feat: workspace-based multi-tenancy, replacing user as tenancy axis (#840)

Introduces `workspace` as the isolation boundary for config, flows, library, and knowledge data. Removes `user` as a schema-level field throughout the code, API specs, and tests; workspace provides the same separation more cleanly at the trusted flow.workspace layer rather than through client-supplied message fields. Design ------ - IAM tech spec (docs/tech-specs/iam.md) documents current state, proposed auth/access model, and migration direction. - Data ownership model (docs/tech-specs/data-ownership-model.md) captures the workspace/collection/flow hierarchy. Schema + messaging ------------------ - Drop `user` field from AgentRequest/Step, GraphRagQuery, DocumentRagQuery, Triples/Graph/Document/Row EmbeddingsRequest, Sparql/Rows/Structured QueryRequest, ToolServiceRequest. - Keep collection/workspace routing via flow.workspace at the service layer. - Translators updated to not serialise/deserialise user. API specs --------- - OpenAPI schemas and path examples cleaned of user fields. - Websocket async-api messages updated. - Removed the unused parameters/User.yaml. Services + base --------------- - Librarian, collection manager, knowledge, config: all operations scoped by workspace. Config client API takes workspace as first positional arg. - `flow.workspace` set at flow start time by the infrastructure; no longer pass-through from clients. - Tool service drops user-personalisation passthrough. CLI + SDK --------- - tg-init-workspace and workspace-aware import/export. - All tg-* commands drop user args; accept --workspace. - Python API/SDK (flow, socket_client, async_*, explainability, library) drop user kwargs from every method signature. MCP server ---------- - All tool endpoints drop user parameters; socket_manager no longer keyed per user. Flow service ------------ - Closure-based topic cleanup on flow stop: only delete topics whose blueprint template was parameterised AND no remaining live flow (across all workspaces) still resolves to that topic. Three scopes fall out naturally from template analysis: * {id} -> per-flow, deleted on stop * {blueprint} -> per-blueprint, kept while any flow of the same blueprint exists * {workspace} -> per-workspace, kept while any flow in the workspace exists * literal -> global, never deleted (e.g. tg.request.librarian) Fixes a bug where stopping a flow silently destroyed the global librarian exchange, wedging all library operations until manual restart. RabbitMQ backend ---------------- - heartbeat=60, blocked_connection_timeout=300. Catches silently dead connections (broker restart, orphaned channels, network partitions) within ~2 heartbeat windows, so the consumer reconnects and re-binds its queue rather than sitting forever on a zombie connection. Tests ----- - Full test refresh: unit, integration, contract, provenance. - Dropped user-field assertions and constructor kwargs across ~100 test files. - Renamed user-collection isolation tests to workspace-collection.
2026-06-24 22:28:06 +02:00 · 2026-04-21 23:23:01 +01:00 · 2026-04-21 23:23:01 +01:00 · d35473f7f7
commit d35473f7f7
parent 9332089b3d
377 changed files with 6868 additions and 5785 deletions
--- a/trustgraph-base/trustgraph/api/collection.py
+++ b/trustgraph-base/trustgraph/api/collection.py
@ -2,11 +2,9 @@
 TrustGraph Collection Management

 This module provides interfaces for managing data collections in TrustGraph.
-Collections provide logical grouping and isolation for documents and knowledge
-graph data.
+Collections provide logical grouping within a workspace.
 """

-import datetime
 import logging

 from . types import CollectionMetadata
@ -18,10 +16,9 @@ class Collection:
    """
    Collection management client.

-    Provides methods for managing data collections, including listing,
-    updating metadata, and deleting collections. Collections organize
-    documents and knowledge graph data into logical groupings for
-    isolation and access control.
+    Provides methods for managing data collections within the configured
+    workspace, including listing, updating metadata, and deleting
+    collections.
    """

    def __init__(self, api):
@ -45,45 +42,20 @@ class Collection:
        """
        return self.api.request(f"collection-management", request)

-    def list_collections(self, user, tag_filter=None):
+    def list_collections(self, tag_filter=None):
        """
-        List all collections for a user.
-
-        Retrieves metadata for all collections owned by the specified user,
-        with optional filtering by tags.
+        List all collections in this workspace.

