johan/inou - inou - Clavitor Git

Commit Graph

Author	SHA1	Message	Date
James	6486a52ad9	refactor: complete RBAC redesign with hierarchical permissions Simplify access control from 500+ lines to ~50 lines of core logic: - New permission bitmask (PermRead/Write/Delete/Manage) - Hierarchical access (dossier → category → entry) - Single choke points: CheckAccess(), EntryQuery(), DossierQuery() - All data access now enforced through lib RBAC layer - Removed complex role templates and permission caching Also improved NewID() to use UUID v4 + SHA-256 hash for better randomness distribution (was limited to 0-7 hex start). Net -210 lines across 28 files. Ready for staging deployment. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-02-11 00:06:02 -05:00
James	c1cd76559d	fix: genome query RBAC - use system context for data access - Updated all genome functions to accept AccessContext parameter - GenomeGetExtraction, GenomeGetTiers, GenomeGetTierByCategory, GenomeGetVariants, GenomeGetVariantsByTier now pass context to EntryList - API genome handler uses system context after dossier access check - Categories endpoint uses system context for counting operations - Fixes MCP query_genome returning 403/no data errors Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-02-07 16:31:17 -05:00
Johan	94946baf00	Initial commit	2026-02-01 02:43:27 -05:00

Author

SHA1

Message

Date

James

6486a52ad9

refactor: complete RBAC redesign with hierarchical permissions

Simplify access control from 500+ lines to ~50 lines of core logic:
- New permission bitmask (PermRead/Write/Delete/Manage)
- Hierarchical access (dossier → category → entry)
- Single choke points: CheckAccess(), EntryQuery(), DossierQuery()
- All data access now enforced through lib RBAC layer
- Removed complex role templates and permission caching

Also improved NewID() to use UUID v4 + SHA-256 hash for better
randomness distribution (was limited to 0-7 hex start).

Net -210 lines across 28 files. Ready for staging deployment.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-11 00:06:02 -05:00

James

c1cd76559d

fix: genome query RBAC - use system context for data access

- Updated all genome functions to accept AccessContext parameter
- GenomeGetExtraction, GenomeGetTiers, GenomeGetTierByCategory,
  GenomeGetVariants, GenomeGetVariantsByTier now pass context to EntryList
- API genome handler uses system context after dossier access check
- Categories endpoint uses system context for counting operations
- Fixes MCP query_genome returning 403/no data errors

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-07 16:31:17 -05:00

Johan

94946baf00

Initial commit

2026-02-01 02:43:27 -05:00

3 Commits