Adds a write-capable create_entry tool to the MCP server, enabling
Claude (Opus/Sonnet/Haiku) to save health insights directly into a
dossier instead of losing them in chat.
Tool: create_entry
- Required: dossier (16-char hex), category (e.g. 'supplement',
'nutrition', 'tracker'), value (short label)
- Optional: type, summary, data (JSON), parent, timestamp (default: now)
- RBAC-enforced via EntryWrite — only writable dossiers accepted
- Category validated against CategoryFromString; unknown categories
return a helpful error listing valid options
- data field validated as JSON before write
Use cases:
- Claude analyzing supplements: 'Create a supplement entry for Vitamin D3
5000 IU with notes on dosing rationale'
- Nutrition logs from a meal conversation
- Tracker observations or AI-generated insights with provenance
The MCP server was previously read-only (all tools had readOnlyHint).
create_entry intentionally omits readOnlyHint as it mutates state.
Critical fixes:
- CR-001: Remove auth backdoor code 250365 (lib/dbcore.go)
High fixes:
- HI-001: Fix CORS wildcard to use origin allowlist (portal/api_mobile.go, portal/mcp_http.go)
- HI-002: Fix LOINC skip logic - skip only if BOTH SearchKey2 AND LOINC are set (lib/normalize.go)
Also added:
- Full code review report at docs/CODE-REVIEW-2026-02-28.md
14 issues found: 2 critical, 4 high, 5 medium, 3 low
3 fixes applied, remaining are documented for follow-up
- Fix lab chart reference bands: parse DOB in DossierFromEntry, generate
deterministic ref_ids in import-caliper (was collapsing 4363 rows to 1)
- Consolidate DossierFromEntry into lib/dbcore.go (eliminate portal duplicate)
- Add Import field to entries for batch undo (NextImportID, all import paths)
- MyChart direct JSON parsing (skip Gemini for structured lab data)
- Multi-order extraction from markdown/text tables
- Normalize progress callback for UI feedback
- DICOM import, genome import, API, portal, MCP, translation updates
- Remove test DICOM data from repo
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Simplify access control from 500+ lines to ~50 lines of core logic:
- New permission bitmask (PermRead/Write/Delete/Manage)
- Hierarchical access (dossier → category → entry)
- Single choke points: CheckAccess(), EntryQuery(), DossierQuery()
- All data access now enforced through lib RBAC layer
- Removed complex role templates and permission caching
Also improved NewID() to use UUID v4 + SHA-256 hash for better
randomness distribution (was limited to 0-7 hex start).
Net -210 lines across 28 files. Ready for staging deployment.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
list_dossiers, list_studies, list_series, list_slices, query_entries,
get_categories, query_genome — all now call lib directly with
AccessContext{AccessorID: dossierID}. No more HTTP roundtrip to the
internal API with its separate auth path.
Image and journal tools still use API (image rendering logic lives
there, and the API already enforces RBAC via lib.CheckAccess).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Rename Query→dbQuery, Save→dbSave, Load→dbLoad, Delete→dbDelete,
Count→dbCount in lib/db_queries.go. Go compiler now prevents any code
outside lib/ from bypassing RBAC checks.
All external callers migrated to RBAC-checked functions:
- EntryCategoryCounts, EntryCount, EntryListByDossier (new)
- LabTestList, LabEntryListForIndex, LabRefLookupAll (new)
- GenomeQuery now requires AccessContext
- EntryDeleteByCategory/EntryDeleteTree now require AccessContext
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Replace N separate SQL queries with single IN clause for rsids and genes
- Dedup results by rsid, merging categories from multiple tiers
- Add repute filter (Good/Bad/Clear) to genome queries
- Expose limit/offset as MCP parameters
- Add genotype to search check
- Fix category filter in genomeEntriesToResult
- Remove deprecated api/api_categories.go and api/api_genome.go
- Change GenomeMatch to use Categories []string instead of Category+Subcategory
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add /legal/terms with comprehensive ToS content
- Add terms link to footer navigation
- Add /legal/terms to defense.go whitelist for external access
- Update privacy policy and DPA templates with improved styling
- Refactor RBAC editor template formatting
- Add prompts AI setup documentation
- Include database migration scripts
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Updated all genome functions to accept AccessContext parameter
- GenomeGetExtraction, GenomeGetTiers, GenomeGetTierByCategory,
GenomeGetVariants, GenomeGetVariantsByTier now pass context to EntryList
- API genome handler uses system context after dossier access check
- Categories endpoint uses system context for counting operations
- Fixes MCP query_genome returning 403/no data errors
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
James
Johan