feat: tenant isolation Phase 0 — app-layer filters, UUID audit, CI gate (#132)

* docs: add tenant data isolation design spec Complete architecture plan for multi-tenant data isolation across all layers (PostgreSQL RLS, application-layer filtering, schema migration, testing strategy, and phased rollout checklist). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * docs: add background job isolation policy to tenant isolation spec Documents policy for all 5 existing background jobs: - Knowledge Flywheel and PSA Retry flagged for account_id threading - Chat Retention already follows correct pattern (model for others) - Maintenance Schedule Firing needs account_id in queries + Session creation - AI Conversation Expiry approved as cross-tenant with justification Adds approved cross-tenant query registry and Phase 2 checklist items. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * docs: add tenant isolation Phase 0 implementation plan 8 tasks covering: CRITICAL copilot hotfix, tenant_filter() helper, get_tenant_context dependency, analytics/category/AI session gap fixes, full UUID endpoint audit, TargetList dead code audit, teams orphan check, and CI grep check for missing tenant filters. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat: add tenant_filter() helper and get_tenant_context dependency tenant_filter(model, account_id) is the canonical app-layer tenant scoping expression. Every query on a tenant table must use it. build_tree_access_filter and build_step_visibility_filter updated to call tenant_filter() internally for the account_id match. get_tenant_context is a FastAPI dependency that returns account_id or raises 403 if the user has no account — prevents raw access to current_user.account_id and centralises the null check. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: scope analytics/flows/{tree_id} to requesting account Any authenticated user could read flow analytics (session counts, completion rates, CSAT) for any tree UUID. Now returns 404 if the tree doesn't belong to the requesting account. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: scope category tree_count to requesting account tree_count on GET /categories/{id} was including trees from all accounts, leaking cross-tenant row counts. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: restrict AI session search to current user only Search endpoint used OR(user_id, account_id), exposing other users' problem_summary and problem_domain within the same account. Sessions are user-scoped only — cross-user access requires explicit escalation or sharing. List and search endpoints now behave consistently. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: add ownership check and 404 responses to ai-sessions endpoints Cross-tenant isolation audit found: - retry-psa-push had NO ownership check (CRITICAL) — any user could retry any session's PSA push - save_task_lane used db.get() without ownership filter, returned 403 revealing existence - get_session returned 403 instead of 404 for unauthorized access - stream_documentation returned 403 instead of 404 All now use query-level user_id filtering and return 404 to avoid revealing existence. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-tenant session access All session endpoints (get, update, complete, scratchpad, variables, export, ticket-link) now return 404 instead of 403 when a user tries to access another user's session. This prevents confirming existence of resources across tenant boundaries. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-tenant tree access get_tree and update_tree now return 404 when a user cannot access a tree (private tree from another account). Prevents confirming resource existence across tenant boundaries. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-tenant step access get_step_or_404 now returns 404 when can_view_step or can_edit_step fails, preventing confirmation of step existence across tenant boundaries. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-tenant upload access get_upload_url and delete_upload now return 404 when the upload belongs to a different account/user, preventing resource existence confirmation. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-tenant share access revoke_share and create_share now return 404 when the caller is not the owner, preventing resource existence confirmation across users. