feat: implement 8 OpenSpec proposals for security, reliability, and UX improvements
## Security Enhancements (P0) - Add input validation with max_length and numeric range constraints - Implement WebSocket token authentication via first message - Add path traversal prevention in file storage service ## Permission Enhancements (P0) - Add project member management for cross-department access - Implement is_department_manager flag for workload visibility ## Cycle Detection (P0) - Add DFS-based cycle detection for task dependencies - Add formula field circular reference detection - Display user-friendly cycle path visualization ## Concurrency & Reliability (P1) - Implement optimistic locking with version field (409 Conflict on mismatch) - Add trigger retry mechanism with exponential backoff (1s, 2s, 4s) - Implement cascade restore for soft-deleted tasks ## Rate Limiting (P1) - Add tiered rate limits: standard (60/min), sensitive (20/min), heavy (5/min) - Apply rate limits to tasks, reports, attachments, and comments ## Frontend Improvements (P1) - Add responsive sidebar with hamburger menu for mobile - Improve touch-friendly UI with proper tap target sizes - Complete i18n translations for all components ## Backend Reliability (P2) - Configure database connection pool (size=10, overflow=20) - Add Redis fallback mechanism with message queue - Add blocker check before task deletion ## API Enhancements (P3) - Add standardized response wrapper utility - Add /health/ready and /health/live endpoints - Implement project templates with status/field copying ## Tests Added - test_input_validation.py - Schema and path traversal tests - test_concurrency_reliability.py - Optimistic locking and retry tests - test_backend_reliability.py - Connection pool and Redis tests - test_api_enhancements.py - Health check and template tests Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
beabigegg
@@ -108,6 +108,66 @@ The system SHALL implement rate limiting to protect against brute force attacks
|
||||
- **WHEN** different IPs make requests
|
||||
- **THEN** each IP has its own rate limit counter
|
||||
|
||||
### Requirement: Comprehensive API Rate Limiting
|
||||
The system SHALL enforce rate limits on all sensitive API endpoints to prevent abuse and ensure service availability.
|
||||
|
||||
#### Scenario: Task creation rate limit exceeded
|
||||
- **WHEN** user exceeds 60 task creation requests per minute
|
||||
- **THEN** system returns 429 Too Many Requests
|
||||
- **THEN** response includes Retry-After header
|
||||
|
||||
#### Scenario: Report generation rate limit exceeded
|
||||
- **WHEN** user exceeds 5 report generation requests per minute
|
||||
- **THEN** system returns 429 Too Many Requests
|
||||
- **THEN** response includes rate limit headers
|
||||
|
||||
#### Scenario: Rate limit headers provided
|
||||
- **WHEN** user makes any rate-limited API request
|
||||
- **THEN** response includes X-RateLimit-Limit header
|
||||
- **THEN** response includes X-RateLimit-Remaining header
|
||||
- **THEN** response includes X-RateLimit-Reset header
|
||||
|
||||
#### Scenario: Rate limit window reset
|
||||
- **WHEN** rate limit window expires
|
||||
- **THEN** user can make requests again up to the limit
|
||||
- **THEN** X-RateLimit-Remaining resets to maximum
|
||||
|
||||
### Requirement: Input Length Validation
|
||||
The system SHALL enforce maximum length limits on all user-provided string inputs to prevent DoS attacks and database overflow.
|
||||
|
||||
#### Scenario: Task title exceeds maximum length
|
||||
- **WHEN** user submits a task with title longer than 500 characters
|
||||
- **THEN** system returns 422 Validation Error with descriptive message
|
||||
|
||||
#### Scenario: Description field within limits
|
||||
- **WHEN** user submits content with description under 10000 characters
|
||||
- **THEN** system accepts the input and processes normally
|
||||
|
||||
### Requirement: Secure WebSocket Authentication
|
||||
The system SHALL authenticate WebSocket connections without exposing tokens in URL query parameters.
|
||||
|
||||
#### Scenario: WebSocket connection with token in first message
|
||||
- **WHEN** client connects to WebSocket endpoint
|
||||
- **THEN** server waits for authentication message containing JWT token
|
||||
- **THEN** server validates token before accepting further messages
|
||||
|
||||
#### Scenario: WebSocket connection timeout without authentication
|
||||
- **WHEN** client connects but does not send authentication within 10 seconds
|
||||
- **THEN** server closes the connection with appropriate error code
|
||||
|
||||
### Requirement: Path Traversal Protection
|
||||
The system SHALL prevent file path traversal attacks by validating all file paths resolve within the designated storage directory.
|
||||
|
||||
#### Scenario: Path traversal attempt detected
|
||||
- **WHEN** request contains file path with "../" or absolute path outside storage
|
||||
- **THEN** system rejects request and logs security warning
|
||||
- **THEN** system returns 403 Forbidden error
|
||||
|
||||
#### Scenario: Valid file path within storage
|
||||
- **WHEN** request contains valid relative file path
|
||||
- **THEN** system resolves path and verifies it is within storage directory
|
||||
- **THEN** system processes file operation normally
|
||||
|
||||
## Data Model
|
||||
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user