Skip to content

UN-3585 [FEAT] Restrict connector creation to org admins (controlled mode)#2145

Merged
Deepak-Kesavan merged 8 commits into
mainfrom
UN-3585-restrict-connector-creation
Jul 6, 2026
Merged

UN-3585 [FEAT] Restrict connector creation to org admins (controlled mode)#2145
Deepak-Kesavan merged 8 commits into
mainfrom
UN-3585-restrict-connector-creation

Conversation

@Deepak-Kesavan

@Deepak-Kesavan Deepak-Kesavan commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Parent #2132 (UN-3584) is now merged. This PR was stacked on it and has since been merged up to main — its base is now main and the diff below is connector-only. No further ordering dependency.

What

Add a controlled-mode toggle that restricts connector creation to organization admins, mirroring the LLM-adapter restriction from UN-3584. When an org admin enables it, non-admin users can no longer create connectors (S3, Google Drive, databases, etc.); the default (off) preserves today's open creation for everyone.

It builds on the organization/settings endpoint and the PlatformSettings toggle scaffolding introduced by #2132 (now merged).

Why

UN-3585 (RLDatix on-prem onboarding blocker) asks to restrict who can create external connectors. The ticket describes a heavier design (per-connector-type allow-lists, approval workflow, role-permission matrix). Per product decision we deliberately do not build that — Unstract is a product, not a one-customer build, and an approval/permission framework is out of scope. Instead we take the same simple, proven route as LLM adapters: an org-level admin-only switch. Non-admins are steered to use shared connectors an admin has already created.

How

  • Model: new Organization.restrict_connector_creation boolean (default False), migration 0007.
  • Enforcement (connector_v2/views.py): _enforce_connector_creation_restriction() runs in create() — raises 403 PermissionDenied when the org flag is on and the caller is a non-admin. Service accounts (platform API-key sessions) bypass (automation isn't a UI user), and creation binds the row to the request-scoped org (overriding any payload organization, since the serializer is fields="__all__") so the per-org check can't be sidestepped. Applies to all connector types — every connector reaches an external system.
  • Settings endpoint (tenant_account_v2/views.py): the existing admin-only GET/PATCH organization/settings (from UN-3584) is generalized to expose/accept both flags (restrict_llm_adapter_creation, restrict_connector_creation); PATCH updates any subset.
  • Frontend (PlatformSettings.jsx): a second enterprise-gated "Connector Creation" toggle beside the LLM one — same GET-on-load, optimistic PATCH with revert-on-failure. Hidden in OSS builds (no org-admin/user-management there) and for non-admins.

Can this PR break any existing features. If yes, please list possible items. If no, please explain why. (PS: Admins do not merge the PR without this section filled)

No.

  • The flag defaults False → connector creation stays open for everyone; behavior is identical to today until an admin explicitly enables it.
  • The gate is a single added check at the top of create(); the existing create/serializer/OAuth flow is otherwise untouched.
  • Service accounts (API-key automation) are explicitly bypassed, so programmatic connector creation via platform API keys is unaffected.
  • The settings endpoint change is additive (adds a second flag key); the existing LLM-flag contract is preserved.
  • Org binding on save mirrors UN-3584 and matches how the mixin already resolved org (UserContext.get_organization()), so no cross-org behavior change.

Database Migrations

Yes — account_v2/migrations/0007_organization_restrict_connector_creation.py adds a nullable-safe boolean column with default=False (no backfill, non-breaking). Applied automatically by the deploy migration job.

Env Config

None.

Relevant Docs

Related Issues or PRs

Dependencies Versions

Notes on Testing

Deployed to dev (deepak-unstract-dev, tag snapshot.1783274715) — built off this branch (stacked, so includes UN-3584 + migrations 0006/0007).

Deploy verified (Cloud Logging):

  • Migration account_v2.0007_organization_restrict_connector_creationApplying … OK (the restrict_connector_creation column is live).
  • Backend booted clean on the new image: plugins loaded, DB connection established, Django system checks = warnings only (pre-existing).
  • /health serving. No connector/migration-related errors.
  • The only traceback in the deploy is a pre-existing stripe._error.AuthenticationError: No API key provided from the enterprise sync_stripe_products command (this dev namespace has no Stripe key configured) — unrelated to this change and present on every deploy here.

Live UI verified on dev (admin session, zipstack org):

  • The new "Connector Creation" section renders for the admin (enterprise build), directly below the LLM one.
  • Toggling it on → "Connector creation setting updated" success toast, and it persists across a page reload — proving the full round-trip: frontend → admin-only PATCH organization/settingsrestrict_connector_creation column (migration 0007) → GET re-hydration.
  • Toggling it off → success toast, default restored. Both PATCH directions succeed.

