mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity
Files
7c9bb67fcd88e13f5c40c6a27cdb9c59d7235b74
stack/apps/api/src
History
Jason Woltje 004f7828fb
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
ci/woodpecker/pr/woodpecker Pipeline failed
Details
feat(#273): Implement capability-based authorization for federation 
Add CapabilityGuard infrastructure to enforce capability-based authorization
on federation endpoints. Implements fail-closed security model.

Security properties:
- Deny by default (no capability = deny)
- Only explicit true values grant access
- Connection must exist and be ACTIVE
- All denials logged for audit trail

Implementation:
- Created CapabilityGuard with fail-closed authorization logic
- Added @RequireCapability decorator for marking endpoints
- Added getConnectionById() to ConnectionService
- Added logCapabilityDenied() to AuditService
- 12 comprehensive tests covering all security scenarios

Quality gates:
-  Tests: 12/12 passing
-  Lint: 0 new errors (33 pre-existing)
-  TypeScript: 0 new errors (8 pre-existing)

Refs #273

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-03 19:53:09 -06:00
..
activity
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
agent-tasks
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
auth
fix(#84): address critical security issues in federation identity
2026-02-03 11:13:12 -06:00
brain
fix(#27): address security issues in intent classification
2026-01-31 16:50:32 -06:00
bridge
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
bullmq
feat(#165): Implement BullMQ module setup
2026-02-01 21:01:25 -06:00
common
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
completion-verification
feat(#136): build Completion Verification Engine
2026-01-31 13:44:23 -06:00
continuation-prompts
feat(#137): create Forced Continuation Prompt System
2026-01-31 13:51:46 -06:00
coordinator-integration
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
cron
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
database
chore: Clear technical debt across API and web packages
2026-01-30 18:26:41 -06:00
domains
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
events
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
federation
feat(#273): Implement capability-based authorization for federation
2026-02-03 19:53:09 -06:00
filters
fix(#1): Address code review findings
2026-01-28 15:07:04 -06:00
herald
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
ideas
fix(#196): fix race condition in job status updates
2026-02-02 12:51:17 -06:00
job-events
fix(#189): add composite database index for job_events table
2026-02-02 12:30:19 -06:00
job-steps
fix(#182): fix Prisma enum import in job-steps tests
2026-02-02 11:41:11 -06:00
knowledge
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
layouts
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
lib
chore: Clear technical debt across API and web packages
2026-01-30 18:26:41 -06:00
llm
fix: address code review issues and cleanup QA reports
2026-01-31 15:01:18 -06:00
mcp
feat(#132): port MCP (Model Context Protocol) infrastructure
2026-01-31 13:07:58 -06:00
ollama
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
personalities
feat(#130): add Personality Prisma schema and backend
2026-01-31 12:44:50 -06:00
prisma
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
projects
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
quality-gate-config
feat(#135): implement Quality Gate Configuration System
2026-01-31 13:33:04 -06:00
quality-orchestrator
docs: Add overlap analysis for non-AI coordinator patterns
2026-01-31 14:47:59 -06:00
rejection-handler
feat(#139): build Gate Rejection Response Handler
2026-01-31 14:01:42 -06:00
runner-jobs
fix(#196): fix race condition in job status updates
2026-02-02 12:51:17 -06:00
stitcher
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
tasks
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
telemetry
feat(#131): add OpenTelemetry tracing infrastructure
2026-01-31 12:55:11 -06:00
token-budget
fix: address code review issues and cleanup QA reports
2026-01-31 15:01:18 -06:00
users
chore: Clear technical debt across API and web packages
2026-01-30 18:26:41 -06:00
valkey
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
websocket
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
widgets
feat(#52): implement Active Projects & Agent Chains widget
2026-02-03 19:17:13 -06:00
workspace-settings
fix(api): Add AuthModule import to modules using AuthGuard
2026-02-01 01:48:09 -06:00
app.controller.test.ts
feat(#3): Add comprehensive tests and improve Prisma seed script
2026-01-28 16:24:25 -06:00
app.controller.ts
chore: Clear technical debt across API and web packages
2026-01-30 18:26:41 -06:00
app.module.ts
feat(#84): implement instance identity model for federation
2026-02-03 10:58:50 -06:00
app.service.ts
feat(#1): Set up monorepo scaffold with pnpm workspaces + TurboRepo
2026-01-28 13:31:33 -06:00
cors.spec.ts
fix(#192): fix CORS configuration for cookie-based authentication
2026-02-02 12:13:17 -06:00
main.ts
fix(#192): fix CORS configuration for cookie-based authentication
2026-02-02 12:13:17 -06:00