agnes-the-ai-analyst

AI-Cognitive-Leap/agnes-the-ai-analyst

Fork 0

Commit graph

Author	SHA1	Message	Date
ZdenekSrotyr	93fdea3461	fix(claude_md): RBAC-filter tables; align today with now (UTC) - _list_tables now accepts a user param and delegates to get_accessible_tables: admins see all, non-admins see only tables covered by their resource_grants. Fixes silent leak of table names to unauthorised analysts. - today derived from now.date() (UTC) instead of date.today() (server-local TZ), so today and now are always consistent. - Updated test_render_override_tables_list to seed an admin user so RBAC filtering doesn't hide the table; added three new tests covering per-user table isolation, admin sees-all, and no-grants-empty.	2026-05-04 05:57:22 +02:00
ZdenekSrotyr	f01eb4143d	feat(db,repo,renderer): schema v23 + claude_md_template + ClaudeMd renderer - Bump SCHEMA_VERSION 22 → 23; add claude_md_template singleton table to _SYSTEM_SCHEMA and _V22_TO_V23_MIGRATIONS; wire migration + fresh-install seed - src/repositories/claude_md_template.py: ClaudeMdTemplateRepository (get/set/reset) mirroring WelcomeTemplateRepository; defensive re-seed in get() - src/claude_md.py: compute_default_claude_md / render_claude_md / build_claude_md_context — rich renderer with RBAC-filtered tables, metrics, and marketplaces; reads override from claude_md_template or falls back to config/claude_md_template.txt; raises TemplateError on broken override - config/claude_md_template.txt: default Jinja2 markdown template restored from PR #167 history (tables, metrics, marketplaces, BQ guidance, corporate memory, directory structure, per-user footer)	2026-05-03 22:43:56 +02:00

Author

SHA1

Message

Date

ZdenekSrotyr

93fdea3461

fix(claude_md): RBAC-filter tables; align today with now (UTC)

- _list_tables now accepts a user param and delegates to
  get_accessible_tables: admins see all, non-admins see only tables
  covered by their resource_grants. Fixes silent leak of table names
  to unauthorised analysts.
- today derived from now.date() (UTC) instead of date.today()
  (server-local TZ), so today and now are always consistent.
- Updated test_render_override_tables_list to seed an admin user so
  RBAC filtering doesn't hide the table; added three new tests covering
  per-user table isolation, admin sees-all, and no-grants-empty.

2026-05-04 05:57:22 +02:00

ZdenekSrotyr

f01eb4143d

feat(db,repo,renderer): schema v23 + claude_md_template + ClaudeMd renderer

- Bump SCHEMA_VERSION 22 → 23; add claude_md_template singleton table to
  _SYSTEM_SCHEMA and _V22_TO_V23_MIGRATIONS; wire migration + fresh-install seed
- src/repositories/claude_md_template.py: ClaudeMdTemplateRepository (get/set/reset)
  mirroring WelcomeTemplateRepository; defensive re-seed in get()
- src/claude_md.py: compute_default_claude_md / render_claude_md /
  build_claude_md_context — rich renderer with RBAC-filtered tables, metrics,
  and marketplaces; reads override from claude_md_template or falls back to
  config/claude_md_template.txt; raises TemplateError on broken override
- config/claude_md_template.txt: default Jinja2 markdown template restored from
  PR #167 history (tables, metrics, marketplaces, BQ guidance, corporate memory,
  directory structure, per-user footer)

2026-05-03 22:43:56 +02:00

2 commits