feat: operation-level privacy gating instead of broad service-level
All checks were successful
CI / lint-and-test (push) Successful in 21s
All checks were successful
CI / lint-and-test (push) Successful in 21s
- Replace broad service-level hiding with fine-grained operation-level gating
- PRIVACY_SENSITIVE_OPERATIONS config: hide specific operations across ALL services
- PRIVACY_SERVICES still works for broad service-level blocking (optional)
- Users without PRIVACY_SERVICE_ROLES:
* Don't see sensitive operations in /api/filter-options
* Can't query sensitive operations via /api/events or /api/ask
* Get 403 on /api/events/{id}/explain for sensitive events
- Exchange/Teams services remain visible; only privacy ops are hidden
- Update .env.example with new operation-level config docs
This commit is contained in:
@@ -50,8 +50,10 @@ LLM_MAX_EVENTS=200
|
||||
LLM_TIMEOUT_SECONDS=30
|
||||
LLM_API_VERSION=
|
||||
|
||||
# Optional: privacy / service-level access control
|
||||
# Comma-separated list of services considered privacy-sensitive (hidden from users without PRIVACY_SERVICE_ROLES)
|
||||
# Optional: privacy / access control
|
||||
# Hide entire services from users without PRIVACY_SERVICE_ROLES
|
||||
# PRIVACY_SERVICES=Exchange,Teams
|
||||
# Comma-separated list of Entra roles that can access privacy-sensitive services
|
||||
# Hide specific operations across all services from users without PRIVACY_SERVICE_ROLES
|
||||
# PRIVACY_SENSITIVE_OPERATIONS=MailItemsAccessed,Search-Mailbox,Send,ChatMessageRead
|
||||
# Comma-separated list of Entra roles that can access privacy-sensitive data
|
||||
# PRIVACY_SERVICE_ROLES=SecurityAdministrator,ComplianceAdministrator
|
||||
|
||||
Reference in New Issue
Block a user