Lars
abee6171df
- Added new documentation references for access layer governance in CLAUDE.md, including multi-tenancy and endpoint audit guidelines. - Updated ACCESS_LAYER_AND_GOVERNANCE_PLAN.md to include cursor and heuristic checks for access layer compliance. - Enhanced ACCESS_LAYER_ENDPOINT_AUDIT.md to clarify endpoint visibility and governance requirements, including exemptions for certain routers. - Introduced library_content_visible_to_profile function in club_tenancy.py to streamline visibility checks for library content. - Updated exercise progression graphs router to utilize the new visibility function, improving access control. - Bumped application version to 0.8.27 and updated changelog to reflect these changes.
2.9 KiB
2.9 KiB
Endpoint-Audit: Mandanten & Governance
Fortlaufend gemäß ACCESS_LAYER_AND_GOVERNANCE_PLAN.md Stufe A–C.
| Router / Bereich | Beispiel-Endpunkt | tenant-relevant | Depends(get_tenant_context) / Kontext |
Governance geprüft (Liste+Detail) | Notizen |
|---|---|---|---|---|---|
| profiles | GET /api/profiles/me |
ja | resolve_tenant_context inline (invalid_header_policy=ignore) |
teils | + effective_club_id; veralteter Header bricht Refresh nicht |
| profiles | PUT /api/profiles/{id}, PUT /api/profile |
ja | get_tenant_context |
active_club_id Mitgliedschaft |
Validiert X-Active-Club-Id konsistent zu Mitgliedschaft |
| clubs | geschützte /api/clubs*, /divisions*, /groups* |
ja | get_tenant_context |
Mitgliedschaft / can_manage_* |
Öffentlich: /clubs/public-directory ohne Auth |
| club_memberships | /clubs/{id}/members* |
ja | get_tenant_context |
ja | |
| club_join_requests | /me/club-join-requests, /clubs/{id}/join-requests* |
ja | get_tenant_context |
ja | |
| exercises | alle geschützten /api/exercises* |
ja | get_tenant_context |
ja | |
| exercise_progression_graphs | /api/exercise-progression-graphs* |
ja | get_tenant_context |
Liste wie Bibliothek; Schreiben Ersteller/Plattform-Admin | Kanten: Lesen wenn Graph lesbar |
| training_planning | alle geschützten Endpoints | ja | get_tenant_context |
ja | Vorlagen-Liste wie Übungen; POST Vorlage Default club_id |
| training_framework_programs | alle geschützten Endpoints | ja | get_tenant_context |
ja | Liste + POST Default club_id |
| admin_users | GET /api/admin/users |
Plattform | require_auth |
Admin-Rolle | EXEMPT check_access_layer_hints.py |
| auth | /api/auth/* |
nein | — | Login/Session | EXEMPT |
| catalogs | Katalog-CRUD | nein (global) | require_auth |
Admin/Trainer je Endpoint | EXEMPT; bei späterem club_id nachziehen |
| skills | /api/skills* |
nein (global) | require_auth |
je Endpoint | EXEMPT |
| maturity_models | Admin-Matrix | nein (global) | require_auth |
Admin | EXEMPT |
| matrix_stack_bundle | Export/Import Bundles | Plattform/Test | require_auth |
Admin | EXEMPT |
| import_wiki / import_wiki_admin | Wiki-Import | Werkzeug | require_auth/Admin |
Admin | EXEMPT |
Legende: Router auf der EXEMPT-Liste des Scripts sind globale oder Auth-only-Pfade; sobald ein Router Vereinsdaten oder Bibliotheks-Sichtbarkeit erhält, EXEMPT entfernen und get_tenant_context einführen.
Letzte Änderung: 2026-05-05 — Cursor-Regel + Architektur-/Coding-Pflicht + Script backend/scripts/check_access_layer_hints.py; Katalog-Router im Audit als global dokumentiert.
Hinweis GET /training-units
Kein impliziter Filter nach effective_club_id (Multi-Verein-Kalender); bei Bedarf club_id Query setzen.