tking/fastapi-gsap
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
fastapi-gsap/.venv/lib/python3.12/site-packages/greenlet/TBrokenGreenlet.cpp
Tyler J King e744336385 fix: capability enforcement, credential safety, atomic delegations, input validation 
C-6: ConnectorRuntime enforces capability_mask per operation.
     READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
     before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.

H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
     returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.

Signed-off-by: Tyler King <tking@guildhouse.dev>
2026-04-14 08:13:27 -04:00

45 lines
1,021 B
C++
Raw Blame History

/* -*- indent-tabs-mode: nil; tab-width: 4; -*- */
/**
* Implementation of greenlet::UserGreenlet.
*
* Format with:
* clang-format -i --style=file src/greenlet/greenlet.c
*
*
* Fix missing braces with:
* clang-tidy src/greenlet/greenlet.c -fix -checks="readability-braces-around-statements"
*/
#include "TGreenlet.hpp"
namespace greenlet {
void* BrokenGreenlet::operator new(size_t UNUSED(count))
{
return allocator.allocate(1);
}
void BrokenGreenlet::operator delete(void* ptr)
{
return allocator.deallocate(static_cast<BrokenGreenlet*>(ptr),
1);
}
greenlet::PythonAllocator<greenlet::BrokenGreenlet> greenlet::BrokenGreenlet::allocator;
bool
BrokenGreenlet::force_slp_switch_error() const noexcept
{
return this->_force_slp_switch_error;
}
UserGreenlet::switchstack_result_t BrokenGreenlet::g_switchstack(void)
{
if (this->_force_switch_error) {
return switchstack_result_t(-1);
}
return UserGreenlet::g_switchstack();
}
}; //namespace greenlet
Reference in a new issue View git blame Copy permalink