chihlasm/resolutionflow
1
0
Fork 0
Code Issues 23 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: Phase 2 tenant isolation — RLS on 11 session tables #134

Merged
chihlasm merged 16 commits from feat/tenant-isolation-phase-2 into main 2026-04-11 07:02:25 +00:00
Conversation 1 Commits 16 Files Changed 28 +4 -2
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 4f4bc435da - Show all commits

6
backend/app/core/admin_database.py
View File

@@ -2,8 +2,10 @@
"""
Admin database engine — connects as resolutionflow_admin (BYPASSRLS).
Use ONLY for /admin/* endpoints and internal tooling.
Never use this engine from user-facing endpoints.
Use ONLY where explicit application-level access control makes database-layer
tenant filtering unnecessary: /admin/* endpoints, internal tooling, and public
endpoints that enforce their own authorization before returning data (e.g.
share access via opaque token + visibility check).
"""
from collections.abc import AsyncGenerator