adelorenzo/konstruct
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: register RLS hook on gateway — agent creation was failing with policy violation

Browse Source 
The gateway never called configure_rls_hook(engine), so SET LOCAL
app.current_tenant was never set for any DB operation through the
portal API endpoints. All tenant-scoped writes (agent creation, etc.)
failed with "new row violates row-level security policy."

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Adolfo Delorenzo
2026-03-25 12:40:08 -06:00
parent 2127d1a844
commit 84d2e775ad
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/gateway/gateway/main.py
View File

@@ -53,13 +53,17 @@ from shared.api import (
webhook_router, webhook_router,
) )
from shared.config import settings from shared.config import settings
from shared.db import async_session_factory from shared.db import async_session_factory, engine
from shared.rls import configure_rls_hook
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
# --------------------------------------------------------------------------- # ---------------------------------------------------------------------------
# FastAPI app # FastAPI app
# --------------------------------------------------------------------------- # ---------------------------------------------------------------------------
# Register RLS hook so tenant context is set for all DB operations
configure_rls_hook(engine)
app = FastAPI( app = FastAPI(
title="Konstruct Channel Gateway", title="Konstruct Channel Gateway",
description="Unified ingress for all messaging platforms", description="Unified ingress for all messaging platforms",