[codex] harden env broker and adaptive log RLS#139
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (10)
📝 WalkthroughWalkthroughChanges span env-admin authorization (operator-token-first flow, capability checks, locked admin UI, cookie path widening, tests), a new Supabase RLS migration for two log tables with matching tests, an OAuth route export adjustment, a fixture-verification CLI refactor, and a postcss version override in package.json. ChangesEnv Admin Guard and UI
Adaptive Log RLS Policies
Miscellaneous: OAuth route export, fixture CLI, postcss override
Estimated code review effort: 3 (Moderate) | ~25 minutes Sequence Diagram(s)sequenceDiagram
participant Client
participant AdminEnvPage
participant EnvAdminGuard
participant StatusRoute
Client->>AdminEnvPage: Request /admin/env
AdminEnvPage->>EnvAdminGuard: requireEnvAdmin(false)
EnvAdminGuard->>EnvAdminGuard: Check operator token
alt operator token valid
EnvAdminGuard-->>AdminEnvPage: {user, response: null}
else no operator token
EnvAdminGuard->>EnvAdminGuard: requireApiUser + hasEnvAdminCapability
alt unauthenticated
EnvAdminGuard-->>AdminEnvPage: 401 response
else lacks capability
EnvAdminGuard-->>AdminEnvPage: 403 response
else authorized
EnvAdminGuard-->>AdminEnvPage: {user, response: null}
end
end
alt guard.response present
AdminEnvPage-->>Client: Render LockedEnvBrokerPage
Client->>StatusRoute: POST operator_key
StatusRoute-->>Client: Set-Cookie pandora_env_admin (path=/)
else
AdminEnvPage-->>Client: Render full broker dashboard
end
Possibly related PRs
Suggested labels: ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 79a9241e66
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| on public.memory_retrieval_logs | ||
| for insert | ||
| to authenticated | ||
| with check ((select auth.uid()) = user_id); |
There was a problem hiding this comment.
Constrain adaptive log inserts to valid namespaces
This new authenticated insert policy only checks ownership, so any signed-in user can now insert memory_retrieval_logs rows for their own user_id with namespace = 'foo' or another cross-domain value; the same pattern is repeated for memory_model_call_logs below. Since these tables feed adaptive memory/retrieval audit data and the project requires strict real_life/au separation, the RLS with check should also enforce the allowed namespace before opening authenticated writes.
Useful? React with 👍 / 👎.
|
|
||
| const response = NextResponse.redirect(new URL("/admin/env", request.url), { status: 303 }); | ||
| response.cookies.set({ name: ENV_ADMIN_COOKIE_NAME, value: candidate, httpOnly: true, sameSite: "strict", secure: true, path: "/api/admin/env", maxAge: 60 * 30 }); | ||
| response.cookies.set({ name: ENV_ADMIN_COOKIE_NAME, value: candidate, httpOnly: true, sameSite: "strict", secure: true, path: "/", maxAge: 60 * 30 }); |
There was a problem hiding this comment.
Scope the operator-token cookie to env admin routes
After a successful unlock, this stores the raw operator/job token as a Path=/ cookie, so every subsequent request to unrelated routes such as /dashboard carries pandora_env_admin even though only /admin/env and /api/admin/env/* need it. Because getConfiguredOperatorTokens() accepts internal production tokens, this broadens where a secret is exposed inside the app; use a route-scoped/opaque unlock cookie instead of sending the raw credential site-wide.
Useful? React with 👍 / 👎.
Summary
This PR applies the first audit-fix batch for the Pandora Memory Engine:
app_metadataenv-admin capability./admin/envbefore rendering drift/provider status, while keeping the operator unlock token server-only in an HttpOnly, Secure, SameSite=strict cookie.npmbinary.postcssto clear the current audit advisory.Validation
npm run typecheckpassed.npm run lintpassed with 2 existing warnings:lib/db/core-repositories.tsunusedPublicTableInsert, and anonymous default export invitest.config.ts.npm run testpassed: 99 files, 637 tests.npm run buildpassed.npm run env:policypassed for 89 discovered env keys.npm audit --jsonpassed with 0 vulnerabilities.git diff --checkpassed.next start: signed-out/admin/envshows locked copy and hides drift data; operator unlock returns 303 and sets a root-path HttpOnly/Secure/SameSite=strict cookie; authorized/admin/envshows the console and does not echo the operator token.supabase db lint --local --fail-on nonecould not run because no local Postgres/Supabase database was available.Rollout Notes
dryRun:falseexecution was run.pg_policies/schema inspection before claiming it is deployed.Summary by CodeRabbit
New Features
Bug Fixes