resolutionflow/backend/app/api/endpoints at 7d262c5b0cda20633b3cd79e91ab7236adb930e2 - resolutionflow - ResolutionFlow - Gitea

chihlasm/resolutionflow

Files

History

chihlasm 7d262c5b0c fix: return 404 instead of 403 for cross-tenant session access

All session endpoints (get, update, complete, scratchpad, variables, export,
ticket-link) now return 404 instead of 403 when a user tries to access
another user's session. This prevents confirming existence of resources
across tenant boundaries.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-09 04:01:52 +00:00

..

__init__.py

Initial commit: Backend API Phase 1a complete

2026-01-22 14:38:53 -05:00

accounts.py

feat(enterprise): add custom branding system — logo, accent color, company name

2026-03-19 20:35:35 +00:00

admin_audit.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_categories.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_dashboard.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_feature_flags.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_gallery.py

feat(gallery): add admin gallery curation endpoints and management page (Task 6)

2026-03-19 20:04:40 +00:00

admin_plan_limits.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_settings.py

feat: implement full admin panel with dashboard, user management, and platform settings

2026-02-08 06:05:59 -05:00

admin_survey.py

feat: Flow Transfer, Procedural Assist & UI Design System (#97 )

2026-03-07 18:44:14 -05:00

admin.py

feat: super admin promote/demote endpoint + admin panel UI

2026-02-24 23:05:42 -05:00

ai_builder.py

feat: command palette, PSA ticket context, session-to-flow converter (#108 )

2026-03-16 13:39:17 -04:00

ai_chat.py

feat: flow export/import + procedural Flow Assist (#96 )

2026-03-07 15:51:37 -05:00

ai_fix.py

feat: add POST /ai/fix-tree endpoint for AI-powered validation fixes

2026-02-26 17:25:38 -05:00

ai_sessions.py

fix: add ownership check and 404 responses to ai-sessions endpoints

2026-04-09 04:01:47 +00:00

ai_suggestions.py

feat: flow export/import + procedural Flow Assist (#96 )

2026-03-07 15:51:37 -05:00

analytics.py

fix: scope analytics/flows/{tree_id} to requesting account

2026-04-09 03:53:57 +00:00

assistant_chat.py

refactor: remove dead assistant_chat system, consolidate image helpers

2026-03-24 05:28:06 +00:00

auth.py

fix: race condition hardening across auth, counters, and data fetching (#102 )

2026-03-10 01:57:22 -04:00

beta_feedback.py

feat: beta feedback widget — frictionless in-session feedback

2026-03-23 13:12:06 +00:00

beta_signup.py

feat: add landing page with beta signup + raise KB node limit to 100

2026-03-12 00:23:29 -04:00

branding.py

feat: add team branding CRUD endpoints with tests

2026-03-17 00:12:00 -04:00

categories.py

fix: scope category tree_count to requesting account

2026-04-09 03:54:01 +00:00

copilot.py

feat: Slate & Ice Modern aesthetic redesign (#94 )

2026-03-04 20:44:25 -05:00

feedback.py

feat: add POST /feedback endpoint with DB persistence and dual emails

2026-02-18 17:43:21 -05:00

flow_proposals.py

feat(notifications): add Phase 4 Slice 2 — multi-channel notification system

2026-03-19 12:37:54 +00:00

flowpilot_analytics.py

fix(analytics): fix 6 backend audit issues — domain matching, funnel counts, decimal casts, dead queries

2026-03-20 00:36:30 +00:00

folders.py

fix: high-severity security hardening (Phase B permissions audit)

2026-02-05 22:44:05 -05:00

integrations.py

feat(ai-session): add Phase 2 PSA integration, escalation handoff, and session management

2026-03-19 01:30:05 +00:00

invite.py

feat: add resend capability for platform and account invite codes

2026-02-11 23:45:23 -05:00

kb_accelerator.py

feat: enable Markdown (.md) file upload in KB Accelerator

2026-03-11 23:29:51 -04:00

maintenance_schedules.py

fix: stabilize maintenance flow run/resume and procedural scrolling

2026-02-17 20:12:07 -05:00

notifications.py

feat(notifications): add Phase 4 Slice 2 — multi-channel notification system

2026-03-19 12:37:54 +00:00

onboarding.py

feat: add onboarding status and dismiss endpoints with tests

2026-03-17 00:05:28 -04:00

public_templates.py

feat(public-gallery): add public templates gallery API (Tasks 2 & 3)

2026-03-19 19:12:34 +00:00

ratings.py

feat: analytics dashboards & two-tier feedback system (#78 )

2026-02-16 15:23:14 -05:00

script_builder.py

fix: close race conditions in script builder session and slug creation

2026-04-01 05:09:42 +00:00

scripts.py

fix: shared filter returns all when user has no team

2026-03-27 19:58:04 +00:00

session_branches.py

fix: add server_default to script_template columns, refresh fork_point after commit

2026-03-27 18:16:42 +00:00

session_handoffs.py

feat: add handoff API endpoints with queue and integration tests

2026-03-24 08:43:32 +00:00

session_resolutions.py

feat: add resolution output API endpoints

2026-03-24 08:47:09 +00:00

sessions.py

fix: return 404 instead of 403 for cross-tenant session access

2026-04-09 04:01:52 +00:00

shared.py

feat: implement tree sharing, draft trees, and session-to-tree conversion (Issues #16 , #25 , #17 )

2026-02-07 23:06:13 -05:00

shares.py

feat: add tree forking, custom step tracking, and session sharing

2026-02-07 19:10:47 -05:00

sidebar.py

fix(escalations): fall back to account_id when team_id is null

2026-03-21 05:04:47 +00:00

step_categories.py

feat: update all endpoints and schemas for account-based model

2026-02-07 02:39:01 -05:00

steps.py

feat: Step Library sync + service account for default tree ownership

2026-02-25 23:17:29 -05:00

supporting_data.py

feat: add supporting data CRUD endpoints with tests

2026-03-17 00:22:40 -04:00

survey.py

feat: AI chat conclusion + survey completion & management (#95 )

2026-03-05 22:43:02 -05:00

tags.py

feat: update all endpoints and schemas for account-based model

2026-02-07 02:39:01 -05:00

target_lists.py

fix: apply code review security and robustness fixes

2026-02-17 16:15:19 -05:00

tree_markdown.py

feat: add dual-mode tree editor with Code Mode, variables, and markdown sync

2026-02-10 09:45:26 -05:00

tree_transfer.py

feat: flow export/import + procedural Flow Assist (#96 )

2026-03-07 15:51:37 -05:00

trees.py

fix: race condition hardening across auth, counters, and data fetching (#102 )

2026-03-10 01:57:22 -04:00

uploads.py

feat: add .docx upload support with text extraction

2026-03-27 21:08:12 +00:00

webhooks.py

feat: update all endpoints and schemas for account-based model

2026-02-07 02:39:01 -05:00