        Args:
-            user: User identifier
-            tag_filter: Optional list of tags to filter collections (default: None)
+            tag_filter: Optional list of tags to filter collections

        Returns:
            list[CollectionMetadata]: List of collection metadata objects
-
-        Raises:
-            ProtocolException: If response format is invalid
-
-        Example:
-            ```python
-            collection = api.collection()
-
-            # List all collections
-            all_colls = collection.list_collections(user="trustgraph")
-            for coll in all_colls:
-                print(f"{coll.collection}: {coll.name}")
-                print(f"  Description: {coll.description}")
-                print(f"  Tags: {', '.join(coll.tags)}")
-
-            # List collections with specific tags
-            research_colls = collection.list_collections(
-                user="trustgraph",
-                tag_filter=["research", "published"]
-            )
-            ```
        """

        input = {
            "operation": "list-collections",
-            "user": user,
+            "workspace": self.api.workspace,
        }

        if tag_filter:
@ -92,7 +64,6 @@ class Collection:
        object = self.request(input)

        try:
-            # Handle case where collections might be None or missing
            if object is None or "collections" not in object:
                return []

@ -102,7 +73,6 @@ class Collection:

            return [
                CollectionMetadata(
-                    user = v["user"],
                    collection = v["collection"],
                    name = v["name"],
                    description = v["description"],
@ -114,15 +84,11 @@ class Collection:
            logger.error("Failed to parse collection list response", exc_info=True)
            raise ProtocolException(f"Response not formatted correctly")

-    def update_collection(self, user, collection, name=None, description=None, tags=None):
+    def update_collection(self, collection, name=None, description=None, tags=None):
        """
        Update collection metadata.

-        Updates the name, description, and/or tags for an existing collection.
-        Only provided fields are updated; others remain unchanged.
-
        Args:
-            user: User identifier
            collection: Collection identifier
            name: New collection name (optional)
            description: New collection description (optional)
@ -130,35 +96,11 @@ class Collection:

        Returns:
            CollectionMetadata: Updated collection metadata, or None if not found
-
-        Raises:
-            ProtocolException: If response format is invalid
-
-        Example:
-            ```python
-            collection_api = api.collection()
-
-            # Update collection metadata
-            updated = collection_api.update_collection(
-                user="trustgraph",
-                collection="default",
-                name="Default Collection",
-                description="Main data collection for general use",
-                tags=["default", "production"]
-            )
-
-            # Update only specific fields
-            updated = collection_api.update_collection(
-                user="trustgraph",
-                collection="research",
-                description="Updated description"
-            )
-            ```
        """

        input = {
            "operation": "update-collection",
-            "user": user,
+            "workspace": self.api.workspace,
            "collection": collection,
        }

@ -175,7 +117,6 @@ class Collection:
            if "collections" in object and object["collections"]:
                v = object["collections"][0]
                return CollectionMetadata(
-                    user = v["user"],
                    collection = v["collection"],
                    name = v["name"],
                    description = v["description"],
@ -186,37 +127,23 @@ class Collection:
            logger.error("Failed to parse collection update response", exc_info=True)
            raise ProtocolException(f"Response not formatted correctly")

-    def delete_collection(self, user, collection):
+    def delete_collection(self, collection):
        """
        Delete a collection.

-        Removes a collection and all its associated data from the system.
-
        Args:
-            user: User identifier
            collection: Collection identifier to delete

        Returns:
            dict: Empty response object
-
-        Example:
-            ```python
-            collection_api = api.collection()
-
-            # Delete a collection
-            collection_api.delete_collection(
-                user="trustgraph",
-                collection="old-collection"
-            )
-            ```
        """

        input = {
            "operation": "delete-collection",
-            "user": user,
+            "workspace": self.api.workspace,
            "collection": collection,
        }

-        object = self.request(input)
+        self.request(input)

-        return {}
+        return {}