Not exercised live: the non-admin 403 denial path — requires a non-admin account in the dev org (only an admin session was available). The enforcement itself is a code-identical mirror of UN-3584's LLM gate (already deployed + verified on this env in #2132); the deployed gate is confirmed present (migration + backend boot verified above).

Screenshots

Platform Settings on dev showing the new Connector Creation toggle (enabled) beside the existing LLM Adapter Creation toggle:

(screenshot captured on dev — un-3585-connector-toggle.png; shows the "Connector Creation" section with "Only admins can create connectors" toggled on)

Checklist

I have read and understood the Contribution Guidelines.

…d mode)

Add a per-org 'restrict_llm_adapter_creation' setting (default off). When an
org admin enables it, only organization admins may create LLM adapters:
non-admin create requests are rejected with 403 and a contact-admin message.
Other adapter types and the default-off behavior are unchanged.

- account_v2: new BooleanField on Organization + migration
- tenant_account_v2: admin-only GET/PATCH organization/settings endpoint
- adapter_processor_v2: enforce the gate in AdapterInstanceViewSet.create
- frontend: admin-only toggle in Platform Settings
…in OSS)

Org admin roles / user management don't exist in OSS, so the controlled-mode
toggle must not render there. Probe for an enterprise-only plugin (absent in
OSS) and show the toggle only on enterprise/cloud builds, mirroring the
plugin-gating idiom in SideNavBar. Backend is already OSS-safe: the flag
defaults off and the create gate never fires.
…audit, extract gate

- Bypass the LLM-creation gate for service accounts (platform API-key
  sessions), consistent with how the rest of the permission layer treats
  them (Greptile P1).
- Set Organization.modified_by on the settings PATCH so the audit field
  isn't left stale (Greptile P2).
- Extract the controlled-mode check into _enforce_llm_creation_restriction
  to bring AdapterInstanceViewSet.create back under the cognitive-complexity
  limit (SonarQube).
…rg override)

AdapterInstanceSerializer exposes organization via fields=__all__, and
DefaultOrganizationMixin.save only fills it when None — so a payload-supplied
organization would persist. Pass organization=UserContext.get_organization()
to serializer.save() so the row is bound to the same request-scoped org the
controlled-mode check evaluates, closing a per-org restriction bypass
(CodeRabbit security finding).
@coderabbitai

coderabbitai Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Walkthrough

This PR adds an organization-level restrict_connector_creation flag, enforces it during connector creation, exposes it through organization settings, and adds a frontend toggle for managing the flag.

Changes

Controlled connector creation

Layer / File(s) Summary
Organization flag schema
backend/account_v2/models.py, backend/account_v2/migrations/0007_organization_restrict_connector_creation.py
Adds restrict_connector_creation to Organization and the matching migration.
Organization settings API
backend/tenant_account_v2/views.py
Extends organization settings to read and update both restriction flags with shared validation and persistence.
Connector creation enforcement
backend/connector_v2/views.py
Checks the new flag during connector creation and saves new connectors against the request organization.
Platform settings toggle
frontend/src/components/settings/platform/PlatformSettings.jsx
Adds frontend state, API syncing, optimistic updates, and a gated switch for the new setting.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant PlatformSettings
  participant OrganizationSettingsView
  participant ConnectorInstanceViewSet
  participant Organization

  User->>PlatformSettings: Toggle connector creation restriction
  PlatformSettings->>OrganizationSettingsView: PATCH restrict_connector_creation
  OrganizationSettingsView->>Organization: update settings
  Organization-->>OrganizationSettingsView: saved flags
  OrganizationSettingsView-->>PlatformSettings: updated response
  PlatformSettings-->>User: success or error alert

  User->>ConnectorInstanceViewSet: POST create connector
  ConnectorInstanceViewSet->>Organization: read restrict_connector_creation
  alt restriction enabled and user not admin
    ConnectorInstanceViewSet-->>User: PermissionDenied
  else allowed
    ConnectorInstanceViewSet->>ConnectorInstanceViewSet: serialize and save connector
    ConnectorInstanceViewSet-->>User: connector created
  end
Loading

Related PRs: None identified.

Suggested labels: backend, frontend, permissions, feature

Suggested reviewers: None identified.

