Files
A-Team-Security-Infra-Agent…/backend/app.py
nogueiraguh bc7024c95d feat: user isolation — ownership checks, is_global, per-user embeddings, private reports
- Add is_global column to adb_vector_configs and mcp_servers (schema + migration)
- Add _verify_config_access() and _verify_report_access() helpers
- Apply ownership checks to ~70 endpoints (OCI explore, actions, GenAI, MCP, ADB, reports, embeddings, terraform)
- Reports are 100% private (even admin can't see others')
- Add user_id to embedding metadata + filter in _vector_search/_vector_search_multi
- Remove cross-user ADB fallback in _get_active_adb_configs
- Add auth (token query param) to report HTML and compliance report iframes
- Audit log: admin sees all, user/viewer sees only own
- Embedding task status mapped to user
- Frontend: GLOBAL badge on ADB/MCP configs, hide edit/delete for non-admin on global resources
- Export/import includes is_global field
2026-04-01 01:05:54 -03:00

510 KiB