fix: enforce tenant/privacy scope in remote adapters by NeerajCodz · Pull Request #3 · Astraive/nextral

NeerajCodz · 2026-05-04T06:52:06Z

The remote adapters (Qdrant, Neo4j, S3) were performing live reads/writes/deletes without enforcing the TenantUserScope and privacy_scope carried by the port APIs, enabling cross-tenant and out-of-scope access or deletion.
The change aims to restore fail-closed tenant/privacy isolation at the adapter boundary while keeping behavior minimal and compatible.
The rust-best-practices skill was used to shape a minimal, idiomatic remediation that enforces scope checks.

QdrantAdapter::search now adds a privacy_level match to the Qdrant filter and binds it to request.privacy_scope so returned vector hits are constrained by the requested privacy levels.
Neo4jAdapter now scopes graph traversal and redaction to both tenant_id and user_id by including tenant_id in the MATCH and relationship patterns and by passing tenant_id in Cypher parameters.
S3Adapter::tombstone_object now requires the provided object_key to start with tenants/{tenant_id}/ and returns InvalidInput if it does not, preventing cross-tenant deletions; the method now uses the tenant_id parameter rather than ignoring it.
Minor formatting/cleanup changes were applied (reflowing a few chained calls) to keep the codebase consistent.

Ran cargo fmt --all to apply repository formatting rules and the command completed successfully.
Ran cargo test --lib and the test suite completed successfully (11 unit tests passed, 0 failed).

fix: enforce tenant/privacy scope in remote adapters

f8a22a7

NeerajCodz added aardvark codex labels May 4, 2026 — with ChatGPT Codex Connector

Provide feedback