Oliver/ppt-tool
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ppt-tool/backend/utils
History
Vadym Samoilenko 4f391a04e8 Complete critical security improvements (P0.5-P0.8) 
P0.5: Database Row-Level Security (RLS) - CRITICAL
- Created Alembic migration for RLS policies on all client-scoped tables
- Policies for: presentations, master_decks, brand_configs, slides, templates
- Updated get_async_session to set PostgreSQL session variables
- Multi-tenant isolation now enforced at database level (defense-in-depth)
- Session variables: app.current_user_id, app.user_role

P0.6: Safe Error Messages
- Created safe_exception_handler to prevent info disclosure
- Logs full errors internally with context (user_id, path, method)
- Returns generic "internal error" message to clients
- Preserves HTTPException details (intentional error messages)

P0.7: Security Headers
- Created SecurityHeadersMiddleware with comprehensive headers
- Headers: X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
- CSP, Referrer-Policy, Permissions-Policy, HSTS
- Updated nginx.conf with matching security headers

P0.8: Database Connection Pool Optimization
- Increased pool_size from 5 to 20 connections
- Added max_overflow of 40 for burst traffic
- Enabled pool_pre_ping for connection health checks
- Pool recycle after 1 hour to prevent stale connections
- Configurable via DB_POOL_SIZE, DB_MAX_OVERFLOW, DB_POOL_RECYCLE

All critical pre-launch security tasks complete. System now has:
 CORS protection
 Rate limiting
 Request size limits
 Database-level tenant isolation (RLS)
 Safe error handling
 Security headers
 Optimized connection pooling

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
2026-02-27 18:33:58 +00:00
..
llm_calls Phase 4: Generation Pipeline — brand enforcement, enhanced LLM calls, ARQ job queue 2026-02-26 16:15:25 +00:00
__init__.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
asset_directory_utils.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
async_iterator.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
auth_dependencies.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
available_models.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
datetime_utils.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
db_utils.py Rebrand Presenton to Oliver DeckForge, pre-configure models, use NanoBanana Pro 2026-02-26 18:17:11 +00:00
dict_utils.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
download_helpers.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
dummy_functions.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
error_handling.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
export_utils.py Phase 5: Fix export, slide edit, static files; add README 2026-02-27 15:40:36 +00:00
file_utils.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
get_dynamic_models.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
get_env.py Phase 4: Generation Pipeline — brand enforcement, enhanced LLM calls, ARQ job queue 2026-02-26 16:15:25 +00:00
get_layout_by_name.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
image_provider.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
image_utils.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
llm_client_error_handler.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
llm_context.py Phase 2: Admin panel, analytics, storage, template pipeline, multi-provider LLM 2026-02-26 23:39:34 +00:00
llm_provider.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
model_availability.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
ollama.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
oxml_geometry.py Implement critical security fixes and modern design system (Pre-launch P0 tasks) 2026-02-27 18:28:24 +00:00
parsers.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
ppt_utils.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
process_slides.py Phase 3: Bug fixes, feature enhancements, and polish 2026-02-27 12:58:52 +00:00
safe_error_handler.py Complete critical security improvements (P0.5-P0.8) 2026-02-27 18:33:58 +00:00
schema_utils.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
set_env.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
tsx_validator.py Implement critical security fixes and modern design system (Pre-launch P0 tasks) 2026-02-27 18:28:24 +00:00
user_config.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
validators.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00