|
|
0054383be0
|
docs(01-foundation-01): complete monorepo scaffolding and RLS tenant isolation plan
|
2026-03-23 09:59:55 -06:00 |
|
|
|
47e78627fd
|
feat(01-foundation-01): Alembic migrations with RLS and tenant isolation tests
- alembic.ini + migrations/env.py: async SQLAlchemy migration setup using asyncpg
- migrations/versions/001_initial_schema.py: creates tenants, agents, channel_connections, portal_users
- ENABLE + FORCE ROW LEVEL SECURITY on agents and channel_connections
- RLS policy: tenant_id = current_setting('app.current_tenant', TRUE)::uuid
- konstruct_app role created with SELECT/INSERT/UPDATE/DELETE on all tables
- packages/shared/shared/rls.py: idempotent configure_rls_hook, UUID-sanitized SET LOCAL
- tests/conftest.py: test_db_name (session-scoped), db_engine + db_session as konstruct_app
- tests/unit/test_normalize.py: 11 tests for KonstructMessage Slack normalization (CHAN-01)
- tests/unit/test_tenant_resolution.py: 7 tests for workspace_id → tenant resolution (TNNT-02)
- tests/unit/test_redis_namespacing.py: 15 tests for Redis key namespace isolation (TNNT-03)
- tests/integration/test_tenant_isolation.py: 7 tests proving RLS tenant isolation (TNNT-01)
- tenant_b cannot see tenant_a's agents or channel_connections
- FORCE ROW LEVEL SECURITY verified via pg_class.relforcerowsecurity
|
2026-03-23 09:57:29 -06:00 |
|
|
|
5714acf741
|
feat(01-foundation-01): monorepo scaffolding, Docker Compose, and shared data models
- pyproject.toml: uv workspace with 5 member packages (shared, gateway, router, orchestrator, llm-pool)
- docker-compose.yml: PostgreSQL 16 + Redis 7 + Ollama services on konstruct-net
- .env.example: all required env vars documented, konstruct_app role (not superuser)
- scripts/init-db.sh: creates konstruct_app role at DB init time
- packages/shared/shared/config.py: Pydantic Settings loading all env vars
- packages/shared/shared/models/message.py: KonstructMessage, ChannelType, SenderInfo, MessageContent
- packages/shared/shared/models/tenant.py: Tenant, Agent, ChannelConnection SQLAlchemy 2.0 models
- packages/shared/shared/models/auth.py: PortalUser model for admin portal auth
- packages/shared/shared/db.py: async SQLAlchemy engine, session factory, get_session dependency
- packages/shared/shared/rls.py: current_tenant_id ContextVar and configure_rls_hook with parameterized SET LOCAL
- packages/shared/shared/redis_keys.py: tenant-namespaced key constructors (rate_limit, idempotency, session, engaged_thread)
|
2026-03-23 09:49:28 -06:00 |
|
|
|
d611a07cc2
|
docs(01-foundation): create phase plan
|
2026-03-23 09:32:44 -06:00 |
|
|
|
60080980da
|
docs(01): add research and validation strategy
|
2026-03-23 09:26:15 -06:00 |
|
|
|
2ab18fde4f
|
docs(01): research phase 1 foundation domain
|
2026-03-23 09:25:20 -06:00 |
|
|
|
fe3b36be16
|
docs(state): record phase 1 context session
|
2026-03-23 09:20:02 -06:00 |
|
|
|
d032d81171
|
docs(01): capture phase context
|
2026-03-23 09:19:53 -06:00 |
|
|
|
f39508d297
|
docs: create roadmap (3 phases)
|
2026-03-23 09:06:16 -06:00 |
|
|
|
353f9b3f12
|
docs: define v1 requirements
|
2026-03-23 08:53:20 -06:00 |
|
|
|
376982f16f
|
docs: complete project research
|
2026-03-22 00:12:58 -06:00 |
|
|
|
320da9df87
|
chore: add project config
|
2026-03-22 00:03:51 -06:00 |
|
|
|
fa3aea5f29
|
docs: initialize project
|
2026-03-22 00:01:49 -06:00 |
|
