scott Idem
c1353fc971 More work on getting things working and ready for my CRUD v3 stuff. This may have been related to import loops or something. 2026-01-02 15:48:08 -05:00
Scott Idem
4a62eecf83 Work after logging related fixes. 2026-01-02 15:17:43 -05:00
Scott Idem
6d60af23c3 Update to get activity log working for CRUD v2 queries. 2025-12-16 14:40:06 -05:00
Scott Idem
4598256c7c Reverted to known working version and preserved new file changes in snapshots. 2025-12-03 20:43:47 -05:00
Scott Idem
98b980cf2b The basics are now working for v3. 2025-12-03 18:44:14 -05:00
Scott Idem
d0654e9f37 Another quick save. Looking pretty so far. 2025-12-03 18:35:40 -05:00
Scott Idem
8f3a38cb0d WARNING: This is where Gemini is starting to work on the version 3 of the CRUD catch all endpoints. This seems like a good start. 2025-12-03 18:16:11 -05:00
Scott Idem
b1d05c7e66 A quick version update for the god like catch all CRUD endpoints. Version 3 will be even better! 2025-12-03 17:58:58 -05:00
Scott Idem
0e41205472 Cleaned up the aud field. We think this part is correct finally. 2025-12-03 15:48:57 -05:00
Scott Idem
3394ebcdad Again... 2025-12-03 15:40:06 -05:00
Scott Idem
36ae9c5035 We think it might work now... Gemini thinks the aud may have been set incorrectly. Not matching the actual Jitsi server. 2025-12-03 15:38:14 -05:00
Scott Idem
c5d25b5717 More work on the Jitsi JWT 2025-12-03 15:25:30 -05:00
Scott Idem
e40b01d276 Another quick bug fix. 2025-12-02 18:50:50 -05:00
Scott Idem
38455d4549 Bug fix!!! 2025-12-02 18:46:19 -05:00
Scott Idem
5535b1af34 Try try again... Jitsi JWT.... 2025-12-02 18:36:56 -05:00