Per-tree AI model policy (owner-only admin view) #238

Merged
justin merged 1 commits from ai-model-policy into main 2026-06-09 20:53:07 -04:00
Owner

Owner-configured, per-tree AI model policy.

The operator decides which providers exist (env / registry — Anthropic, OpenAI, x.AI, Ollama, any number at once). The tree owner decides who uses which:

  • Members' assistant → one configured provider (or none)
  • Recommender (association / connection finder) → one configured provider (or none)
  • Owner → may use any configured provider

Backend

  • trees.ai_member_provider / ai_recommender_provider (nullable String(32)) + migration b2c3d4e5f6a7 (verified: applies cleanly through the full chain).
  • configured_llm_providers() surfaces the registry as {name, model}no secrets.
  • Owner-gated GET/PATCH /trees/{id}/ai; provider names validated against the configured set (unconfigured → 403).
  • Tests: owner-only enforcement + set/validate/clear. Full suite 89 passing.

Frontend

  • Owner-only AI models page: a dropdown per role, graceful 403 for non-owners, empty state when no providers are configured.
  • Sidebar link; regenerated OpenAPI client.

Per-model-within-a-provider selection is a follow-up; today each provider maps to its single configured model.

🤖 Generated with Claude Code

Owner-configured, per-tree AI model policy. The **operator** decides which providers exist (env / registry — Anthropic, OpenAI, x.AI, Ollama, any number at once). The **tree owner** decides who uses which: - **Members' assistant** → one configured provider (or none) - **Recommender** (association / connection finder) → one configured provider (or none) - **Owner** → may use any configured provider ### Backend - `trees.ai_member_provider` / `ai_recommender_provider` (nullable String(32)) + migration `b2c3d4e5f6a7` (verified: applies cleanly through the full chain). - `configured_llm_providers()` surfaces the registry as `{name, model}` — **no secrets**. - Owner-gated `GET`/`PATCH /trees/{id}/ai`; provider names validated against the configured set (unconfigured → 403). - Tests: owner-only enforcement + set/validate/clear. Full suite 89 passing. ### Frontend - Owner-only **AI models** page: a dropdown per role, graceful 403 for non-owners, empty state when no providers are configured. - Sidebar link; regenerated OpenAPI client. Per-model-within-a-provider selection is a follow-up; today each provider maps to its single configured model. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
justin added 1 commit 2026-06-09 20:52:59 -04:00
The operator decides which model providers exist (env / registry — Anthropic,
OpenAI, x.AI, Ollama, several at once). The *tree owner* decides who uses which:

- Members' assistant -> one configured provider (or none)
- Recommender (association/connection finder) -> one configured provider (or none)
- Owner -> may use any configured provider

Backend: two nullable columns on `trees` (ai_member_provider,
ai_recommender_provider) + migration; `configured_llm_providers()` exposes the
registry as {name, model} with no secrets; owner-gated GET/PATCH
/trees/{id}/ai validate names against the configured set. Frontend: owner-only
"AI models" page with a dropdown per role, graceful 403 for non-owners, and a
sidebar link.

Per-model-within-a-provider selection is a follow-up; today each provider maps
to its single configured model.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Justin Paul <justin@jpaul.me>
justin merged commit f8fa23c1f6 into main 2026-06-09 20:53:07 -04:00
justin deleted branch ai-model-policy 2026-06-09 20:53:07 -04:00
Sign in to join this conversation.