agnes-the-ai-analyst

AI-Cognitive-Leap/agnes-the-ai-analyst

Fork 0

Commit graph

Author	SHA1	Message	Date
ZdenekSrotyr	70672204fe	feat(memory): admin Edit + MEMORY_DOMAIN RBAC + ai-section UI (#141 ) Cuts release 0.23.0. ## Highlights - Single-item Edit button on every memory item card (modal hits PATCH /api/memory/admin/{id}). - MEMORY_DOMAIN RBAC resource type — admins grant user_groups access to specific domains via /admin/access. Composes with existing audience filter (OR semantics, no-op when no grants). - ai: section editable in /admin/server-config — admins can set ANTHROPIC_API_KEY / model / provider / base_url for the corporate-memory extractor without editing instance.yaml directly. api_key auto-masked. ## Devin findings addressed - Modal NULL→empty fix (audience visibility wouldn't break). - Stats endpoint granted_domains parity with list endpoint. - Documented intentional MEMORY_DOMAIN→audience bypass. - Documented conscious ai.base_url SSRF exclusion (legit internal LiteLLM/vLLM proxies). See CHANGELOG [0.23.0] for full notes.	2026-04-30 11:04:41 +02:00
ZdenekSrotyr	a222f92e70	feat(admin): server configuration editor + 0.13.0 (#107 ) Adds /admin/server-config UI for editing instance.yaml from the web. Hardening: SSRF gate on data_source URLs, narrow-overlay write strategy, atomic writes, audit log with secret masking on shape changes, threading lock on read-modify-write, corrupt-overlay refusal on write side + louder log on read side, modal Promise resolution on backdrop dismiss, sentinel scrub on save (defense-in-depth client+server). Bundles Windows PowerShell wrapper from #80. Cuts release v0.13.0.	2026-04-29 00:47:23 +02:00

Author

SHA1

Message

Date

ZdenekSrotyr

70672204fe

feat(memory): admin Edit + MEMORY_DOMAIN RBAC + ai-section UI (#141 )

Cuts release 0.23.0.

## Highlights
- Single-item Edit button on every memory item card (modal hits PATCH /api/memory/admin/{id}).
- MEMORY_DOMAIN RBAC resource type — admins grant user_groups access to specific domains via /admin/access. Composes with existing audience filter (OR semantics, no-op when no grants).
- ai: section editable in /admin/server-config — admins can set ANTHROPIC_API_KEY / model / provider / base_url for the corporate-memory extractor without editing instance.yaml directly. api_key auto-masked.

## Devin findings addressed
- Modal NULL→empty fix (audience visibility wouldn't break).
- Stats endpoint granted_domains parity with list endpoint.
- Documented intentional MEMORY_DOMAIN→audience bypass.
- Documented conscious ai.base_url SSRF exclusion (legit internal LiteLLM/vLLM proxies).

See CHANGELOG [0.23.0] for full notes.

2026-04-30 11:04:41 +02:00

ZdenekSrotyr

a222f92e70

feat(admin): server configuration editor + 0.13.0 (#107 )

Adds /admin/server-config UI for editing instance.yaml from the web. Hardening: SSRF gate on data_source URLs, narrow-overlay write strategy, atomic writes, audit log with secret masking on shape changes, threading lock on read-modify-write, corrupt-overlay refusal on write side + louder log on read side, modal Promise resolution on backdrop dismiss, sentinel scrub on save (defense-in-depth client+server). Bundles Windows PowerShell wrapper from #80. Cuts release v0.13.0.

2026-04-29 00:47:23 +02:00

2 commits