Access Control
5 requirements
·
8 scenarios
Authentication Gate
JR-access-control-001
All API calls SHALL be authenticated; unauthenticated requests SHALL be rejected before any processing begins.
1 test scenario
- Unauthenticated request is rejected JR-access-control-001.1
Domain and Email Access Configuration
JR-access-control-002
Access SHALL be determined by
access_control.json; email-specific configuration SHALL take precedence over domain-level configuration when both are present.
2 test scenarios
- Email-specific config overrides domain config JR-access-control-002.1
- Domain-level config applies when no email override exists JR-access-control-002.2
Two Access Levels
JR-access-control-003
Two access levels SHALL be supported:
basic (limited tool set) and all (full tool set). The access level governs which workflows and tools are available to a given domain or user.
2 test scenarios
- Basic access blocks restricted tools JR-access-control-003.1
- Full access allows all tools JR-access-control-003.2
Defense-in-Depth Authorization for Email Channel
JR-access-control-004
The email channel SHALL apply authorization at two sequential gates: SecurityValidatorStage (early reject based on sender allowlist) and AuthorizationStage (pre-routing tool authorization check).
2 test scenarios
- SecurityValidatorStage rejects unknown sender JR-access-control-004.1
- AuthorizationStage blocks unauthorized tool selection JR-access-control-004.2
Access Decision Audit Logging
JR-access-control-005
All access decisions SHALL be logged with sender identity and domain, including the decision outcome (allowed or denied) and the gate at which the decision was made.
1 test scenario
- Denied access is logged JR-access-control-005.1