apunkt/trustgraph
1
0
Fork 0
mirror of https://github.com/trustgraph-ai/trustgraph.git synced 2026-06-30 17:09:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

feat: global usernames and rename workspace to default_workspace (#1001)

Browse source 
Users are global entities, not scoped to workspaces. This change:

Track A — Global usernames:
- Change iam_users_by_username to PRIMARY KEY (username), removing
  workspace from the lookup key
- Login looks up username globally, no workspace required
- Username uniqueness is enforced globally, not per-workspace
- Login -w now overrides the JWT workspace (session workspace)
  rather than selecting which user registry to search

Track B — Rename workspace to default_workspace:
- UserRecord.workspace → UserRecord.default_workspace
- Identity.workspace → Identity.default_workspace
- JWT claim "workspace" → "default_workspace"
- IamResponse.resolved_workspace → resolved_default_workspace
- WebSocket auth-ok frame field → default_workspace
- Socket clients read default_workspace from auth-ok
- _user_record_to_dict wire key → default_workspace
- CLI help text and output updated throughout
- Test files updated for renamed fields
This commit is contained in:
cybermaggedon 2026-06-25 16:34:31 +01:00 committed by GitHub
parent 16f8cfd972
commit 0a828379be
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
19 changed files with 101 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/unit/test_iam/test_noauth_handler.py
View file

@ -32,7 +32,7 @@ class TestAuthenticateAnonymous:
)
assert resp.error is None
assert resp.resolved_user_id == "anon"
assert resp.resolved_workspace == "ws"
assert resp.resolved_default_workspace == "ws"
assert "admin" in list(resp.resolved_roles)
@pytest.mark.asyncio
@ -44,7 +44,7 @@ class TestAuthenticateAnonymous:
_make_request(operation="authenticate-anonymous")
)
assert resp.resolved_user_id == "dev-user"
assert resp.resolved_workspace == "dev-ws"
assert resp.resolved_default_workspace == "dev-ws"
class TestResolveApiKey:
@ -57,7 +57,7 @@ class TestResolveApiKey:
)
assert resp.error is None
assert resp.resolved_user_id == "anonymous"
assert resp.resolved_workspace == "default"
assert resp.resolved_default_workspace == "default"
class TestAuthorise: