starred/ALwrity
1
0
Fork 0
mirror of https://github.com/AJaySi/ALwrity.git synced 2026-04-25 08:55:58 +03:00
Code Issues 82 Projects Releases 4 Packages Wiki Activity

[PR #372] [MERGED] Harden user-scoped access in subscription dashboard/alerts/usage routes #678

New issue
Closed
opened 2026-03-13 21:03:27 +03:00 by kerem · 0 comments
kerem commented 2026-03-13 21:03:27 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/AJaySi/ALwrity/pull/372
Author: @AJaySi
Created: 3/4/2026
Status: Merged
Merged: 3/5/2026
Merged by: @AJaySi

Base: mainHead: codex/update-user-access-verification-for-routes

📝 Commits (1)

  • 261c224 Harden user-scoped subscription route access checks

📊 Changes

4 files changed (+108 additions, -7 deletions)

View changed files

📝 backend/api/subscription/routes/alerts.py (+15 -4)
📝 backend/api/subscription/routes/dashboard.py (+6 -1)
backend/api/subscription/routes/route_access_audit.py (+82 -0)
📝 backend/api/subscription/routes/usage.py (+5 -2)

📄 Description

Motivation

  • Ensure all subscription API endpoints that return user-scoped data verify the authenticated user and prevent unauthorized access or mutations.
  • Prevent alert tampering by enforcing ownership checks on mutating endpoints.

Description

  • Added Depends(get_current_user) and a call to verify_user_access(user_id, current_user) to GET /dashboard/{user_id} in backend/api/subscription/routes/dashboard.py to enforce user-scoped access before queries.
  • Added Depends(get_current_user) and verify_user_access(...) to GET /alerts/{user_id} in backend/api/subscription/routes/alerts.py so alert listings require authentication and authorization.
  • Hardened POST /alerts/{alert_id}/mark-read in backend/api/subscription/routes/alerts.py to check alert.user_id against current_user.id and return 403 on ownership mismatch while preserving existing HTTPException behavior.
  • Added Depends(get_current_user) and verify_user_access(...) to GET /usage/{user_id}/trends in backend/api/subscription/routes/usage.py (the main /usage/{user_id} route already verified access).
  • Added a route-level audit script backend/api/subscription/routes/route_access_audit.py that scans route handlers for "{user_id}" in paths and flags handlers missing get_current_user or a verify_user_access call.

Testing

  • Ran the audit script with python backend/api/subscription/routes/route_access_audit.py and it returned PASS: all user-scoped routes include get_current_user and verify_user_access.
  • Verified syntax by compiling the modified modules with python -m py_compile backend/api/subscription/routes/dashboard.py backend/api/subscription/routes/alerts.py backend/api/subscription/routes/usage.py backend/api/subscription/routes/route_access_audit.py, which completed without errors.

