vijay_admin/sentryagent-idp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
sentryagent-idp/openspec/changes/archive/2026-04-09-tenant-isolation-enforcement/tasks.md
SentryAgent.ai Developer 4cb168bbba docs(openspec): mark tenant-isolation-enforcement complete and archive 
All 8 tasks checked off. Change archived to openspec/changes/archive/
per OpenSpec protocol. Implementation committed in 5943ff1.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 05:29:54 +00:00

1.0 KiB
Raw Permalink Blame History

Implementation Tasks: Tenant Isolation Enforcement

  • Add organizationId field to IAgentListFilters in src/types/index.ts
  • Update AgentRepository.findAll() to filter by organizationId
  • Add organizationId parameter to AgentService.getAgentById(), updateAgent(), decommissionAgent(); throw AuthorizationError on mismatch
  • Update AgentController.registerAgent() to force organizationId from req.user.organization_id
  • Update AgentController.listAgents() to force filters.organizationId from req.user.organization_id
  • Update AgentController.getAgentById(), updateAgent(), decommissionAgent() to pass req.user.organization_id to service
  • Update docs/openapi/agent-registry.yaml with 403 responses and security enforcement descriptions
  • Ownership guard unit tests added to tests/unit/controllers/AgentController.test.ts (23 tests, all passing). Note: Test C.7 end-to-end regression is a field trial integration test run by DevOps against live containers — it is not a unit test.
Reference in New Issue View Git Blame Copy Permalink