4cb168bbba
All 8 tasks checked off. Change archived to openspec/changes/archive/
per OpenSpec protocol. Implementation committed in 5943ff1.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
11 lines
1.0 KiB
Markdown
11 lines
1.0 KiB
Markdown
# Implementation Tasks: Tenant Isolation Enforcement
|
|
|
|
- [x] Add `organizationId` field to `IAgentListFilters` in `src/types/index.ts`
|
|
- [x] Update `AgentRepository.findAll()` to filter by `organizationId`
|
|
- [x] Add `organizationId` parameter to `AgentService.getAgentById()`, `updateAgent()`, `decommissionAgent()`; throw `AuthorizationError` on mismatch
|
|
- [x] Update `AgentController.registerAgent()` to force `organizationId` from `req.user.organization_id`
|
|
- [x] Update `AgentController.listAgents()` to force `filters.organizationId` from `req.user.organization_id`
|
|
- [x] Update `AgentController.getAgentById()`, `updateAgent()`, `decommissionAgent()` to pass `req.user.organization_id` to service
|
|
- [x] Update `docs/openapi/agent-registry.yaml` with 403 responses and security enforcement descriptions
|
|
- [x] Ownership guard unit tests added to `tests/unit/controllers/AgentController.test.ts` (23 tests, all passing). Note: Test C.7 end-to-end regression is a field trial integration test run by DevOps against live containers — it is not a unit test.
|