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The title clearly states the main change: restricting connector creation to org admins in controlled mode.
Description check ✅ Passed The PR description matches the template and fills the required sections with clear details, testing notes, and migration info.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch UN-3585-restrict-connector-creation

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@Deepak-Kesavan

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@greptile-apps

greptile-apps Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR adds a controlled-mode toggle that restricts connector creation to organization admins, mirroring the LLM-adapter restriction introduced in #2132 (UN-3584). The default (False) keeps creation open for all users, so existing behaviour is unchanged until an admin explicitly enables the flag.

  • Backend: Adds restrict_connector_creation boolean to Organization (migration 0007), a _enforce_connector_creation_restriction guard in ConnectorInstanceViewSet.create() (with a service-account bypass), and generalises the admin-only organization/settings PATCH endpoint to accept both flags via the ORGANIZATION_SETTING_FLAGS tuple.
  • Frontend: A second enterprise-gated Switch in PlatformSettings.jsx follows the exact same optimistic-update + server-confirmation pattern as the existing LLM toggle.

Confidence Score: 5/5

Safe to merge; the flag defaults to False so no existing behaviour changes until an admin explicitly enables it.

The change is a faithful, additive mirror of the already-deployed LLM-adapter restriction. The default-False model field means zero risk to existing users. The enforcement guard is placed at the very top of create(), service accounts are correctly bypassed, and the validate-then-mutate pattern in the settings endpoint prevents partial in-memory mutations. No data-loss or access-escalation paths were found.

No files require special attention.

Important Files Changed

Filename Overview
backend/account_v2/migrations/0007_organization_restrict_connector_creation.py Additive migration adding restrict_connector_creation BooleanField with default=False; depends correctly on migration 0006; non-breaking.
backend/account_v2/models.py Adds restrict_connector_creation BooleanField to Organization; mirrors the restrict_llm_adapter_creation field exactly.
backend/connector_v2/views.py Adds _enforce_connector_creation_restriction static method with service-account bypass; called at the top of create() before payload validation; perform_create explicitly binds org for defence-in-depth.
backend/tenant_account_v2/views.py Generalises organization_settings to handle both flags via ORGANIZATION_SETTING_FLAGS tuple; validate-then-mutate pattern prevents partial in-memory mutations; update_fields correctly derived from provided keys.
frontend/src/components/settings/platform/PlatformSettings.jsx Adds connector-restriction toggle gated by isEnterpriseBuild && isAdmin; follows identical optimistic-update + revert-on-failure pattern as the LLM toggle.

Sequence Diagram

%%{init: {'theme': 'neutral'}}%%
sequenceDiagram
    participant C as Client (Browser/API)
    participant CV as ConnectorInstanceViewSet.create()
    participant E as _enforce_connector_creation_restriction()
    participant UC as UserContext.get_organization()
    participant OMS as OrganizationMemberService.is_user_organization_admin()
    participant DB as Database
    participant S as serializer.save()

    C->>CV: POST /connector/ (with connector payload)
    CV->>E: enforce restriction check
    alt is_service_account
        E-->>CV: return (bypass)
    else regular user
        E->>UC: get_organization()
        UC->>DB: Organization.objects.get(org_id)
        DB-->>UC: Organization
        UC-->>E: organization
        alt "restrict_connector_creation == False"
            E-->>CV: return (no restriction)
        else "restrict_connector_creation == True"
            E->>OMS: is_user_organization_admin(user)
            OMS->>DB: OrganizationMember.objects.get(user)
            DB-->>OMS: member role
            alt user is admin
                OMS-->>E: True
                E-->>CV: return (allowed)
            else user is not admin
                OMS-->>E: False
                E-->>CV: raise PermissionDenied (403)
                CV-->>C: 403 Forbidden
            end
        end
    end
    CV->>CV: serializer.is_valid()
    CV->>S: perform_create (org binding + save)
    S->>DB: INSERT ConnectorInstance
    DB-->>S: OK
    S-->>CV: connector saved
    CV-->>C: 201 Created
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
sequenceDiagram
    participant C as Client (Browser/API)
    participant CV as ConnectorInstanceViewSet.create()
    participant E as _enforce_connector_creation_restriction()
    participant UC as UserContext.get_organization()
    participant OMS as OrganizationMemberService.is_user_organization_admin()
    participant DB as Database
    participant S as serializer.save()

