You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add user_id to routing decisions for per-user history isolation (#18)
* Add user_id to routing decisions for per-user history isolation
Migration 0003 adds a nullable user_id column to calls. CallStore.record(),
recent(), and count() accept an optional user_id parameter; recent/count
filter to that user when provided. RoutingService.route() and the HTTP
RouteRequest body thread user_id through; GET /api/history accepts a
user_id query param. All fields are optional for full backward compat.
* Address review: index on user_id, remove user_id from public history API
Add composite index (user_id, id) to migration 0003 and mark ORM column
index=True. Move WHERE before ORDER BY/LIMIT/OFFSET in recent(). Remove
user_id query param from GET /api/history (BOLA risk — per-user scoping
is the embedding app's responsibility via CallStore.recent(user_id=...)).
* Fix ORM/migration index mismatch; update user_id field description
Replace index=True on user_id column with __table_args__ composite index
sa.Index("ix_calls_user_id_id", "user_id", "id") to match migration 0003
exactly and prevent Alembic autogenerate from reporting false drift.
Reword user_id field description: no longer claims history filtering.
0 commit comments