chihlasm/resolutionflow
1
0
Fork 0
Code Issues 23 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

chore: Task 7+8 — TargetList audit, CI tenant-filter grep check

Browse Source 
Task 7: TargetList dead code audit
- Found active code references in 12+ files across backend and frontend
  (full CRUD API + frontend page + MaintenanceScheduleSection + BatchLaunchModal)
- Decision: migrate to account_id in Phase 1 (cannot drop)
- DB row count not available from code-server — must verify from VPS SSH
  before Phase 1 migration
- Teams orphan check query documented; must run from VPS SSH before Phase 1
- Results documented in spec Section 9

Task 8: CI tenant-filter enforcement check (warn mode)
- Create backend/scripts/check_tenant_filters.py
  Scans endpoint and service files for select() on tenant tables without
  tenant_filter/account_id/user_id in surrounding context. Currently
  reports 109 warnings (Phase 1 backlog). Exits 0 (warn mode).
- Add Check tenant filter enforcement step to backend CI job
  Add --fail flag after Phase 1 backlog clears to make it blocking.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
chihlasm
2026-04-09 04:21:58 +00:00
parent 61402f62a2
commit 0a9b16a28f
3 changed files with 98 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/superpowers/specs/2026-04-09-tenant-data-isolation-design.md
View File

@@ -589,7 +589,8 @@ The following cross-tenant operations are explicitly approved. All others requir
|---|---|---|
| Is tree sharing intra-tenant only, or can trees be shared across accounts? | Determines `tree_shares` schema, backfill strategy, and RLS policy. Tree_shares table deferred until resolved. | Product |
| What is the exact PostgreSQL exception raised when `current_setting('app.current_account_id', false)::uuid` is evaluated with no value set? | Determines the fail-closed test assertion. Must be tested in Phase 2. | Engineering |
| TargetList: zero references + zero rows? Or does data exist? | Determines whether table is dropped or migrated. | Phase 0 audit |
| TargetList audit complete: active code references found in 12+ files across backend and frontend (full CRUD API, frontend page, used in MaintenanceScheduleSection and BatchLaunchModal). Cannot be dropped. Decision: migrate to account_id in Phase 1 via backfill from team_id → accounts. DB row count not available from code-server (Docker only via VPS SSH) — run `SELECT COUNT(*) FROM target_lists;` before Phase 1 migration to confirm data volume. | ✓ Resolved — migrate in Phase 1. Row count verification required before migration. | Phase 0 audit |
| Teams orphan check: DB unavailable from code-server (Docker requires VPS SSH access). Must run before Phase 1 backfill: `SELECT COUNT(*) AS orphaned_teams FROM teams t LEFT JOIN users u ON u.team_id = t.id AND u.account_id IS NOT NULL WHERE u.id IS NULL;` | Count = 0 → proceed. Count > 0 → resolve orphaned teams before any Phase 1 backfill using team_id → account_id chain. | Run from VPS SSH before Phase 1 |
---