Michael Chihlas
80baf89b00
Phase 2 Task 31. Single flag now controls whether the public-facing
self-serve flow is exposed.
- New public endpoint GET /api/v1/config/public returns
{self_serve_enabled, oauth_providers}. oauth_providers includes
"google" if GOOGLE_CLIENT_ID is set and "microsoft" if MS_CLIENT_ID
is set. No auth required; consumed once by the frontend at load.
- POST /auth/register: when SELF_SERVE_ENABLED=true the platform
invite-code requirement is bypassed even with REQUIRE_INVITE_CODE=true.
invite_code stays in the schema for backward compat and still applies
when supplied. With the flag off, the gate behaves exactly as before.
- Adds backend/app/schemas/config.py with PublicConfigResponse and
registers the new router in the public/unauthenticated section.
- Adds 3 integration tests in tests/test_config_public.py covering the
flag round-trip, the regression case (flag off keeps the 400), and
the new behavior (flag on bypasses the gate, creates user + Pro trial).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
182 lines
8.1 KiB
Python
182 lines
8.1 KiB
Python
from fastapi import APIRouter, Depends
|
|
|
|
from app.api.deps import (
|
|
require_tenant_context,
|
|
require_active_subscription,
|
|
require_verified_email_after_grace,
|
|
)
|
|
from app.api.endpoints import (
|
|
admin,
|
|
admin_audit,
|
|
admin_categories,
|
|
admin_dashboard,
|
|
admin_feature_flags,
|
|
admin_gallery,
|
|
admin_plan_limits,
|
|
admin_settings,
|
|
admin_survey,
|
|
ai_builder,
|
|
ai_chat,
|
|
ai_fix,
|
|
ai_sessions,
|
|
ai_suggestions,
|
|
analytics,
|
|
assistant_chat,
|
|
auth,
|
|
billing,
|
|
beta_feedback,
|
|
beta_signup,
|
|
sales_leads,
|
|
branding,
|
|
categories,
|
|
config as config_endpoints,
|
|
copilot,
|
|
device_types,
|
|
draft_templates,
|
|
feedback,
|
|
flow_proposals,
|
|
flowpilot_analytics,
|
|
folders,
|
|
integrations,
|
|
invite,
|
|
kb_accelerator,
|
|
maintenance_schedules,
|
|
network_diagrams,
|
|
notifications,
|
|
oauth as oauth_endpoints,
|
|
onboarding,
|
|
public_templates,
|
|
ratings,
|
|
scripts,
|
|
script_builder,
|
|
session_branches,
|
|
session_facts,
|
|
session_handoffs,
|
|
session_resolutions,
|
|
session_suggested_fixes,
|
|
sessions,
|
|
shared,
|
|
shares,
|
|
sidebar,
|
|
step_categories,
|
|
steps,
|
|
supporting_data,
|
|
survey,
|
|
tags,
|
|
target_lists,
|
|
tree_markdown,
|
|
tree_transfer,
|
|
trees,
|
|
uploads,
|
|
webhooks,
|
|
accounts,
|
|
)
|
|
|
|
api_router = APIRouter()
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Public / unauthenticated endpoints — no tenant context
|
|
#
|
|
# Note: auth.router contains both public endpoints (register, login,
|
|
# forgot-password, reset-password, email/verify) and authenticated endpoints
|
|
# (GET/PATCH /me, logout, change-password, email/send-verification).
|
|
# The authenticated auth endpoints only query the `users` table, which is
|
|
# excluded from Phase 1 RLS. They work correctly without tenant context
|
|
# in Phase 1. This will need revisiting in Phase 2 when `users` gets RLS.
|
|
# ---------------------------------------------------------------------------
|
|
api_router.include_router(auth.router)
|
|
api_router.include_router(oauth_endpoints.router)
|
|
api_router.include_router(billing.router) # Reachable when subscription locked
|
|
api_router.include_router(shared.router) # Public share links (no auth)
|
|
api_router.include_router(shares.public_router) # Public session share links (optional auth)
|
|
api_router.include_router(beta_signup.router)
|
|
api_router.include_router(sales_leads.router) # Talk-to-Sales (no auth, rate-limited)
|
|
api_router.include_router(webhooks.router) # Stripe webhook receiver
|
|
api_router.include_router(public_templates.router) # Public gallery (no auth, rate-limited)
|
|
api_router.include_router(survey.router) # Public survey flow (no auth, rate-limited)
|
|
api_router.include_router(config_endpoints.router) # Public runtime feature flags
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Admin endpoints — super_admin only
