phoenix-oss/llama-stack-mirror
0
0
Fork 1
mirror of https://github.com/meta-llama/llama-stack.git synced 2026-01-02 22:52:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: make sure agent sessions are under access control

Browse source
This commit is contained in:
Ashwin Bharambe 2025-03-20 18:54:40 -07:00
parent 5b9c366614
commit f89ef5e3c9
4 changed files with 255 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

8
llama_stack/distribution/routers/routing_tables.py
View file

@ -198,7 +198,7 @@ class CommonRoutingTableImpl(RoutingTable):
return None
# Check if user has permission to access this object
if not check_access(obj, get_auth_attributes()):
if not check_access(obj.identifier, obj.access_attributes, get_auth_attributes()):
logger.debug(f"Access denied to {type} '{identifier}' based on attribute mismatch")
return None
@ -241,7 +241,11 @@ class CommonRoutingTableImpl(RoutingTable):
# Apply attribute-based access control filtering
if filtered_objs:
filtered_objs = [obj for obj in filtered_objs if check_access(obj, get_auth_attributes())]
filtered_objs = [
obj
for obj in filtered_objs
if check_access(obj.identifier, obj.access_attributes, get_auth_attributes())
]
return filtered_objs