    C->>CV: POST /connector/ (with connector payload)
    CV->>E: enforce restriction check
    alt is_service_account
        E-->>CV: return (bypass)
    else regular user
        E->>UC: get_organization()
        UC->>DB: Organization.objects.get(org_id)
        DB-->>UC: Organization
        UC-->>E: organization
        alt "restrict_connector_creation == False"
            E-->>CV: return (no restriction)
        else "restrict_connector_creation == True"
            E->>OMS: is_user_organization_admin(user)
            OMS->>DB: OrganizationMember.objects.get(user)
            DB-->>OMS: member role
            alt user is admin
                OMS-->>E: True
                E-->>CV: return (allowed)
            else user is not admin
                OMS-->>E: False
                E-->>CV: raise PermissionDenied (403)
                CV-->>C: 403 Forbidden
            end
        end
    end
    CV->>CV: serializer.is_valid()
    CV->>S: perform_create (org binding + save)
    S->>DB: INSERT ConnectorInstance
    DB-->>S: OK
    S-->>CV: connector saved
    CV-->>C: 201 Created
Loading

Reviews (3): Last reviewed commit: "Merge remote-tracking branch 'origin/mai..." | Re-trigger Greptile

Comment thread backend/tenant_account_v2/views.py
Comment thread backend/connector_v2/views.py Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
backend/connector_v2/views.py (1)

50-70: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Consider adding unit tests for the new authorization path.

_enforce_connector_creation_restriction is new security-sensitive logic (service-account bypass, org-admin check, flag toggle) but no test file was included in this cohort. Suggest covering: flag off (open), flag on + non-admin (403), flag on + admin (allowed), and service-account bypass.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/connector_v2/views.py` around lines 50 - 70, Add unit tests for
_enforce_connector_creation_restriction in Connector views to cover the new
authorization paths: when restrict_connector_creation is off creation should be
allowed, when it is on a non-admin user should get PermissionDenied, when it is
on an org admin should be allowed, and when request.user.is_service_account is
true it should bypass the restriction. Use the existing
UserContext.get_organization and
OrganizationMemberService.is_user_organization_admin behavior in the tests so
the new security-sensitive logic is fully exercised.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@backend/connector_v2/views.py`:
- Around line 50-70: The connector creation guard in
`_enforce_connector_creation_restriction` should fail closed when
`UserContext.get_organization()` returns None instead of allowing an org-less
connector to be created. Update the connector creation flow in `views.py` around
`_enforce_connector_creation_restriction` and the connector save path to require
a valid organization context before proceeding, and raise `PermissionDenied` (or
equivalent rejection) when no organization is available. Keep the existing
service-account bypass and admin-only restriction logic intact, but ensure the
`organization=None` case is explicitly blocked before any connector is
persisted.

---

Nitpick comments:
In `@backend/connector_v2/views.py`:
- Around line 50-70: Add unit tests for _enforce_connector_creation_restriction
in Connector views to cover the new authorization paths: when
restrict_connector_creation is off creation should be allowed, when it is on a
non-admin user should get PermissionDenied, when it is on an org admin should be
allowed, and when request.user.is_service_account is true it should bypass the
restriction. Use the existing UserContext.get_organization and
OrganizationMemberService.is_user_organization_admin behavior in the tests so
the new security-sensitive logic is fully exercised.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9f0bf9f9-81f9-4f9d-80a0-06c785bac98e

📥 Commits

Reviewing files that changed from the base of the PR and between 9fa26b8 and 9255f77.

📒 Files selected for processing (5)
  • backend/account_v2/migrations/0007_organization_restrict_connector_creation.py
  • backend/account_v2/models.py
  • backend/connector_v2/views.py
  • backend/tenant_account_v2/views.py
  • frontend/src/components/settings/platform/PlatformSettings.jsx

Comment thread backend/connector_v2/views.py
@Deepak-Kesavan

Copy link
Copy Markdown
Contributor Author

Thanks @greptile-apps — all three points addressed:

  1. Settings validation/mutation interleave (tenant_account_v2/views.py) → split into validate-all then mutate-all (0faaa0ec4).
  2. Overstated org-binding comment (connector_v2/views.py) → reworded to the accurate defense-in-depth intent; verified DefaultOrganizationMixin.organization is editable=False so DRF already drops client input (0faaa0ec4).
  3. Fail-fast on the admin check → hoisted _enforce_connector_creation_restriction before payload validation, since it depends only on the request/org, not validated data (b2fa80e12). (This is the one intentional deviation from the UN-3584 mirror — the adapter check needs adapter_type from validated_data, the connector check doesn't.)

SonarCloud gate was green (0 new issues) on the initial commit; re-running on these.

@greptile-apps

greptile-apps Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

All three fixes look good. Here's a quick confirmation of what landed:

1. Settings validation/mutation split (tenant_account_v2/views.py) — Clean. The two-pass pattern (validate all → mutate all) is correctly in place. A bad value on the second flag no longer leaves the org partially updated.

