Lars
c2d9eac151
All checks were successful
Deploy Development / deploy (push) Successful in 34s
Test Suite / pytest-backend (push) Successful in 23s
Test Suite / lint-backend (push) Successful in 0s
Test Suite / build-frontend (push) Successful in 7s
Test Suite / playwright-tests (push) Successful in 24s
- Added functions to determine production environment and OpenAPI exposure settings, improving API documentation control. - Updated FastAPI initialization to conditionally set OpenAPI and documentation URLs based on environment variables. - Refactored health check response to limit detail exposure in production environments, enhancing security. - Streamlined profile management by removing legacy ID retrieval and ensuring session-based profile access for security improvements.
3.5 KiB
3.5 KiB
Endpoint-Audit: Mandanten & Governance
Fortlaufend gemäß ACCESS_LAYER_AND_GOVERNANCE_PLAN.md Stufe A–C.
| Router / Bereich | Beispiel-Endpunkt | tenant-relevant | Depends(get_tenant_context) / Kontext |
Governance geprüft (Liste+Detail) | Notizen |
|---|---|---|---|---|---|
| profiles | GET /api/profiles/me |
ja | resolve_tenant_context inline (invalid_header_policy=ignore) |
teils | + effective_club_id; veralteter Header bricht Refresh nicht |
| profiles | GET /api/profiles, GET /profiles/{pid}, POST /profiles, DELETE /profiles/{pid} |
ja/teils | require_auth |
ja | Liste nur Plattform-Admin; GET nach ID eigenes Profil oder Admin; POST/DELETE nur Admin |
| profiles | PUT /api/profiles/{id}, PUT /api/profile |
ja | get_tenant_context |
active_club_id Mitgliedschaft |
Validiert X-Active-Club-Id konsistent zu Mitgliedschaft |
| clubs | geschützte /api/clubs*, /divisions*, /groups* |
ja | get_tenant_context |
Mitgliedschaft / can_manage_* |
Öffentlich: /clubs/public-directory ohne Auth |
| club_memberships | /clubs/{id}/members* |
ja | get_tenant_context |
ja | |
| club_join_requests | /me/club-join-requests, /clubs/{id}/join-requests* |
ja | get_tenant_context |
ja | |
| exercises | PATCH /api/exercises/bulk-metadata |
ja | get_tenant_context |
ja | Liste: UI-Mehrfachwahl; bis 500 IDs; nur Ersteller oder Plattform-Admin |
| exercises | übrige geschützte /api/exercises* |
ja | get_tenant_context |
ja | |
| exercise_progression_graphs | /api/exercise-progression-graphs* |
ja | get_tenant_context |
Liste wie Bibliothek; Schreiben Ersteller/Plattform-Admin | Kanten: Lesen wenn Graph lesbar |
| training_planning | alle geschützten Endpoints | ja | get_tenant_context |
ja | Vorlagen-Liste wie Übungen; POST Vorlage Default club_id |
| training_framework_programs | alle geschützten Endpoints | ja | get_tenant_context |
ja | Liste + POST Default club_id |
| admin_users | GET /api/admin/users |
Plattform | require_auth |
Admin-Rolle | EXEMPT check_access_layer_hints.py |
| auth | /api/auth/* |
nein | — | Login/Session | EXEMPT |
| catalogs | Katalog-CRUD | nein (global) | require_auth |
Admin/Trainer je Endpoint | EXEMPT; bei späterem club_id nachziehen |
| skills | /api/skills* |
nein (global) | require_auth |
je Endpoint | EXEMPT |
| maturity_models | Admin-Matrix | nein (global) | require_auth |
Admin | EXEMPT |
| matrix_stack_bundle | Export/Import Bundles | Plattform/Test | require_auth |
Admin | EXEMPT |
| import_wiki / import_wiki_admin | Wiki-Import | Werkzeug | require_auth/Admin |
Admin | EXEMPT |
Legende: Router auf der EXEMPT-Liste des Scripts sind globale oder Auth-only-Pfade; sobald ein Router Vereinsdaten oder Bibliotheks-Sichtbarkeit erhält, EXEMPT entfernen und get_tenant_context einführen.
Letzte Änderung: 2026-05-06 — MULTI_TENANCY §3 Gap-Analyse aktualisiert; Audit um geschützte Profil-Endpunkte ergänzt.
Changelog (Fortführung)
- 2026-05-07: Legacy
GET/PUT /api/profileauf Session-Profil gehärtet; OpenAPI/Health-Ready Produktionsdefaults; Security-Release-Tests + CI-Schrittsecurity_release_checks.py— siehePRODUCTION_READINESS_AUDIT_2026-05.md.
Hinweis GET /training-units
Kein impliziter Filter nach effective_club_id (Multi-Verein-Kalender); bei Bedarf club_id Query setzen.