|
|
# admin_categories, admin_gallery, admin_dashboard, admin query Phase 1 RLS
|
|
# tables and MUST use get_admin_db (migrated in Task 8). The remaining admin
|
|
# endpoints (admin_audit, admin_plan_limits, admin_feature_flags,
|
|
# admin_settings, admin_survey) are safe until Phase 2 extends RLS.
|
|
# ---------------------------------------------------------------------------
|
|
api_router.include_router(admin.router)
|
|
api_router.include_router(admin_dashboard.router)
|
|
api_router.include_router(admin_audit.router)
|
|
api_router.include_router(admin_plan_limits.router)
|
|
api_router.include_router(admin_feature_flags.router)
|
|
api_router.include_router(admin_settings.router)
|
|
api_router.include_router(admin_categories.router)
|
|
api_router.include_router(admin_survey.router)
|
|
api_router.include_router(admin_gallery.router)
|
|
# ---------------------------------------------------------------------------
|
|
# User-facing endpoints — tenant context required
|
|
#
|
|
# _tenant_deps: routers that only require an authenticated user inside a
|
|
# tenant (auth/account/admin/non-Pro feature surfaces).
|
|
# _pro_deps: routers gated behind an active Pro subscription. Adds
|
|
# require_active_subscription which raises 402 unless the
|
|
# account's Subscription is active/complimentary/past_due or
|
|
# trialing-with-time-remaining. Allowlisted paths in deps.py
|
|
# bypass the gate for billing/account admin/auth flows.
|
|
# ---------------------------------------------------------------------------
|
|
_tenant_deps = [Depends(require_tenant_context)]
|
|
_pro_deps = [
|
|
Depends(require_tenant_context),
|
|
Depends(require_active_subscription),
|
|
Depends(require_verified_email_after_grace),
|
|
]
|
|
|
|
api_router.include_router(trees.router, dependencies=_pro_deps)
|
|
api_router.include_router(sidebar.router, dependencies=_tenant_deps)
|
|
api_router.include_router(sessions.router, dependencies=_pro_deps)
|
|
api_router.include_router(invite.router, dependencies=_tenant_deps)
|
|
api_router.include_router(categories.router, dependencies=_tenant_deps)
|
|
api_router.include_router(tags.router, dependencies=_tenant_deps)
|
|
api_router.include_router(folders.router, dependencies=_tenant_deps)
|
|
api_router.include_router(step_categories.router, dependencies=_pro_deps)
|
|
api_router.include_router(steps.router, dependencies=_pro_deps)
|
|
api_router.include_router(accounts.router, dependencies=_tenant_deps)
|
|
api_router.include_router(shares.router, dependencies=_tenant_deps)
|
|
api_router.include_router(tree_markdown.router, dependencies=_tenant_deps)
|
|
api_router.include_router(ratings.router, dependencies=_tenant_deps)
|
|
api_router.include_router(analytics.router, dependencies=_pro_deps)
|
|
api_router.include_router(target_lists.router, dependencies=_tenant_deps)
|
|
api_router.include_router(maintenance_schedules.router, dependencies=_tenant_deps)
|
|
api_router.include_router(feedback.router, dependencies=_tenant_deps)
|
|
api_router.include_router(ai_builder.router, dependencies=_tenant_deps)
|
|
api_router.include_router(ai_fix.router, dependencies=_tenant_deps)
|
|
api_router.include_router(ai_chat.router, dependencies=_tenant_deps)
|
|
api_router.include_router(copilot.router, dependencies=_tenant_deps)
|
|
api_router.include_router(assistant_chat.router, dependencies=_pro_deps)
|
|
api_router.include_router(tree_transfer.router, dependencies=_tenant_deps)
|
|
api_router.include_router(ai_suggestions.router, dependencies=_tenant_deps)
|
|
api_router.include_router(kb_accelerator.router, dependencies=_tenant_deps)
|
|
api_router.include_router(scripts.router, dependencies=_pro_deps)
|
|
api_router.include_router(integrations.router, dependencies=_pro_deps)
|
|
api_router.include_router(onboarding.router, dependencies=_tenant_deps)
|
|
api_router.include_router(branding.router, dependencies=_tenant_deps)
|
|
api_router.include_router(supporting_data.router, dependencies=_tenant_deps)
|
|
api_router.include_router(network_diagrams.router, dependencies=_tenant_deps)
|
|
# session_handoffs queue router must come before ai_sessions to avoid conflict
|
|
api_router.include_router(session_handoffs.queue_router, dependencies=_pro_deps)
|
|
api_router.include_router(session_resolutions.router, dependencies=_pro_deps)
|
|
# session_facts mounts under /ai-sessions/{id}/facts — register before ai_sessions
|
|
# so the {session_id}/facts subpaths take precedence over any future generic catchalls.
|
|
api_router.include_router(session_facts.router, dependencies=_pro_deps)
|
|
api_router.include_router(session_suggested_fixes.router, dependencies=_pro_deps)
|
|
api_router.include_router(draft_templates.router, dependencies=_tenant_deps)
|
|
api_router.include_router(ai_sessions.router, dependencies=_pro_deps)
|
|
api_router.include_router(flow_proposals.router, dependencies=_pro_deps)
|
|
api_router.include_router(flowpilot_analytics.router, dependencies=_pro_deps)
|
|
api_router.include_router(notifications.router, dependencies=_tenant_deps)
|
|
api_router.include_router(uploads.router, dependencies=_tenant_deps)
|
|
api_router.include_router(script_builder.router, dependencies=_pro_deps)
|
|
api_router.include_router(beta_feedback.router, dependencies=_tenant_deps)
|
|
api_router.include_router(session_branches.router, dependencies=_pro_deps)
|
|
api_router.include_router(session_handoffs.router, dependencies=_pro_deps)
|
|
api_router.include_router(device_types.router, dependencies=_tenant_deps)
|