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-team tree access in maintenance schedules _get_tree_or_403 now returns 404 when the user's team does not match, preventing confirmation of tree existence across teams. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-account tag access get_tag now returns 404 for account-specific tags that belong to another account, preventing resource existence confirmation. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 instead of 403 for cross-account step category access get_step_category now returns 404 for account-specific categories that belong to another account, preventing resource existence confirmation. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * test: add cross-tenant isolation tests for Task 6 UUID audit Tests cover: - Tree GET/PUT returns 404 for cross-account access - Session GET returns 404 for cross-user access - AI session GET returns 404 for cross-user access - AI session retry-psa-push requires ownership - Upload URL returns 404 for cross-account access - Share revoke returns 404 for cross-user access Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: return 404 (not 403) for get_documentation cross-user access; add missing Task 6 tests get_documentation was revealing session existence via 403. Added pre-check query filtering by session_id AND user_id before calling the engine. Also add cross-tenant isolation tests for steps, tags, step_categories, and maintenance_schedules endpoints fixed in Task 6 (TDD was skipped). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: address Task 6 quality review — rename helper, restore 403 for intra-account, add docs test - Rename _get_tree_or_403 → _get_tree_or_404 in maintenance_schedules.py (function now raises 404, old name was misleading) - Restore HTTP 403 for intra-account permission failures in update_tree: same-account users who can see a tree but can't edit it got 404 (wrong); only cross-account lookups should return 404 to avoid confirming existence - Apply same 403/404 distinction to update_tree_visibility - Add test: get_documentation must return 404 for cross-user session access - Add comment documenting owner-only design for documentation endpoints Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore: Task 7+8 — TargetList audit, CI tenant-filter grep check Task 7: TargetList dead code audit - Found active code references in 12+ files across backend and frontend (full CRUD API + frontend page + MaintenanceScheduleSection + BatchLaunchModal) - Decision: migrate to account_id in Phase 1 (cannot drop) - DB row count not available from code-server — must verify from VPS SSH before Phase 1 migration - Teams orphan check query documented; must run from VPS SSH before Phase 1 - Results documented in spec Section 9 Task 8: CI tenant-filter enforcement check (warn mode) - Create backend/scripts/check_tenant_filters.py Scans endpoint and service files for select() on tenant tables without tenant_filter/account_id/user_id in surrounding context. Currently reports 109 warnings (Phase 1 backlog). Exits 0 (warn mode). - Add Check tenant filter enforcement step to backend CI job Add --fail flag after Phase 1 backlog clears to make it blocking. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * docs: record Phase 0 audit results — 0 orphaned teams, 0 target_list rows Both checks confirmed 2026-04-09 from production DB. Phase 1 migration is safe to proceed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 00:42:19 -04:00
parent 29a9573d6e
commit b3dba57bc5
17 changed files with 759 additions and 101 deletions
--- a/backend/app/api/endpoints/ai_sessions.py
+++ b/backend/app/api/endpoints/ai_sessions.py
@@ -519,11 +519,15 @@ async def save_task_lane(
    _: None = Depends(require_engineer_or_admin),
 ):
    """Save the current task lane state including user's in-progress responses."""
-    session = await db.get(AISession, session_id)
+    result = await db.execute(
+        select(AISession).where(
+            AISession.id == session_id,
+            AISession.user_id == current_user.id,
+        )
+    )
+    session = result.scalar_one_or_none()
    if not session:
        raise HTTPException(status_code=404, detail="Session not found")
-    if session.user_id != current_user.id:
-        raise HTTPException(status_code=403, detail="Not your session")

