feat: operation-level privacy gating instead of broad service-level

- Replace broad service-level hiding with fine-grained operation-level gating
- PRIVACY_SENSITIVE_OPERATIONS config: hide specific operations across ALL services
- PRIVACY_SERVICES still works for broad service-level blocking (optional)
- Users without PRIVACY_SERVICE_ROLES:
  * Don't see sensitive operations in /api/filter-options
  * Can't query sensitive operations via /api/events or /api/ask
  * Get 403 on /api/events/{id}/explain for sensitive events
- Exchange/Teams services remain visible; only privacy ops are hidden
- Update .env.example with new operation-level config docs

backend/tests/conftest.py

@@ -34,8 +34,11 @@ def client(mock_events_collection, mock_watermarks_collection, monkeypatch):
     monkeypatch.setattr("auth.AUTH_ENABLED", False)
     monkeypatch.setattr("routes.mcp.AUTH_ENABLED", False)
     monkeypatch.setattr("config.PRIVACY_SERVICES", set())
+    monkeypatch.setattr("config.PRIVACY_SENSITIVE_OPERATIONS", set())
     monkeypatch.setattr("routes.events.PRIVACY_SERVICES", set())
+    monkeypatch.setattr("routes.events.PRIVACY_SENSITIVE_OPERATIONS", set())
     monkeypatch.setattr("routes.ask.PRIVACY_SERVICES", set())
+    monkeypatch.setattr("routes.ask.PRIVACY_SENSITIVE_OPERATIONS", set())
     monkeypatch.setattr("database.db.command", lambda cmd: {"ok": 1} if cmd == "ping" else {})
 
     # Mock audit trail and rules collections so tests don't wait on real MongoDB

backend/tests/test_api.py

@@ -149,19 +149,19 @@ def test_saved_searches_create_validation(client, monkeypatch):
     assert response.status_code == 400
 
 
-def test_privacy_filtering_events(client, mock_events_collection, monkeypatch):
-    monkeypatch.setattr("config.PRIVACY_SERVICES", {"Exchange", "Teams"})
-    monkeypatch.setattr("routes.events.PRIVACY_SERVICES", {"Exchange", "Teams"})
+def test_privacy_filtering_events_by_operation(client, mock_events_collection, monkeypatch):
+    monkeypatch.setattr("config.PRIVACY_SENSITIVE_OPERATIONS", {"MailItemsAccessed", "Send"})
+    monkeypatch.setattr("routes.events.PRIVACY_SENSITIVE_OPERATIONS", {"MailItemsAccessed", "Send"})
     monkeypatch.setattr("auth.PRIVACY_SERVICE_ROLES", {"SecurityAdmin"})
     monkeypatch.setattr("auth.user_can_access_privacy_services", lambda claims: False)
     monkeypatch.setattr("routes.events.user_can_access_privacy_services", lambda claims: False)
 
     mock_events_collection.insert_one(
         {
-            "id": "evt-dir",
+            "id": "evt-safe",
             "timestamp": datetime.now(UTC).isoformat(),
-            "service": "Directory",
-            "operation": "Add user",
+            "service": "Exchange",
+            "operation": "Add-MailboxPermission",
             "result": "success",
             "actor_display": "Alice",
             "raw_text": "",
@@ -169,7 +169,7 @@ def test_privacy_filtering_events(client, mock_events_collection, monkeypatch):
     )
     mock_events_collection.insert_one(
         {
-            "id": "evt-exc",
+            "id": "evt-priv",
             "timestamp": datetime.now(UTC).isoformat(),
             "service": "Exchange",
             "operation": "Send",
@@ -183,33 +183,58 @@ def test_privacy_filtering_events(client, mock_events_collection, monkeypatch):
     assert response.status_code == 200
     data = response.json()
     ids = [e["id"] for e in data["items"]]
-    assert "evt-dir" in ids
-    assert "evt-exc" not in ids
+    assert "evt-safe" in ids
+    assert "evt-priv" not in ids
 
 
-def test_privacy_filter_options(client, mock_events_collection, monkeypatch):
-    monkeypatch.setattr("config.PRIVACY_SERVICES", {"Exchange"})
-    monkeypatch.setattr("routes.events.PRIVACY_SERVICES", {"Exchange"})
+def test_privacy_filter_options_shows_service_hides_ops(client, mock_events_collection, monkeypatch):
+    monkeypatch.setattr("config.PRIVACY_SENSITIVE_OPERATIONS", {"MailItemsAccessed"})
+    monkeypatch.setattr("routes.events.PRIVACY_SENSITIVE_OPERATIONS", {"MailItemsAccessed"})
     monkeypatch.setattr("auth.PRIVACY_SERVICE_ROLES", {"SecurityAdmin"})
     monkeypatch.setattr("auth.user_can_access_privacy_services", lambda claims: False)
     monkeypatch.setattr("routes.events.user_can_access_privacy_services", lambda claims: False)
 
+    mock_events_collection.insert_one(
+        {
+            "id": "evt-1",
+            "timestamp": datetime.now(UTC).isoformat(),
+            "service": "Exchange",
+            "operation": "MailItemsAccessed",
+            "result": "success",
+            "actor_display": "Alice",
+            "raw_text": "",
+        }
+    )
+    mock_events_collection.insert_one(
+        {
+            "id": "evt-2",
+            "timestamp": datetime.now(UTC).isoformat(),
+            "service": "Exchange",
+            "operation": "Add-MailboxPermission",
+            "result": "success",
+            "actor_display": "Bob",
+            "raw_text": "",
+        }
+    )
+
     response = client.get("/api/filter-options")
     assert response.status_code == 200
     data = response.json()
-    assert "Exchange" not in data["services"]
+    assert "Exchange" in data["services"]
+    assert "MailItemsAccessed" not in data["operations"]
+    assert "Add-MailboxPermission" in data["operations"]
 
 
-def test_privacy_explain_forbidden(client, mock_events_collection, monkeypatch):
-    monkeypatch.setattr("config.PRIVACY_SERVICES", {"Exchange"})
-    monkeypatch.setattr("routes.ask.PRIVACY_SERVICES", {"Exchange"})
+def test_privacy_explain_forbidden_by_operation(client, mock_events_collection, monkeypatch):
+    monkeypatch.setattr("config.PRIVACY_SENSITIVE_OPERATIONS", {"Send"})
+    monkeypatch.setattr("routes.ask.PRIVACY_SENSITIVE_OPERATIONS", {"Send"})
     monkeypatch.setattr("auth.PRIVACY_SERVICE_ROLES", {"SecurityAdmin"})
     monkeypatch.setattr("auth.user_can_access_privacy_services", lambda claims: False)
     monkeypatch.setattr("routes.ask.user_can_access_privacy_services", lambda claims: False)
 
     mock_events_collection.insert_one(
         {
-            "id": "evt-exc2",
+            "id": "evt-send",
             "timestamp": datetime.now(UTC).isoformat(),
             "service": "Exchange",
             "operation": "Send",
@@ -218,7 +243,7 @@ def test_privacy_explain_forbidden(client, mock_events_collection, monkeypatch):
             "raw_text": "",
         }
     )
-    response = client.post("/api/events/evt-exc2/explain")
+    response = client.post("/api/events/evt-send/explain")
     assert response.status_code == 403