Skip to content

Feat/auth provider interface#267

Closed
Justy116 wants to merge 14 commits into
logtide-dev:mainfrom
Justy116:feat/auth-provider-interface
Closed

Feat/auth provider interface#267
Justy116 wants to merge 14 commits into
logtide-dev:mainfrom
Justy116:feat/auth-provider-interface

Conversation

@Justy116

@Justy116 Justy116 commented Jun 27, 2026

Copy link
Copy Markdown

Summary

Tenant safety

LogTide is multi-tenant. Confirm the following for any new/changed query, endpoint,
or background job (see docs/security/tenant-isolation-audit.md):

  • Tenant tables are filtered by organization_id (and project_id where relevant).
  • Joins enforce scoping at every level, not just the outer query.
  • Updates/deletes verify scope before executing, not just trusting the filter to match.
  • Cache keys include the organization id.
  • Background jobs carry the org id and the consumer re-validates it.
  • Ids from a URL parameter or request body are verified to belong to the requesting tenant before use.
  • New data-access paths are added to the audit doc.
  • npm run check:tenant-scoping passes (run from packages/backend).

Testing

Giustino Gragnaniello and others added 13 commits June 26, 2026 16:18
* refactor: added new logic for soft-delete

* refactor: updated test

* fix: address soft-delete review feedback

* refactor: updated test

* fix: per-org slug uniqueness, tenant-scope annotation, test teardown spans/metrics

* refactor: fixed filed test be

* test: add coverage for soft-delete project routes, service, and reservoir
  purgeProject

---------

Co-authored-by: Polliog <40077351+Polliog@users.noreply.github.com>
Co-authored-by: Giustino Gragnaniello <g.giustino@accenture.com>
Documents the AuthProvider interface, ProviderRegistry, database schema,
session model, and a worked end-to-end example of a minimal custom provider.
Closes logtide-dev#215.
@CLAassistant

CLAassistant commented Jun 27, 2026

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
2 out of 3 committers have signed the CLA.

✅ Justy116
✅ Polliog
❌ Giustino Gragnaniello


Giustino Gragnaniello seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@codecov

codecov Bot commented Jun 27, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 15.15152% with 28 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
packages/reservoir/src/test-global-setup.ts 5.26% 18 Missing ⚠️
packages/reservoir/src/client.ts 23.07% 10 Missing ⚠️

📢 Thoughts on this report? Let us know!

Resolves conflicts in projects restore flow: incorporates upstream
name/slug conflict pre-check in restoreProject() and corresponding
409 error handlers in the restore route.
@Justy116 Justy116 closed this Jun 27, 2026
@Justy116

Copy link
Copy Markdown
Author

closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants