gmakstutis/LightRAG
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
LightRAG/docs/archives/action_plan/005-secure-tenant-api.md
Raphael MANSUY 2b292d4924
docs: Enterprise Edition & Multi-tenancy attribution (#5) 
* Remove outdated documentation files: Quick Start Guide, Apache AGE Analysis, and Scratchpad.

* Add multi-tenant testing strategy and ADR index documentation

- Introduced ADR 008 detailing the multi-tenant testing strategy for the ./starter environment, covering compatibility and multi-tenant modes, testing scenarios, and implementation details.
- Created a comprehensive ADR index (README.md) summarizing all architecture decision records related to the multi-tenant implementation, including purpose, key sections, and reading paths for different roles.

* feat(docs): Add comprehensive multi-tenancy guide and README for LightRAG Enterprise

- Introduced `0008-multi-tenancy.md` detailing multi-tenancy architecture, key concepts, roles, permissions, configuration, and API endpoints.
- Created `README.md` as the main documentation index, outlining features, quick start, system overview, and deployment options.
- Documented the LightRAG architecture, storage backends, LLM integrations, and query modes.
- Established a task log (`2025-01-21-lightrag-documentation-log.md`) summarizing documentation creation actions, decisions, and insights.
2025-12-04 18:09:15 +08:00

31 lines
1.4 KiB
Markdown
Raw Blame History

# Action Plan: Secure Tenant API
## Problem
The endpoint `GET /api/v1/tenants` exposes a list of all tenants, which violates multi-tenant isolation principles. This endpoint allows any user (or unauthenticated attacker) to enumerate all customers, posing a significant security risk (Information Disclosure).
## Goal
Remove public access to tenant listing. Ensure tenant management (listing) is restricted to administrators via a secure endpoint.
## Steps
### 1. Audit & Verification
- [ ] Verify the current implementation of `GET /api/v1/tenants`.
- [ ] Confirm that `lightrag/api/routers/tenant_routes.py` does NOT contain the list endpoint.
- [ ] Confirm that `lightrag/api/routers/admin_routes.py` contains the list endpoint under `/api/v1/admin/tenants`.
- [ ] Investigate why `GET /api/v1/tenants` is currently accessible (if it is).
### 2. Remediation
- [ ] Ensure `GET /api/v1/tenants` is removed or returns 404/403.
- [ ] Ensure `GET /api/v1/admin/tenants` is accessible only to admins.
- [ ] Verify `lightrag/api/lightrag_server.py` router mounting.
### 3. Testing
- [ ] Update `test_multitenant.sh` to:
- [ ] Verify `GET /api/v1/tenants` returns 404 or 403.
- [ ] Verify `GET /api/v1/admin/tenants` works (with admin auth).
- [ ] Verify `GET /api/v1/tenants/me` works for tenant users.
## Success Criteria
- `GET /api/v1/tenants` is no longer accessible.
- Tenant enumeration is only possible via the admin API.
- Multi-tenant isolation is preserved.
Reference in a new issue View git blame Copy permalink