    payload = {
        "questions": [q.model_dump() for q in body.questions],
@@ -762,13 +766,13 @@ async def search_sessions(
    limit: int = Query(5, ge=1, le=20),
 ):
    """Search AI sessions by content using full-text search. Used by Command Palette."""
+    # Sessions are user-scoped. The list endpoint uses user_id only;
+    # search must be consistent. Cross-user access requires explicit
+    # escalation or session sharing — not ambient account membership.
    result = await db.execute(
        select(AISession)
        .where(
-            or_(
-                AISession.user_id == current_user.id,
-                AISession.account_id == current_user.account_id,
-            ),
+            AISession.user_id == current_user.id,
            text("ai_sessions.search_vector @@ plainto_tsquery('english', :q)"),
        )
        .params(q=q)
@@ -901,7 +905,7 @@ async def get_session(
    pkg = session.escalation_package or {}
    is_handler = pkg.get("picked_up_by") == str(current_user.id)
    if session.user_id != current_user.id and session.escalated_to_id != current_user.id and not is_handler:
-        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Not authorized")
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Session not found")

    return _build_session_detail(session)

@@ -917,6 +921,18 @@ async def get_documentation(
    db: Annotated[AsyncSession, Depends(get_db)],
 ):
    """Get auto-generated documentation for a session."""
+    # Verify session ownership — owner only. Documentation endpoints require direct
+    # ownership; escalated_to_id / picked_up_by handlers use get_session (read-only).
+    # This is consistent with stream_documentation which has the same owner-only check.
+    result = await db.execute(
+        select(AISession).where(
+            AISession.id == session_id,
+            AISession.user_id == current_user.id,
+        )
+    )
+    if not result.scalar_one_or_none():
+        raise HTTPException(status_code=404, detail="Session not found")
+
    try:
        return await flowpilot_engine.get_session_documentation(
            session_id=session_id,
@@ -942,13 +958,14 @@ async def stream_documentation(

    # Verify session ownership
    result = await db.execute(
-        select(AISession).where(AISession.id == session_id)
+        select(AISession).where(
+            AISession.id == session_id,
+            AISession.user_id == current_user.id,
+        )
    )
    session = result.scalar_one_or_none()
    if not session:
        raise HTTPException(status_code=404, detail="Session not found")
-    if session.user_id != current_user.id:
-        raise HTTPException(status_code=403, detail="Not authorized")

    async def event_generator():
        try:
@@ -1043,6 +1060,19 @@ async def retry_psa_push_endpoint(
    """Manually retry a failed PSA documentation push."""
    from app.models.psa_post_log import PsaPostLog

+    # Verify the session belongs to the current user
+    session_result = await db.execute(
+        select(AISession).where(
+            AISession.id == session_id,
+            AISession.user_id == current_user.id,
+        )
+    )
+    if not session_result.scalar_one_or_none():
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found",
+        )
+
    # Find the latest failed push log for this session
    result = await db.execute(
        select(PsaPostLog)
--- a/backend/app/api/endpoints/analytics.py
+++ b/backend/app/api/endpoints/analytics.py
@@ -7,6 +7,7 @@ from sqlalchemy.ext.asyncio import AsyncSession

 from app.core.database import get_db
 from app.api.deps import get_current_active_user
+from app.core.filters import tenant_filter
 from app.models import User, Session, Tree, SessionRating
 from app.schemas.analytics import (
    TeamAnalyticsResponse, PersonalAnalyticsResponse, FlowAnalyticsResponse,
@@ -290,8 +291,13 @@ async def get_flow_analytics(
    current_user: User = Depends(get_current_active_user),
 ):
    """Analytics for a specific flow."""
-    # Verify tree exists
-    result = await db.execute(select(Tree).where(Tree.id == tree_id))
+    # Verify tree exists and belongs to the requesting user's account.
+    result = await db.execute(
+        select(Tree).where(
+            Tree.id == tree_id,
+            tenant_filter(Tree, current_user.account_id),
+        )
+    )
    tree = result.scalar_one_or_none()
    if not tree:
        raise HTTPException(status_code=404, detail="Flow not found")
--- a/backend/app/api/endpoints/categories.py
+++ b/backend/app/api/endpoints/categories.py
@@ -12,6 +12,7 @@ from app.models.user import User
 from app.schemas.category import CategoryCreate, CategoryUpdate, CategoryResponse, CategoryListResponse
 from app.api.deps import get_current_active_user
 from app.core.permissions import can_manage_category, can_create_category
+from app.core.filters import tenant_filter

 router = APIRouter(prefix="/categories", tags=["categories"])

@@ -108,10 +109,12 @@ async def get_category(
            detail="You don't have access to this category"
        )

-    # Get tree count
+    # Get tree count — scoped to the requesting account so cross-account
+    # trees in shared categories are not counted.
    count_query = select(func.count(Tree.id)).where(
        Tree.category_id == category.id,
-        Tree.is_active == True
+        Tree.is_active == True,
+        tenant_filter(Tree, current_user.account_id),
    )
    count_result = await db.execute(count_query)
    tree_count = count_result.scalar() or 0
--- a/backend/app/api/endpoints/maintenance_schedules.py
+++ b/backend/app/api/endpoints/maintenance_schedules.py
@@ -29,8 +29,8 @@ def _compute_next_run(cron_expression: str, tz_name: str) -> datetime:
    return cron.get_next(datetime).astimezone(timezone.utc)


