Harden auth, redaction, upload size checks, and compose token requirements

2026-02-21 13:48:55 -03:00
parent 5792586a90
commit 3cbad053cc
21 changed files with 1168 additions and 85 deletions
--- a/backend/app/api/routes_processing_logs.py
+++ b/backend/app/api/routes_processing_logs.py
@@ -1,10 +1,11 @@
-"""Read-only API endpoints for processing pipeline event logs."""
+"""Admin-only API endpoints for processing pipeline event logs."""

 from uuid import UUID

 from fastapi import APIRouter, Depends, Query
 from sqlalchemy.orm import Session

+from app.core.config import get_settings
 from app.db.base import get_session
 from app.schemas.processing_logs import ProcessingLogEntryResponse, ProcessingLogListResponse
 from app.services.app_settings import read_processing_log_retention_settings
@@ -17,12 +18,13 @@ from app.services.processing_logs import (


 router = APIRouter()
+settings = get_settings()


@router.get("", response_model=ProcessingLogListResponse)
 def get_processing_logs(
    offset: int = Query(default=0, ge=0),
-    limit: int = Query(default=120, ge=1, le=400),
+    limit: int = Query(default=120, ge=1, le=settings.processing_log_max_unbound_entries),
    document_id: UUID | None = Query(default=None),
    session: Session = Depends(get_session),
 ) -> ProcessingLogListResponse:
@@ -43,8 +45,8 @@ def get_processing_logs(

@router.post("/trim")
 def trim_processing_logs(
-    keep_document_sessions: int | None = Query(default=None, ge=0, le=20),
-    keep_unbound_entries: int | None = Query(default=None, ge=0, le=400),
+    keep_document_sessions: int | None = Query(default=None, ge=0, le=settings.processing_log_max_document_sessions),
+    keep_unbound_entries: int | None = Query(default=None, ge=0, le=settings.processing_log_max_unbound_entries),
    session: Session = Depends(get_session),
 ) -> dict[str, int]:
    """Deletes old processing logs using query values or persisted retention defaults."""
@@ -61,10 +63,19 @@ def trim_processing_logs(
        else int(retention_defaults.get("keep_unbound_entries", 80))
    )

+    capped_keep_document_sessions = min(
+        settings.processing_log_max_document_sessions,
+        max(0, int(resolved_keep_document_sessions)),
+    )
+    capped_keep_unbound_entries = min(
+        settings.processing_log_max_unbound_entries,
+        max(0, int(resolved_keep_unbound_entries)),
+    )
+
    result = cleanup_processing_logs(
        session=session,
-        keep_document_sessions=resolved_keep_document_sessions,
-        keep_unbound_entries=resolved_keep_unbound_entries,
+        keep_document_sessions=capped_keep_document_sessions,
+        keep_unbound_entries=capped_keep_unbound_entries,
    )
    session.commit()
    return result