mosaicstack/stack
1
0
Fork 0
Code Issues 36 Pull Requests 1 Actions Packages Projects Releases 15 Wiki Activity
Files
b38b9846c170da1fb64eb49feebd6acacd2b2117
stack/docs/scratchpads/FED-M3-05-list-verb.md
Jarvis b38b9846c1
Some checks failed
ci/woodpecker/push/ci Pipeline was canceled
Details
ci/woodpecker/pr/ci Pipeline was canceled
Details
feat(#462): add federation list verb
2026-06-24 18:54:47 -05:00

2.7 KiB
Raw Blame History

FED-M3-05 — Federation List Verb Scratchpad

Objective

Implement POST /api/federation/v1/list/:resource.

Scope

  • Wire FederationAuthGuardFederationScopeService → read-only list query layer.
  • Apply max_rows_per_query row cap and return pagination metadata when truncated.
  • Tag returned rows with _source: "local".
  • Keep audit writes deferred to M4.
  • No request/response body persistence.

Base / branch

  • Branch: feat/federation-m3-verb-list
  • Base: main after M3-04 scope service merged via PR #672 (c739256a).

Implementation notes

  • Added ListController under apps/gateway/src/federation/server/verbs/.
  • Added FederationListQueryService as the read-only query layer and native RBAC evaluator.
  • Query resources supported in M3 list path:
    • tasks: project/mission scoped tasks visible through personal/team project access.
    • notes: non-empty mission_tasks.notes rows visible through personal/team mission access.
    • memory: user-owned insights and preferences rows.
    • credentials / api_keys: denied by native RBAC in M3 even if present in scope; sensitive-resource implementation is not part of FED-M3-05.
  • Cursor pagination uses an opaque base64url keyset cursor over (createdAt, id); DB reads fetch at most limit + 1 rows per resource query.
  • Reviewer isolation fix: mission_tasks.notes rows are always constrained by missionTasks.userId = subjectUserId and accessible mission IDs; team scope narrows missions but never widens to other users' mission task notes.

Tests

  • pnpm --filter @mosaicstack/gateway test -- list.controller.spec.ts list-query.service.spec.ts — PASS (11 tests, including PGlite regression coverage for team-scoped notes isolation and includePersonal: false).
  • pnpm --filter @mosaicstack/gateway typecheck — PASS.
  • pnpm --filter @mosaicstack/gateway lint — PASS.
  • pnpm format:check — PASS.
  • pnpm typecheck — PASS (41/41 turbo tasks).
  • pnpm lint — PASS (23/23 turbo tasks).
  • pnpm --filter @mosaicstack/gateway test — FAIL in pre-existing/live-DB integration suite: apps/gateway/src/__tests__/cross-user-isolation.test.ts cleanup cannot connect to local PostgreSQL on localhost:5433. New list tests pass; failure is outside FED-M3-05.

Review evidence

  • ~/.config/mosaic/tools/codex/codex-code-review.sh --uncommitted — PASS after remediation; approve, no findings.
  • ~/.config/mosaic/tools/codex/codex-security-review.sh --uncommitted — PASS after cursor + notes isolation remediation; risk level none, no findings.
  • Security-review note: read-path audit logging remains intentionally deferred to M4 per orchestrator clarification and FED-M3-05 scope.

Risks / follow-up

  • Read-path audit logging remains intentionally deferred to M4.
Reference in New Issue View Git Blame Copy Permalink