Require admin token for ClearJobs RPC by homerquan · Pull Request #4 · MirrorNeuronLab/MirrorNeuron

homerquan · 2026-05-18T17:40:38Z

The ClearJobs gRPC method exposed a destructive, unauthenticated bulk-delete of terminal job records; this change prevents network-reachable clients from invoking the deletion without an explicit administrative credential.

Add an admin_token field to the ClearJobsRequest protobuf contract and to the generated Elixir protobuf module so requests can carry a confirmation token (proto/job.proto, lib/mirror_neuron_grpc/job.pb.ex).
Validate the request token inside the gRPC handler by requiring a matching MIRROR_NEURON_GRPC_ADMIN_TOKEN environment value before calling the destructive MirrorNeuron.Monitor.clear_jobs/0, and return permission_denied for unauthenticated requests (lib/mirror_neuron_grpc/server.ex).
Add a focused regression unit test that asserts unauthenticated ClearJobs calls are rejected prior to any deletion (tests/unit/grpc_job_server_test.exs).
Document the administrative token requirement in the API section of README.md.

Ran mix format successfully to ensure formatting compliance.
Added a unit test tests/unit/grpc_job_server_test.exs that asserts unauthenticated ClearJobs requests raise a GRPC.RPCError with the permission message, but running mix test was blocked in this environment due to inability to fetch Hex/dependencies (network/CONNECT tunnel 403), so automated test execution could not be completed here.
Static inspection and local edits confirm the request field and server-side validation are present and will prevent the prior unauthenticated deletion path when the service is run with the environment token configured.

Require admin token for ClearJobs RPC

8a38457

homerquan added aardvark codex labels May 18, 2026 — with ChatGPT Codex Connector

homerquan added the aardvark label May 18, 2026

homerquan merged commit d293fe8 into main May 18, 2026
1 check failed

Provide feedback