agnes-the-ai-analyst

History

ZdenekSrotyr 1074d5ec49 feat: implement data access control — table-level permissions Schema v3: add is_public column to table_registry (default true). src/rbac.py: can_access_table() checks admin bypass, public flag, explicit permissions, wildcard bucket permissions. API enforcement: - manifest: filters tables by user access - download: 403 if no access - catalog: filters table list - query: validates referenced tables against allowed list New admin permissions API (/api/admin/permissions) for grant/revoke. 28 access control tests + 733 total tests passing.	2026-03-31 12:33:31 +02:00
..
plans	feat: complete system — web UI, all API endpoints, governance, admin, CLI commands	2026-03-27 16:52:22 +01:00
specs	feat: implement data access control — table-level permissions	2026-03-31 12:33:31 +02:00

ZdenekSrotyr 1074d5ec49 feat: implement data access control — table-level permissions

Schema v3: add is_public column to table_registry (default true).

src/rbac.py: can_access_table() checks admin bypass, public flag,
explicit permissions, wildcard bucket permissions.

API enforcement:
- manifest: filters tables by user access
- download: 403 if no access
- catalog: filters table list
- query: validates referenced tables against allowed list

New admin permissions API (/api/admin/permissions) for grant/revoke.

28 access control tests + 733 total tests passing.

2026-03-31 12:33:31 +02:00

plans

feat: complete system — web UI, all API endpoints, governance, admin, CLI commands

2026-03-27 16:52:22 +01:00

specs

feat: implement data access control — table-level permissions

2026-03-31 12:33:31 +02:00