fix(auth): scope path-like name args by command
Build and Push Docker Container / build-and-push (push) Successful in 4m41s

- Stop treating property names as vault paths during policy checks.
- Keep rename name targets protected by path restrictions.
- Add regression coverage for property:set name=from.
- Add regression coverage for blocked rename targets.
- Bump package version to 1.0.4 for the Docker image tag.
This commit is contained in:
2026-06-24 13:41:50 +02:00
parent 4a159cffe8
commit e8e31add11
4 changed files with 35 additions and 4 deletions
+9 -2
View File
@@ -29,7 +29,10 @@ class CommandTarget:
vault:str|None
paths:tuple[str, ...]
PATH_KEYS = {"path", "file", "folder", "name", "to"}
DEFAULT_PATH_KEYS = {"path", "file", "folder", "to"}
PATH_KEYS_BY_COMMAND = {
"rename": DEFAULT_PATH_KEYS | {"name"},
}
PATH_REQUIRED_WHEN_RESTRICTED = {
"append", "prepend", "read", "create", "delete", "rename", "move", "file", "folder", "open", "diff",
"search", "search:context", "files", "folders",
@@ -100,6 +103,9 @@ def parse_kv_arg(arg:str) -> tuple[str, str]|None:
return None
return key, value
def path_keys_for_command(command:str|None) -> set[str]:
return PATH_KEYS_BY_COMMAND.get(command or "", DEFAULT_PATH_KEYS)
def extract_command_target(args:list[str]) -> CommandTarget:
vault:str|None = None
command:str|None = None
@@ -113,12 +119,13 @@ def extract_command_target(args:list[str]) -> CommandTarget:
command = arg
break
path_keys = path_keys_for_command(command)
for arg in args:
parsed = parse_kv_arg(arg)
if not parsed:
continue
key, value = parsed
if key in PATH_KEYS and value:
if key in path_keys and value:
paths.append(value)
return CommandTarget(command=command, vault=vault, paths=tuple(paths))
+1 -1
View File
@@ -1,6 +1,6 @@
[project]
name = "obsidian-api"
version = "1.0.3"
version = "1.0.4"
description = "HTTP API wrapper for running Obsidian CLI commands from n8n, SDKs, or agent harnesses."
requires-python = ">=3.14"
dependencies = [
+24
View File
@@ -157,6 +157,30 @@ def test_token_policy_restricts_path(monkeypatch):
assert response.status_code == 403
assert response.json()["detail"].startswith("token is not allowed to access path: Private/Secret.md")
def test_property_set_name_is_not_treated_as_path(monkeypatch):
token = use_jwt_auth(monkeypatch, {"sub": "journal", "commands": ["property:set"], "vaults": ["*"], "paths": ["00. Journal/"]})
response = client.post(
"/commands",
headers={"Authorization": f"Bearer {token}"},
json={"args": ["property:set", "path=00. Journal/Note.md", "name=from", "value=Daniel", "type=text"]},
)
assert response.status_code == 200
assert response.json()["command"] == ["python", "property:set", "path=00. Journal/Note.md", "name=from", "value=Daniel", "type=text"]
def test_rename_name_is_treated_as_path(monkeypatch):
token = use_jwt_auth(monkeypatch, {"sub": "journal", "commands": ["rename"], "vaults": ["*"], "paths": ["00. Journal/"]})
response = client.post(
"/commands",
headers={"Authorization": f"Bearer {token}"},
json={"args": ["rename", "path=00. Journal/Old.md", "name=Private/New.md"]},
)
assert response.status_code == 403
assert response.json()["detail"].startswith("token is not allowed to access path: Private/New.md")
def test_token_policy_allows_allowed_path(monkeypatch):
token = use_jwt_auth(monkeypatch, {"sub": "inbox", "commands": ["read"], "vaults": ["*"], "paths": ["Inbox/"]})
Generated
+1 -1
View File
@@ -123,7 +123,7 @@ wheels = [
[[package]]
name = "obsidian-api"
version = "1.0.3"
version = "1.0.4"
source = { virtual = "." }
dependencies = [
{ name = "starlette" },