Codex Task

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/AJaySi/ALwrity/pull/372 **Author:** [@AJaySi](https://github.com/AJaySi) **Created:** 3/4/2026 **Status:** ✅ Merged **Merged:** 3/5/2026 **Merged by:** [@AJaySi](https://github.com/AJaySi) **Base:** `main` ← **Head:** `codex/update-user-access-verification-for-routes` --- ### 📝 Commits (1) - [`261c224`](https://github.com/AJaySi/ALwrity/commit/261c224dca846e93c5adf4b94ff08c63109bcb24) Harden user-scoped subscription route access checks ### 📊 Changes **4 files changed** (+108 additions, -7 deletions) <details> <summary>View changed files</summary> 📝 `backend/api/subscription/routes/alerts.py` (+15 -4) 📝 `backend/api/subscription/routes/dashboard.py` (+6 -1) ➕ `backend/api/subscription/routes/route_access_audit.py` (+82 -0) 📝 `backend/api/subscription/routes/usage.py` (+5 -2) </details> ### 📄 Description ### Motivation - Ensure all subscription API endpoints that return user-scoped data verify the authenticated user and prevent unauthorized access or mutations. - Prevent alert tampering by enforcing ownership checks on mutating endpoints. ### Description - Added `Depends(get_current_user)` and a call to `verify_user_access(user_id, current_user)` to `GET /dashboard/{user_id}` in `backend/api/subscription/routes/dashboard.py` to enforce user-scoped access before queries. - Added `Depends(get_current_user)` and `verify_user_access(...)` to `GET /alerts/{user_id}` in `backend/api/subscription/routes/alerts.py` so alert listings require authentication and authorization. - Hardened `POST /alerts/{alert_id}/mark-read` in `backend/api/subscription/routes/alerts.py` to check `alert.user_id` against `current_user.id` and return `403` on ownership mismatch while preserving existing `HTTPException` behavior. - Added `Depends(get_current_user)` and `verify_user_access(...)` to `GET /usage/{user_id}/trends` in `backend/api/subscription/routes/usage.py` (the main `/usage/{user_id}` route already verified access). - Added a route-level audit script `backend/api/subscription/routes/route_access_audit.py` that scans route handlers for `"{user_id}"` in paths and flags handlers missing `get_current_user` or a `verify_user_access` call. ### Testing - Ran the audit script with `python backend/api/subscription/routes/route_access_audit.py` and it returned `PASS: all user-scoped routes include get_current_user and verify_user_access`. - Verified syntax by compiling the modified modules with `python -m py_compile backend/api/subscription/routes/dashboard.py backend/api/subscription/routes/alerts.py backend/api/subscription/routes/usage.py backend/api/subscription/routes/route_access_audit.py`, which completed without errors. ------ [Codex Task](https://chatgpt.com/codex/tasks/task_e_69a8468242348328adcf4ae1a50bb4e0) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-03-13 21:03:27 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
codex/task-title-3y5pbt
codex/task-title-lsrpho
codex/task-title
codex/locate-and-render-brollinfopanel-component
codex/import-scene-composition-symbols-in-broll_service
codex/refactor-preview-generation-flow
codex/standardize-chart-preview-route-usage
codex/import-b-roll-handler-and-update-router
codex/implement-podcast-research-response-updates
codex/add-cost-estimation-feature-to-podcastdashboard
codex/remove-heuristic-calculators-and-update-estimates-bhvhnh
codex/remove-heuristic-calculators-and-update-estimates
codex/implement-dedicated-podcastcostest-model
codex/add-podcast-maker-feature-documentation
codex/review-flat-file-context-system-implementation
codex/create-podcast-maker-best-practices-documentation
codex/add-podcast-maker-journey-pages-for-personas
codex/refactor-podcast-maker-documentation-structure
dependabot/npm_and_yarn/frontend/npm_and_yarn-7d3393088f
codex/log-skipped-and-loaded-items
codex/create-startup-phases-for-podcast-demo-tugrzv
codex/create-startup-phases-for-podcast-demo
codex/add-api-feature-profile-status-endpoint
codex/refactor-routermanager-to-use-registry
codex/add-new-modules-for-feature-management
codex/downgrade-api-key-warning-logging
codex/refactor-onboarding-loading-logic
codex/add-ci-lint-check-for-user_id-patterns
codex/remove-sessionlocal-import-and-add-health-check
codex/refactor-dubbed_audio_dir-to-tenant-path-resolver
codex/update-task-metadata-and-api-responses
codex/verify-podcast-analysis-and-cost-tracking
codex/assert-api-endpoints-on-startup
codex/add-env-controlled-guard-for-stripe-key
codex/remove-feature-flag-for-production-demo
codex/add-mode-aware-redirect-logic-in-pricingpage
codex/document-deployment-configuration-for-demo-mode
codex/ensure-api.subscription.router-always-included
codex/guard-onboarding-manager-and-endpoints
codex/wrap-router-inclusion-in-demo-mode-check
codex/add-podcast-only-demo-mode-toggle
dependabot/npm_and_yarn/frontend/npm_and_yarn-f5ea90b336
codex/update-reset_current_billing_period-logic
codex/update-error-handling-in-monitoring-middleware
codex/move-stripe_plan_price_mapping-to-env-driven-config
codex/refactor-billingservice-to-use-authenticated-user
codex/update-user-access-verification-for-routes
session/agent_eae6711f-e04b-4d48-8d66-43ee051feb7b
v0.5.0
v0.3
v0.2
v0.1
Labels
Clear labels   
AI Content Agents

   
AI Content Strategy

   
AI Content planning

   
AI Marketing Tools

   
AI SEO

   
AI personalization

   
AI writer

   
ALwrity Copi-lot

   
Alwrity web search

   
Anthropic

   
DeepSeek

   
Gemini AI

   
Integration

   
LLM

   
OnBoarding

   
OnBoarding

   
RAG knowledgebase Memory

   
bug

   
documentation

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
openai

   
pull-request

Mirrored from GitHub Pull Request

No labels
AI Content Agents
AI Content Strategy
AI Content planning
AI Marketing Tools
AI SEO
AI personalization
AI writer
ALwrity Copi-lot
Alwrity web search
Anthropic
DeepSeek
Gemini AI
Integration
LLM
OnBoarding
OnBoarding
RAG knowledgebase Memory
bug
documentation
enhancement
good first issue
help wanted
invalid
openai
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/ALwrity#678
No description provided.