[Feature] Persist governed file connector profiles and policies #18
Closed
opened 2026-07-08 08:36:09 +02:00 by zemion
·
3 comments
Labels
Clear labels
area/api
HTTP API contracts, routers, schemas, or API smoke behavior.
area/auth
Authentication, sessions, access bootstrap, or login behavior.
area/db
Database sessions, models, transactions, or persistence primitives.
area/deployment
Deployment, release, operations, or runtime packaging.
area/devex
Local developer workflow, scripts, tests, tooling, or release helpers.
area/docs
Durable documentation and project guidance.
area/governance
Governance policy, audit, privacy, retention, or compliance behavior.
area/marketing
Public website, product messaging, publication copy, or legal page content.
area/migrations
Alembic migrations, schema bootstrap, or persistence evolution.
area/module-system
Module discovery, manifests, capabilities, routing, or optional integrations.
area/rbac
Permissions, roles, delegation, or authorization policy.
area/release
Versioning, release locks, tags, packaging, or dependency pins.
area/security
Security posture, static analysis, supply-chain hardening, or vulnerability remediation.
area/tenancy
Tenant boundaries, provisioning, or tenant-scoped data behavior.
area/webui
Shared WebUI shell, frontend components, routing, or frontend tests.
audit/complexity
Complexity finding from Radon, Xenon, or equivalent maintainability scans.
audit/duplication
Duplicated-code finding from jscpd or equivalent similarity scans.
audit/false-positive
Audit finding reviewed as a narrow false positive or acceptable risk.
audit/needs-design
Audit finding that needs an architectural or product decision before implementation.
audit/quick-fix
Audit finding that appears narrow and directly fixable.
audit/structural
Audit finding that needs design, refactoring, or behavior review.
codex/needs-human
Needs an explicit human decision before Codex should implement.
codex/ready
Suitable for Codex to pick up with the existing issue context.
module/access
GovOPlaN access, identity, authentication, RBAC, and administration behavior.
module/addresses
GovOPlaN Addresses module behavior or integration.
module/admin
GovOPlaN Admin module behavior or integration.
module/appointments
GovOPlaN Appointments module behavior or integration.
module/approvals
GovOPlaN Approvals module behavior or integration.
module/assets
GovOPlaN Assets module behavior or integration.
module/audit
GovOPlaN Audit module behavior or integration.
module/booking
GovOPlaN Booking module behavior or integration.
module/calendar
GovOPlaN Calendar module behavior or integration.
module/campaign
GovOPlaN campaign module behavior or integration.
module/cases
GovOPlaN Cases module behavior or integration.
module/certificates
GovOPlaN Certificates module behavior or integration.
module/committee
GovOPlaN Committee module behavior or integration.
module/connectors
GovOPlaN Connectors module behavior or integration.
module/consultation
GovOPlaN Consultation module behavior or integration.
module/contracts
GovOPlaN Contracts module behavior or integration.
module/core
GovOPlaN core runner, shared primitives, shell, or extension points.
module/dist-lists
GovOPlaN Distribution Lists module behavior or integration.
module/dms
GovOPlaN Dms module behavior or integration.
module/docs
GovOPlaN documentation layer behavior or integration.
module/erp
GovOPlaN Erp module behavior or integration.
module/evaluation
GovOPlaN Evaluation module behavior or integration.
module/facilities
GovOPlaN Facilities module behavior or integration.
module/files
GovOPlaN files module behavior or integration.
module/fit-connect
GovOPlaN Fit Connect module behavior or integration.
module/forms
GovOPlaN Forms module behavior or integration.
module/forms-runtime
GovOPlaN Forms Runtime module behavior or integration.
module/grants
GovOPlaN Grants module behavior or integration.
module/helpdesk
GovOPlaN Helpdesk module behavior or integration.
module/identity
GovOPlaN Identity module behavior or integration.
module/identity-trust
GovOPlaN Identity Trust module behavior or integration.
module/idm
GovOPlaN Idm module behavior or integration.
module/inspections
GovOPlaN Inspections module behavior or integration.
module/issue-reporting
GovOPlaN Issue Reporting module behavior or integration.
module/learning
GovOPlaN Learning module behavior or integration.
module/ledger
GovOPlaN Ledger module behavior or integration.
module/mail
GovOPlaN mail module behavior or integration.
module/notifications
GovOPlaN Notifications module behavior or integration.
module/ops
GovOPlaN Ops module behavior or integration.
module/organizations
GovOPlaN Organizations module behavior or integration.
module/payments
GovOPlaN Payments module behavior or integration.
module/permits
GovOPlaN Permits module behavior or integration.
module/policy
GovOPlaN Policy module behavior or integration.
module/poll
GovOPlaN Poll module behavior or integration.
module/portal
GovOPlaN Portal module behavior or integration.
module/postbox
GovOPlaN Postbox module behavior or integration.
module/procurement
GovOPlaN Procurement module behavior or integration.
module/records
GovOPlaN Records module behavior or integration.
module/reporting
GovOPlaN Reporting module behavior or integration.
