From ab328b1a0b8917817ff49a41fc13e9e3071e6680 Mon Sep 17 00:00:00 2001 From: zwitschi Date: Sun, 9 Nov 2025 23:46:51 +0100 Subject: [PATCH] feat: implement environment-driven admin bootstrap settings and retire legacy RBAC documentation --- changelog.md | 1 + 1 file changed, 1 insertion(+) diff --git a/changelog.md b/changelog.md index 463dcd0..b696dda 100644 --- a/changelog.md +++ b/changelog.md @@ -28,3 +28,4 @@ - Added dedicated pytest coverage for guard dependencies, exercising success plus failure paths (missing session, inactive user, missing roles, project/scenario access errors) via `tests/test_dependencies_guards.py`. - Added integration tests in `tests/test_authorization_integration.py` verifying anonymous 401 responses, role-based 403s, and authorized project manager flows across API and UI endpoints. - Implemented environment-driven admin bootstrap settings, wired the `bootstrap_admin` helper into FastAPI startup, added pytest coverage for creation/idempotency/reset logic, and documented operational guidance in the RBAC plan and security concept. +- Retired the legacy authentication RBAC implementation plan document after migrating its guidance into live documentation and synchronized the contributor instructions to reflect the removal.