-async def _get_tree_or_403(tree_id: UUID, current_user: User, db: AsyncSession) -> "Tree":
-    """Fetch tree and verify the current user's team owns it."""
+async def _get_tree_or_404(tree_id: UUID, current_user: User, db: AsyncSession) -> "Tree":
+    """Fetch tree and verify the current user's team owns it. Raises 404 if not found or access denied."""
    result = await db.execute(select(Tree).where(Tree.id == tree_id))
    tree = result.scalar_one_or_none()
    if not tree:
@@ -38,7 +38,7 @@ async def _get_tree_or_403(tree_id: UUID, current_user: User, db: AsyncSession)
    # Super admins can access any tree; regular users must be on the same team
    if not getattr(current_user, 'is_super_admin', False):
        if tree.team_id != current_user.team_id:
-            raise HTTPException(status_code=403, detail="Access denied")
+            raise HTTPException(status_code=404, detail="Tree not found")
    return tree


@@ -51,7 +51,7 @@ async def create_schedule(
 ):
    """Create a cron schedule for a maintenance flow. One per flow."""
    # Verify user's team owns the tree
-    tree = await _get_tree_or_403(data.tree_id, current_user, db)
+    tree = await _get_tree_or_404(data.tree_id, current_user, db)
    if tree.tree_type != "maintenance":
        raise HTTPException(status_code=400, detail="Schedules are only supported for maintenance flows")

@@ -94,7 +94,7 @@ async def get_schedule_for_tree(
 ):
    """Get the schedule for a specific maintenance flow."""
    # Verify user's team owns the tree before returning schedule data
-    await _get_tree_or_403(tree_id, current_user, db)
+    await _get_tree_or_404(tree_id, current_user, db)

    result = await db.execute(
        select(MaintenanceSchedule).where(MaintenanceSchedule.tree_id == tree_id)
@@ -122,7 +122,7 @@ async def update_schedule(
        raise HTTPException(status_code=404, detail="Schedule not found")

    # Verify user's team owns the tree this schedule belongs to
-    await _get_tree_or_403(schedule.tree_id, current_user, db)
+    await _get_tree_or_404(schedule.tree_id, current_user, db)

    update_fields = data.model_fields_set
    was_active = schedule.is_active
--- a/backend/app/api/endpoints/sessions.py
+++ b/backend/app/api/endpoints/sessions.py
@@ -143,8 +143,8 @@ async def get_session(

    if session.user_id != current_user.id and session.assigned_to_id != current_user.id:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this session"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found"
        )

    return session
@@ -234,8 +234,8 @@ async def update_session(

    if session.user_id != current_user.id and session.assigned_to_id != current_user.id:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this session"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found"
        )

    if session.completed_at:
@@ -281,8 +281,8 @@ async def complete_session(

    if session.user_id != current_user.id and session.assigned_to_id != current_user.id:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this session"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found"
        )

    if session.completed_at:
@@ -319,8 +319,8 @@ async def update_scratchpad(

    if session.user_id != current_user.id and session.assigned_to_id != current_user.id:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this session"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found"
        )

    session.scratchpad = data.scratchpad
@@ -348,8 +348,8 @@ async def update_session_variables(

    if session.user_id != current_user.id and session.assigned_to_id != current_user.id:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this session"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found"
        )

    if session.completed_at:
@@ -387,8 +387,8 @@ async def export_session(

    if session.user_id != current_user.id and session.assigned_to_id != current_user.id:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this session"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found"
        )

    # PDF export — separate path with binary response
@@ -830,8 +830,8 @@ async def link_ticket(
    if session.user_id != current_user.id and session.assigned_to_id != current_user.id:
        if not current_user.is_super_admin:
            raise HTTPException(
-                status_code=status.HTTP_403_FORBIDDEN,
-                detail="You don't have access to this session",
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="Session not found",
            )

    # Unlink
--- a/backend/app/api/endpoints/shares.py
+++ b/backend/app/api/endpoints/shares.py
@@ -72,8 +72,8 @@ async def create_share(

    if session.user_id != current_user.id and not current_user.is_super_admin:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="Only the session owner can create share links"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Session not found"
        )

