Identity, Access, and Data Isolation
Identity, Access, and Data Isolation
หัวข้อที่มีชื่อว่า “Identity, Access, and Data Isolation”Security Objectives
หัวข้อที่มีชื่อว่า “Security Objectives”- Every request path must resolve to an authenticated user identity.
- Project and thread scope must stay consistent end to end.
- Service-to-service calls must not rely on browser user bearer forwarding.
- Tool side effects must run with explicit scope context.
Enforcement Layers
หัวข้อที่มีชื่อว่า “Enforcement Layers”Browser and Supabase (direct CRUD paths)
หัวข้อที่มีชื่อว่า “Browser and Supabase (direct CRUD paths)”- UI thread/message operations currently use Supabase client SDK directly.
- Scope protection depends on user auth plus DB policy constraints.
- Thread/project/team checks are also enforced in chat service methods.
BFF (kobi-ai)
หัวข้อที่มีชื่อว่า “BFF (kobi-ai)”/api/ai/*and/api/canvas/*require authenticated user token.- BFF resolves trusted user scope and blocks cross-user or cross-project thread access.
- BFF request and metadata allowlists prevent schema drift from client payloads.
Engine (kobi-agent-service)
หัวข้อที่มีชื่อว่า “Engine (kobi-agent-service)”- Validates internal contract headers (
X-Contract-Version,X-User-Id, etc.). - Optionally validates internal bearer token (
INTERNAL_ENGINE_TOKEN). - Rejects header/body claim mismatches with
403.
MCP (kobi-mcp-server)
หัวข้อที่มีชื่อว่า “MCP (kobi-mcp-server)”authenticateRequestvalidatesuserIdand thread ownership when thread is present.- Scope gating and phase gating restrict tool usage by agent and workflow phase.
- Mutation tools require approved execution context plus scoped identifiers.
Scope Objects and Owners
หัวข้อที่มีชื่อว่า “Scope Objects and Owners”| Scope Object | Source of Truth | Enforcement Layer |
|---|---|---|
user_id | Supabase auth user | BFF auth, engine contract, MCP auth |
project_id | Thread/project data model | BFF scope checks, engine header/body checks, MCP context |
thread_id | kobi_chat_threads.id | UI creation flow, BFF normalization, engine checks, MCP ownership check |
team_id | kobi_project_teams | Chat service team scope checks |
Trust Chain for Inference Calls
หัวข้อที่มีชื่อว่า “Trust Chain for Inference Calls”sequenceDiagram participant UI as Browser participant BFF as kobi-ai participant ENG as kobi-agent-service participant MCP as kobi-mcp-server UI->>BFF: Bearer user token + chat payload BFF->>BFF: verify user and scope BFF->>ENG: internal headers + normalized body ENG->>ENG: validate internal contract ENG->>MCP: tool call with approved + scoped IDs MCP->>MCP: auth + gate + mutation checks
Current Practical Rule
หัวข้อที่มีชื่อว่า “Current Practical Rule”If any layer cannot prove user/project/thread alignment, request execution should stop with 400/403 rather than continue with partial trust.