mosaicstack/stack
1
0
Fork 0
Code Issues 36 Pull Requests 2 Actions Packages Projects Releases 15 Wiki Activity

feat(#462): add federation capabilities verb #674

Merged
jason.woltje merged 1 commits from feat/federation-m3-verb-capabilities into main 2026-06-24 21:39:57 +00:00
Conversation 1 Commits 1 Files Changed 4 +193 -1
jason.woltje commented 2026-06-24 21:29:55 +00:00
Owner
Copy Link

Summary

  • add GET /api/federation/v1/capabilities controller
  • protect endpoint with FederationAuthGuard only (active grant is sufficient; no RBAC eval)
  • derive { resources, excluded_resources, max_rows_per_query, supported_verbs } from parsed grant scope
  • register capabilities controller in FederationModule

Refs #462

Verification

  • pnpm typecheck — PASS
  • pnpm lint — PASS
  • pnpm format:check — PASS
  • pnpm --filter @mosaicstack/gateway test -- capabilities.controller.spec.ts — PASS (5 tests)
  • ~/.config/mosaic/tools/codex/codex-code-review.sh --uncommitted — PASS
  • ~/.config/mosaic/tools/codex/codex-security-review.sh --uncommitted — PASS

Note

  • pnpm test currently fails locally in apps/gateway/src/__tests__/cross-user-isolation.test.ts due local PostgreSQL connection/schema state around the messages table; changed capabilities tests pass. No fleet-personas.spec flake encountered.
## Summary - add `GET /api/federation/v1/capabilities` controller - protect endpoint with `FederationAuthGuard` only (active grant is sufficient; no RBAC eval) - derive `{ resources, excluded_resources, max_rows_per_query, supported_verbs }` from parsed grant scope - register capabilities controller in `FederationModule` Refs #462 ## Verification - `pnpm typecheck` — PASS - `pnpm lint` — PASS - `pnpm format:check` — PASS - `pnpm --filter @mosaicstack/gateway test -- capabilities.controller.spec.ts` — PASS (5 tests) - `~/.config/mosaic/tools/codex/codex-code-review.sh --uncommitted` — PASS - `~/.config/mosaic/tools/codex/codex-security-review.sh --uncommitted` — PASS ## Note - `pnpm test` currently fails locally in `apps/gateway/src/__tests__/cross-user-isolation.test.ts` due local PostgreSQL connection/schema state around the `messages` table; changed capabilities tests pass. No `fleet-personas.spec` flake encountered.
jason.woltje added 1 commit 2026-06-24 21:29:55 +00:00
feat(#462): add federation capabilities verb
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
213ea1f39a
jason.woltje merged commit 6b94d014a8 into main 2026-06-24 21:39:57 +00:00
jason.woltje commented 2026-06-24 21:52:11 +00:00
Author
Owner
Copy Link

RETROACTIVE REVIEW-OF-RECORD — APPROVE ON MERITS (#674 FED-M3-07 capabilities). Verified endpoint is FederationAuthGuard-protected, has no RBAC/DB/data query path, and derives resources/excluded_resources/max_rows_per_query/supported_verbs strictly from parsed grant scope / federation verb constants. Reviewer verification: capabilities.controller.spec 5/5 pass; gateway typecheck/lint pass; formatting check pass; PR CI was green at review time.

RETROACTIVE REVIEW-OF-RECORD — APPROVE ON MERITS (#674 FED-M3-07 capabilities). Verified endpoint is FederationAuthGuard-protected, has no RBAC/DB/data query path, and derives resources/excluded_resources/max_rows_per_query/supported_verbs strictly from parsed grant scope / federation verb constants. Reviewer verification: capabilities.controller.spec 5/5 pass; gateway typecheck/lint pass; formatting check pass; PR CI was green at review time.
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
fleet-enhancement
Fleet-wide reliability/speed/cost improvements surfaced by the nightly enhance pass
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
jason.woltje
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mosaicstack/stack#674
Delete Branch "feat/federation-m3-verb-capabilities"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?