2. Org-binding comment (connector_v2/views.py) — The reworded comment is accurate: it correctly states editable=False is the primary guard and the explicit organization= kwarg is defense-in-depth for call-site clarity, not a workaround.

3. Fail-fast hoist (connector_v2/views.py)_enforce_connector_creation_restriction(request) is now the first line in create(), before get_serializer / is_valid. The comment explains the deliberate deviation from the UN-3584 mirror clearly (adapter check needs adapter_type from validated data; connector check doesn't). Correct.

All three review items are resolved. LGTM on the enforcement logic and settings endpoint. Waiting on SonarCloud to confirm the new commits are clean, but nothing in the delta looks like it would introduce new issues.

Tip: You can customize Greptile's behavior for this repo with .greptile/rules.md and .greptile/config.json.

@Deepak-Kesavan

Copy link
Copy Markdown
Contributor Author

Re: the CodeRabbit nitpick on adding unit tests for _enforce_connector_creation_restriction — agreed it's worth having for security-sensitive authz. Noting for transparency: the UN-3584 sibling (#2132) that established this exact pattern (_enforce_llm_creation_restriction) also shipped without dedicated unit tests, and the four paths (flag off → open, flag on + non-admin → 403, flag on + admin → allowed, service-account bypass) are being verified live on the dev env. Happy to add a focused test cohort covering both the connector and adapter gates in a fast-follow so it lands consistently across both — will hold unless you'd prefer it in this PR.

Base automatically changed from UN-3584-restrict-llm-creation to main July 6, 2026 11:58
…ector-creation

# Conflicts:
#	backend/account_v2/models.py
#	backend/tenant_account_v2/views.py
#	frontend/src/components/settings/platform/PlatformSettings.jsx
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Frontend Lint Report (Biome)

All checks passed! No linting or formatting issues found.

@sonarqubecloud

sonarqubecloud Bot commented Jul 6, 2026

Copy link
Copy Markdown

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Unstract test results

Per-group results

Status Group Tier Passed Failed Errors Skipped Duration (s)
unit-connectors unit 64 12 0 3 18.1
unit-core unit 0 0 4 0 0.9
unit-platform-service unit 9 0 1 0 1.0
unit-rig unit 53 0 0 0 2.7
unit-runner unit 11 0 0 0 3.3
unit-sdk1 unit 381 0 0 0 15.9
unit-tool-registry unit 0 0 1 0 1.0
unit-workers unit 0 0 0 0 14.9
TOTAL 518 12 6 3 58.0

Critical paths

⚠️ Critical paths not yet covered

  • auth-login — User can log in and obtain a session cookie. (entry: POST /api/v1/auth/login; declared coverage: no groups declared)
  • adapter-register-llm — Register and validate an LLM adapter. (entry: POST /api/v1/adapter/; declared coverage: no groups declared)
  • workflow-create-execute — Create a workflow, configure source+destination, execute, poll, fetch result. (entry: POST /api/v1/workflow/{id}/execute/; declared coverage: e2e-workflow)
  • api-deployment-run — Deploy a workflow as an API, POST a document, receive structured JSON. (entry: POST /deployment/api/{org}/{name}/; declared coverage: e2e-api-deployment)
  • prompt-studio-fetch-response — Prompt Studio: create project, add prompt, run single-pass, get response. (entry: POST /api/v1/prompt-studio/prompt-studio-tool/{id}/fetch_response/; declared coverage: e2e-prompt-studio)
  • pipeline-etl-execute — Run an ETL pipeline from source connector to destination. (entry: POST /api/v1/pipeline/{id}/execute/; declared coverage: no groups declared)
  • usage-token-tracking — Per-execution token usage is recorded and retrievable. (entry: GET /api/v1/usage/get_token_usage/; declared coverage: no groups declared)
  • workflow-execution-fan-out — Multi-file workflow execution fans out to file-processing workers and rejoins. (entry: internal: backend → rabbitmq → workers/file_processing; declared coverage: no groups declared)
  • callback-result-delivery — Async results are posted back via the callback worker. (entry: internal: workers/callback → backend /internal endpoints; declared coverage: no groups declared)
✅ Covered critical paths
  • tool-sandbox-exec — covered by unit-runner

@Deepak-Kesavan Deepak-Kesavan merged commit 3a7f920 into main Jul 6, 2026
10 checks passed
@Deepak-Kesavan Deepak-Kesavan deleted the UN-3585-restrict-connector-creation branch July 6, 2026 12:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants