tanabata

tech/tanabata

Fork 0

Commit Graph

Author	SHA1	Message	Date
H1K0	89ba6bae82	fix(backend): enforce private-by-default visibility and pool-op ACL Listings returned every row regardless of ownership: GET /files, /tags, /pools and /categories exposed other users' private items (while the single-item GET correctly returned 403), and the pool file operations (GET /pools/:id, /pools/:id/files, add/remove/reorder) skipped ACL entirely, so any authenticated user could read and rewrite anyone's private pool. - List queries now filter to rows the caller may see (public, owned, or granted can_view) via a shared SQL condition; admins bypass. The viewer identity is taken from the request context by the service and passed to the repository in the list params. - Tag/Category/Pool single-item Get now enforce CanView (File already did). - Pool Get/ListFiles require pool view; AddFiles/RemoveFiles/Reorder require pool edit. Adds regression tests for private-by-default listing (hidden / public / granted / admin) and for pool operations rejecting a non-owner. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-10 15:07:17 +03:00
H1K0	1e2a2a61de	refactor(backend): strengthen domain layer types and add missing page types - DomainError struct with Code() string method replaces plain errors.New sentinels; errors.Is() still works via pointer equality - UUIDCreatedAt(uuid.UUID) time.Time helper extracts timestamp from UUID v7 - Add TagOffsetPage, CategoryOffsetPage, PoolOffsetPage - FileListParams fields grouped with comments matching openapi.yaml params - Fix mismatched comment on UserPage Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-04 00:06:44 +03:00
H1K0	1d341eef24	feat(backend): initialize Go module and implement domain layer - Add go.mod (module tanabata/backend, Go 1.21) with uuid dependency - Implement internal/domain: File, Tag, TagRule, Category, Pool, PoolFile, User, Session, Permission, ObjectType, AuditEntry + all pagination types - Add domain error sentinels (ErrNotFound, ErrForbidden, etc.) - Add context helpers WithUser/UserFromContext for JWT propagation - Fix migration: remove redundant DEFAULT on exif jsonb column Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-03 18:28:33 +03:00

Author

SHA1

Message

Date

H1K0

89ba6bae82

fix(backend): enforce private-by-default visibility and pool-op ACL

Listings returned every row regardless of ownership: GET /files, /tags,
/pools and /categories exposed other users' private items (while the
single-item GET correctly returned 403), and the pool file operations
(GET /pools/:id, /pools/:id/files, add/remove/reorder) skipped ACL
entirely, so any authenticated user could read and rewrite anyone's
private pool.

- List queries now filter to rows the caller may see (public, owned, or
  granted can_view) via a shared SQL condition; admins bypass. The viewer
  identity is taken from the request context by the service and passed to
  the repository in the list params.
- Tag/Category/Pool single-item Get now enforce CanView (File already did).
- Pool Get/ListFiles require pool view; AddFiles/RemoveFiles/Reorder
  require pool edit.

Adds regression tests for private-by-default listing (hidden / public /
granted / admin) and for pool operations rejecting a non-owner.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-10 15:07:17 +03:00

H1K0

1e2a2a61de

refactor(backend): strengthen domain layer types and add missing page types

- DomainError struct with Code() string method replaces plain errors.New
  sentinels; errors.Is() still works via pointer equality
- UUIDCreatedAt(uuid.UUID) time.Time helper extracts timestamp from UUID v7
- Add TagOffsetPage, CategoryOffsetPage, PoolOffsetPage
- FileListParams fields grouped with comments matching openapi.yaml params
- Fix mismatched comment on UserPage

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-04 00:06:44 +03:00

H1K0

1d341eef24

feat(backend): initialize Go module and implement domain layer

- Add go.mod (module tanabata/backend, Go 1.21) with uuid dependency
- Implement internal/domain: File, Tag, TagRule, Category, Pool, PoolFile,
  User, Session, Permission, ObjectType, AuditEntry + all pagination types
- Add domain error sentinels (ErrNotFound, ErrForbidden, etc.)
- Add context helpers WithUser/UserFromContext for JWT propagation
- Fix migration: remove redundant DEFAULT on exif jsonb column

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-03 18:28:33 +03:00

3 Commits