    # Require account_id for account-scoped shares
@@ -170,8 +170,8 @@ async def revoke_share(

    if share.created_by != current_user.id and not current_user.is_super_admin:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="Only the share creator can revoke it"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Share not found"
        )

    share.is_active = False
--- a/backend/app/api/endpoints/step_categories.py
+++ b/backend/app/api/endpoints/step_categories.py
@@ -94,8 +94,8 @@ async def get_step_category(
    # Check access: global categories visible to all, account categories only to account members
    if category.account_id and category.account_id != current_user.account_id and not current_user.is_super_admin:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this step category"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Step category not found"
        )

    return StepCategoryResponse(
--- a/backend/app/api/endpoints/steps.py
+++ b/backend/app/api/endpoints/steps.py
@@ -47,10 +47,10 @@ async def get_step_or_404(
        raise HTTPException(status_code=404, detail="Step not found")

    if check_view and not can_view_step(current_user, step):
-        raise HTTPException(status_code=403, detail="Not authorized to view this step")
+        raise HTTPException(status_code=404, detail="Step not found")

    if check_edit and not can_edit_step(current_user, step):
-        raise HTTPException(status_code=403, detail="Not authorized to modify this step")
+        raise HTTPException(status_code=404, detail="Step not found")

    return step

--- a/backend/app/api/endpoints/tags.py
+++ b/backend/app/api/endpoints/tags.py
@@ -105,8 +105,8 @@ async def get_tag(
    # Check access: global tags visible to all, account tags only to account members
    if tag.account_id and tag.account_id != current_user.account_id and not current_user.is_super_admin:
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this tag"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Tag not found"
        )

    return TagResponse.model_validate(tag)
--- a/backend/app/api/endpoints/trees.py
+++ b/backend/app/api/endpoints/trees.py
@@ -392,8 +392,8 @@ async def get_tree(

    if not tree.is_active or not can_access_tree(current_user, tree):
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You don't have access to this tree"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Tree not found"
        )

    return build_full_tree_response(tree)
@@ -610,9 +610,17 @@ async def update_tree(
        )

    if not can_edit_tree(current_user, tree):
+        # If the user can see this tree (same account, team visibility), give a 403 with
+        # a clear message — returning 404 here would be confusing since GET returns 200.
+        # For truly inaccessible trees (cross-account), return 404 to avoid confirming existence.
+        if can_access_tree(current_user, tree):
+            raise HTTPException(
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail="You do not have permission to edit this flow"
+            )
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You can only edit your own trees"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Tree not found"
        )

    # Extract tags for separate handling
@@ -1144,9 +1152,17 @@ async def update_tree_visibility(
        )

    if not can_edit_tree(current_user, tree):
+        # If the user can see this tree (same account, team visibility), give a 403 with
+        # a clear message — returning 404 here would be confusing since GET returns 200.
+        # For truly inaccessible trees (cross-account), return 404 to avoid confirming existence.
+        if can_access_tree(current_user, tree):
+            raise HTTPException(
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail="You do not have permission to edit this flow"
+            )
        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="You can only edit your own trees"
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Tree not found"
        )

    # Update visibility
--- a/backend/app/api/endpoints/uploads.py
+++ b/backend/app/api/endpoints/uploads.py
@@ -255,9 +255,9 @@ async def get_upload_url(
    if upload is None:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Upload not found")

-    # Verify the upload belongs to the user's account
+    # Verify the upload belongs to the user's account — 404 to avoid revealing existence
    if upload.account_id != current_user.account_id and not current_user.is_super_admin:
-        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Access denied")
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Upload not found")

    url = storage_service.get_presigned_url(upload.storage_key)
    return {"url": url}
@@ -311,9 +311,9 @@ async def delete_upload(
    if upload is None:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Upload not found")

-    # Verify ownership
+    # Verify ownership — 404 to avoid revealing existence
    if upload.uploaded_by != current_user.id and not current_user.is_super_admin:
-        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Access denied")
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Upload not found")

    # Delete from S3
    await storage_service.delete_file(upload.storage_key)