ebfcd60c71
Unassigned (no agency) non-admin users previously saw ALL campaigns due to a truthiness check that treated None agency_id as "no filter". This was a security bug — they should see NO campaigns and be blocked from creating them. Backend: Add _NO_AGENCY sentinel to distinguish "no filter" from "no agency", add early-returns at all 5 list/analytics endpoints, fix _check_campaign_access to explicitly reject unassigned users, and block campaign creation with 403. Frontend: Add isUnassigned boolean to UserContext, show informational empty state on Campaigns view, and reinforce readOnly for defense-in-depth. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| alembic | ||
| app | ||
| .env.example | ||
| alembic.ini | ||
| Dockerfile | ||
| requirements.txt | ||