Skip to content

PR17: Configuration Write Path + Safe Key Editing #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
DMontgomery40 wants to merge 1 commit into from
Closed

PR17: Configuration Write Path + Safe Key Editing #18

DMontgomery40 wants to merge 1 commit into from

Conversation

@DMontgomery40
Copy link
Owner

@DMontgomery40 DMontgomery40 commented Sep 26, 2025

Summary

Implements safe configuration editing with full audit trail and cache invalidation for Phase 3.

Changes

Backend Core

  • HierarchicalConfigProvider.set() - Complete CRUD for all hierarchy levels
  • Fernet encryption for sensitive configuration values
  • Audit trail with masked values and HMAC integrity checking
  • Cache invalidation patterns for different hierarchy scopes
  • Validation framework against SAFE_EDIT_KEYS constraints

API Layer

  • POST /admin/config/v4/set endpoint with comprehensive validation
  • V4ConfigSetIn/V4ConfigSetOut Pydantic models
  • Error handling for validation failures and constraint violations
  • AdminAPIClient.v4SetConfig() method for frontend integration

UI Enhancement

  • Inline editing controls for safe configuration keys only
  • Level selector for targeting specific hierarchy levels (global, tenant, dept, group, user)
  • Real-time validation with constraint display
  • Save/Cancel workflow with proper loading states and confirmations
  • Type coercion for boolean/integer values in form inputs

Key Features

Hierarchy Support

  • Global Level: System-wide defaults (no level_id required)
  • Tenant Level: Tenant-specific overrides (requires tenant_id)
  • Department Level: Department within tenant (requires tenant_id:department format)
  • Group Level: Group-specific settings (requires group_id)
  • User Level: User-specific overrides (requires user_id)

Security & Audit

  • Only SAFE_EDIT_KEYS can be modified via Admin Console
  • All changes create audit records with IP, user agent, and reason
  • Encrypted storage for sensitive configuration values using Fernet
  • HMAC verification for audit trail integrity
  • Masked values in audit logs prevent secret exposure

Performance

  • Intelligent cache invalidation based on hierarchy scope affected
  • Pattern-based cache clearing for efficient cache management
  • Redis + memory fallback for distributed caching

Technical Implementation

Database Schema

  • Configuration stored encrypted in hierarchy-specific tables
  • Audit records track all changes with masked values
  • HMAC ensures audit trail integrity

Cache Strategy

  • Global changes: Invalidate all user effective configs
  • Tenant changes: Invalidate configs for users in that tenant
  • User changes: Invalidate only that user's effective config

Testing Verified

  • ✅ Safe key validation prevents editing dangerous keys
  • ✅ Constraint validation enforces min/max values
  • ✅ Hierarchy resolution works correctly after updates
  • ✅ Cache invalidation clears appropriate patterns
  • ✅ Audit records created for all changes
  • ✅ UI editing workflow functions properly

Dependencies

  • Uses existing database models from PR16
  • Uses existing cache infrastructure from PR16
  • Compatible with existing v4 config API endpoints

Next Steps

  • PR18: SSE diagnostics with real-time config change events
  • PR19: Provider health monitoring with config-driven thresholds

Built on PR16 foundation, targeting PR16 branch for integration.

PR17: Implement configuration write path with safe key editing
3116c0a 
✅ Backend Implementation:
- Added comprehensive set() method to HierarchicalConfigProvider
- Implements full CRUD for all hierarchy levels (global, tenant, dept, group, user)
- Encrypted storage with Fernet for sensitive configuration values
- Complete audit trail with masked values and HMAC integrity
- Intelligent cache invalidation patterns for different hierarchy levels
- Proper validation against SAFE_EDIT_KEYS constraints

✅ API Endpoints:
- POST /admin/config/v4/set endpoint with full validation
- V4ConfigSetIn/V4ConfigSetOut Pydantic models
- Comprehensive error handling and audit logging
- Client-side v4SetConfig method added to AdminAPIClient

✅ UI Enhancement:
- Inline editing controls for safe configuration keys
- Level selector for targeting specific hierarchy levels
- Real-time validation feedback and constraint display
- Confirmation dialogs and proper error handling
- Save/Cancel workflow with loading states
- Edit button appears only for keys in SAFE_EDIT_KEYS

✅ Features:
- Supports all hierarchy levels with appropriate level_id validation
- Type coercion for boolean/integer values in UI
- Comprehensive audit trail with reason field
- Cache invalidation triggers automatically after saves
- Proper masking of sensitive values in audit logs

✅ Security:
- Only SAFE_EDIT_KEYS can be modified via Admin Console
- All changes create audit records with IP and user agent
- Encrypted storage for sensitive configuration values
- HMAC verification for audit integrity

This completes the safe write path for hierarchical configuration.
Next: PR18 will add SSE diagnostics, PR19 adds provider health monitoring.
@DMontgomery40
Copy link
Owner Author

DMontgomery40 commented Sep 26, 2025

Closing PR17 due to extensive merge conflicts. The core functionality has been implemented and merged via PR16 and PR18. The configuration write functionality will be implemented in a follow-up PR if needed.

@DMontgomery40 DMontgomery40 deleted the feat/pr17-config-write branch September 26, 2025 22:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@DMontgomery40