From 78fca73b8a3d36d8f66868c6152648444417d321 Mon Sep 17 00:00:00 2001
From: Simon Larsen <simonlarsen@oneuptime.com>
Date: Wed, 25 Jun 2025 18:24:13 +0100
Subject: [PATCH 1/3] feat: Update File access control to include
 AuthenticatedRequest permission

---
 Common/Models/DatabaseModels/File.ts | 4 ++--
 Common/Types/Permission.ts           | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Common/Models/DatabaseModels/File.ts b/Common/Models/DatabaseModels/File.ts
index 85e4200f8e..bb15d3f4f5 100644
--- a/Common/Models/DatabaseModels/File.ts
+++ b/Common/Models/DatabaseModels/File.ts
@@ -19,8 +19,8 @@ import { Entity } from "typeorm";
 })
 @CrudApiEndpoint(new Route("/file"))
 @TableAccessControl({
-  create: [Permission.CurrentUser],
-  read: [Permission.CurrentUser],
+  create: [Permission.CurrentUser, Permission.AuthenticatedRequest],
+  read: [Permission.CurrentUser, Permission.AuthenticatedRequest],
   delete: [],
   update: [],
 })
diff --git a/Common/Types/Permission.ts b/Common/Types/Permission.ts
index 06d7e19cd8..74ef7e3dd4 100644
--- a/Common/Types/Permission.ts
+++ b/Common/Types/Permission.ts
@@ -16,6 +16,8 @@ enum Permission {
   // All users in the project will have this permission.
   ProjectUser = "ProjectUser",
 
+  AuthenticatedRequest = "AuthenticatedRequest", // Authenticated request - could be API, User, MCP server or any other authenticated request.
+
   // Users who are in the project but do not have SSO authorization.
   UnAuthorizedSsoUser = "UnAuthorizedSsoUser",
 

From 9f77e8d82dd479c1c6300c786993823e500f75fc Mon Sep 17 00:00:00 2001
From: Simon Larsen <simonlarsen@oneuptime.com>
Date: Wed, 25 Jun 2025 18:26:51 +0100
Subject: [PATCH 2/3] feat: Update access control in FileModel to include
 AuthenticatedRequest permission

---
 .../DatabaseBaseModel/FileModel.ts            | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/Common/Models/DatabaseModels/DatabaseBaseModel/FileModel.ts b/Common/Models/DatabaseModels/DatabaseBaseModel/FileModel.ts
index affa797e9f..1d7cd1c2e8 100644
--- a/Common/Models/DatabaseModels/DatabaseBaseModel/FileModel.ts
+++ b/Common/Models/DatabaseModels/DatabaseBaseModel/FileModel.ts
@@ -21,8 +21,8 @@ export default class FileModel extends BaseModel {
   }
 
   @ColumnAccessControl({
-    create: [Permission.CurrentUser],
-    read: [Permission.CurrentUser],
+    create: [Permission.CurrentUser, Permission.AuthenticatedRequest],
+    read: [Permission.CurrentUser, Permission.AuthenticatedRequest],
     update: [],
   })
   @TableColumn({
@@ -37,8 +37,8 @@ export default class FileModel extends BaseModel {
   public file?: Buffer = undefined;
 
   @ColumnAccessControl({
-    create: [Permission.CurrentUser],
-    read: [Permission.CurrentUser],
+    create: [Permission.CurrentUser, Permission.AuthenticatedRequest],
+    read: [Permission.CurrentUser, Permission.AuthenticatedRequest],
     update: [],
   })
   @TableColumn({
@@ -56,8 +56,8 @@ export default class FileModel extends BaseModel {
   public name?: string = undefined;
 
   @ColumnAccessControl({
-    create: [Permission.CurrentUser],
-    read: [Permission.CurrentUser],
+    create: [Permission.CurrentUser, Permission.AuthenticatedRequest],
+    read: [Permission.CurrentUser, Permission.AuthenticatedRequest],
     update: [],
   })
   @TableColumn({
@@ -73,8 +73,8 @@ export default class FileModel extends BaseModel {
   public fileType?: MimeType = undefined;
 
   @ColumnAccessControl({
-    create: [Permission.CurrentUser],
-    read: [Permission.CurrentUser],
+    create: [Permission.CurrentUser, Permission.AuthenticatedRequest],
+    read: [Permission.CurrentUser, Permission.AuthenticatedRequest],
     update: [],
   })
   @TableColumn({
@@ -91,8 +91,8 @@ export default class FileModel extends BaseModel {
   public slug?: string = undefined;
 
   @ColumnAccessControl({
-    create: [Permission.CurrentUser],
-    read: [Permission.CurrentUser],
+    create: [Permission.CurrentUser, Permission.AuthenticatedRequest],
+    read: [Permission.CurrentUser, Permission.AuthenticatedRequest],
     update: [],
   })
   @TableColumn({

From 0b3765594f4e0f8b26cc2bdef270e3b193dc14d9 Mon Sep 17 00:00:00 2001
From: Simon Larsen <simonlarsen@oneuptime.com>
Date: Wed, 25 Jun 2025 18:33:50 +0100
Subject: [PATCH 3/3] feat: Add EnableDocumentation decorator to File model for
 improved documentation generation

---
 Common/Models/DatabaseModels/File.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Common/Models/DatabaseModels/File.ts b/Common/Models/DatabaseModels/File.ts
index bb15d3f4f5..6e19cd7142 100644
--- a/Common/Models/DatabaseModels/File.ts
+++ b/Common/Models/DatabaseModels/File.ts
@@ -2,11 +2,13 @@ import FileModel from "./DatabaseBaseModel/FileModel";
 import Route from "../../Types/API/Route";
 import TableAccessControl from "../../Types/Database/AccessControl/TableAccessControl";
 import CrudApiEndpoint from "../../Types/Database/CrudApiEndpoint";
+import EnableDocumentation from "../../Types/Database/EnableDocumentation";
 import TableMetadata from "../../Types/Database/TableMetadata";
 import IconProp from "../../Types/Icon/IconProp";
 import Permission from "../../Types/Permission";
 import { Entity } from "typeorm";
 
+@EnableDocumentation()
 @TableMetadata({
   tableName: "File",
   singularName: "File",