Skip to content

feat: implement audit events and principal roles#346

Merged
manojbajaj95 merged 2 commits into
mainfrom
feature/improve-admin-role-policy
May 29, 2026
Merged

feat: implement audit events and principal roles#346
manojbajaj95 merged 2 commits into
mainfrom
feature/improve-admin-role-policy

Conversation

@manojbajaj95
Copy link
Copy Markdown
Collaborator

@manojbajaj95 manojbajaj95 commented May 28, 2026
edited
Loading

Summary

  • implement ADR 005 with OTel audit events, a server-owned SQLite exporter, /audit/events query/post routes, and proxy fire-and-forget audit posts
  • implement ADR 006 with persisted principal roles, first-principal-admin assignment, migration for existing principal rows, and route-level admin enforcement
  • remove shallow audit model coverage and add ADR-focused tests for audit querying, proxy enrichment, role assignment, migration, and admin-only routes

Verification

  • uv run ruff format src/ tests/
  • uv run ruff check src/ tests/
  • uv run ty check src/
  • uv run pytest
  • uv run pre-commit run --all-files

beubax
beubax reviewed May 28, 2026
View reviewed changes
Comment thread docs/adr/0006-principal-roles-admin-user.md
## Consequences

- `AUTHSOME_ADMIN_PRINCIPALS` env var and `is_admin_principal()` are removed entirely.
- Admin enforcement at the route level uses a `get_admin_auth_service` FastAPI dependency (parallel to `get_protected_auth_service`) that raises `HTTP 403` for non-admin principals.
Copy link
Copy Markdown
Collaborator

@beubax beubax May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need a separate get_admin_auth_service fastapi dependency? The guardrails are only in two places - one while mutating the provider client credentials and the other when displaying the provider UI (which is not an auth service property). Maybe we can just check for principal role in these two places

@manojbajaj95
feat: implement audit events and principal roles
0ed077b 
Implement ADR 005 by routing audit events through OpenTelemetry with a server-owned SQLite exporter and query endpoint. Implement ADR 006 by persisting principal roles, assigning first principal admin, and enforcing admin-only routes at the FastAPI dependency layer.

Entire-Checkpoint: df60966364f1
@manojbajaj95 manojbajaj95 changed the title feat: Add docs for design of principal roles and audit feat: implement audit events and principal roles May 28, 2026
@manojbajaj95 manojbajaj95 merged commit 9503710 into main May 29, 2026
5 checks passed
@manojbajaj95 manojbajaj95 deleted the feature/improve-admin-role-policy branch May 29, 2026 06:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@beubax beubax beubax left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@manojbajaj95 @beubax