module/resources
GovOPlaN Resources module behavior or integration.
module/risk-compliance
GovOPlaN Risk Compliance module behavior or integration.
module/scheduling
GovOPlaN Scheduling module behavior or integration.
module/search
GovOPlaN Search module behavior or integration.
module/tasks
GovOPlaN Tasks module behavior or integration.
module/templates
GovOPlaN Templates module behavior or integration.
module/tenancy
GovOPlaN Tenancy module behavior or integration.
module/transparency
GovOPlaN Transparency module behavior or integration.
module/web
GovOPlaN public website, product page, or publication content.
module/workflow
GovOPlaN Workflow module behavior or integration.
module/xoev
GovOPlaN Xoev module behavior or integration.
module/xrechnung
GovOPlaN Xrechnung module behavior or integration.
module/xta-osci
GovOPlaN Xta Osci module behavior or integration.
priority
p0
Immediate stop-the-line priority.
priority
p1
High priority for the next focused work window.
priority
p2
Normal planned priority.
priority
p3
Low priority or opportunistic cleanup.
source/backlog-import
Imported from markdown backlog, roadmap, plan, or TODO files.
source/module-roadmap
Created from GovOPlaN module and integration roadmap planning.
source/security-audit
Created from a structured security or code-quality audit report.
source/todo-scan
Imported from inline TODO/FIXME/HACK markers by the Gitea TODO importer.
status
blocked
Cannot progress without a decision, dependency, credential, or external change.
status
in-progress
Currently being worked.
status
needs-info
Needs clarifying input before implementation can proceed safely.
status
ready
Ready for implementation.
status
triage
Needs review, ownership, priority, or acceptance criteria.
type
bug
A reproducible defect, regression, or incorrect behavior.
type
debt
Cleanup, refactoring, risk reduction, or deferred engineering work.
type
docs
Documentation, process, or developer workflow work.
type
feature
New user-visible behavior or platform capability.
type
task
Implementation, maintenance, migration, or operational work.
type
user-story
End-to-end user journey or real-world process story used to steer product slices.
Milestone
No items
No Milestone
Projects
Clear projects
No project
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: add-ideas/govoplan-files#18
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Implement the settings-side connector profile model documented in the Connector Spaces wiki page.
Acceptance criteria:
Add database-backed file connector profiles with system and tenant scope.
Add database-backed connector policy rows with effective policy/explain output similar to mail profile policy.
Keep environment/JSON profiles as bootstrap compatibility input.
Expose CRUD/list/read endpoints for profiles and policies.
Enforce policy before profile creation/update and before browse/import/sync.
Wiki: Connector Spaces
Progress update from the settings/profile implementation slice.\n\nDone:\n- Added database-backed file connector profiles with system and tenant scope.\n- Added encrypted stored password/token support while preserving env/JSON profiles as bootstrap compatibility input.\n- Added CRUD/list/read API endpoints for stored profiles and redacted responses with source_kind so bootstrap profiles are read-only in UI.\n- The profile policy JSON is enforced before browse/import/sync and before connector-space create/update.\n- Added System and Tenant admin settings sections for file connections, including endpoint, credentials, capabilities, allow/deny paths, provider metadata, and browse test.\n\nVerified with py_compile, connector API smoke test, migration repair test, core web UI production build, and live WebDAV/Nextcloud/SMB connector stack smoke.\n\nStill open for this issue: separate database-backed connector policy rows plus effective policy/explain UI similar to mail profile policy.
Progress update: split file connector connections and credentials.
Done now:
Added database-backed file connector credentials with system/tenant scope, encrypted stored password/token fields, redacted list/read responses, and CRUD endpoints.
File connector profiles can bind a credential_profile_id; legacy inline/env credentials remain compatible for bootstrap profiles.
Runtime browse/import/sync now evaluates connection policy plus credential policy, including credential_ids rules.
Settings UI now has separate credential and connection sections; connections select a saved credential instead of editing secrets inline.Still open: explicit central connector policy rows plus effective-policy/explain UI similar to mail profile policy.
Implemented the remaining central connector policy row/editor path.\n\nBackend:\n- Added file_connector_policies with system/tenant/user/group/campaign scope support.\n- Added GET/PUT /api/v1/files/connectors/policies/{scope_type} with local, parent, effective policy and source-step output.\n- Prepended effective central policy sources for browse/import/sync/link decisions.\n- Enforced central policy during connector profile and credential configuration writes.\n- Added lower-level limit validation for policy/profile/credential local policy fields.\n\nWebUI:\n- Added the settings-side connector policy editor for system and tenant scopes.\n- Supports allowed/denied connection IDs, credential IDs, providers, paths, endpoint URLs, and lower-level limit locks.\n\nVerification:\n- py_compile for touched backend files.\n- npm run build from govoplan-core/webui.\n- pytest tests/test_api_smoke.py::ApiSmokeTests::test_file_connector_profiles_are_governed_and_redacted.\n- pytest tests/test_database_migrations.py.\n- dev/connectors/smoke.py --require-smb against the Docker connector stack.