Add ABAC user attributes with schema-first definitions and typed template variables

Schema-first attribute system: attribute_definition table defines allowed keys
with types (string/integer/boolean), entity type scoping, optional enum constraints,
and reserved key protection. User attributes stored as JSON column on proxy_user
with full-replace semantics and write-time validation.

Key changes:
- Attribute definitions CRUD API with force-delete cascade (SQLite/PostgreSQL)
- Typed {user.KEY} template variables in filter/mask expressions (Utf8/Int64/Boolean)
- User attributes in decision function context (ctx.session.user.attributes)
- time.now (RFC 3339) added to decision context for time-windowed access
- Save-time expression validation (validate_expression) prevents silent query-time failures
- CASE WHEN support in expression parser (sql_ast_to_df_expr)
- Shared Arc<WasmDecisionRuntime> singleton replaces per-use instantiation
- Admin UI: attribute definition pages, user attribute editor with type-aware inputs
- Security vectors 59-68 documented; rename permission-security-tests.md → security-vectors.md
- 3 new migrations (052-054): attribute_definition table, unique index, user attributes column

Author: jumpbetweenrows

.claude/CLAUDE.md

@@ -64,7 +64,7 @@ Every feature plan MUST include a comprehensive test case inventory before imple
 | **Multi-entity interaction** | How do multiple instances interact? | Multiple roles, multiple datasources, overlapping policies, priority conflicts |
 | **Backward compatibility** | Does existing functionality still work? | Old API formats, migration of existing data, default values |
 
-**Test naming convention:** Group tests by category with descriptive names. Map security-relevant tests to vector numbers in `docs/permission-security-tests.md`.
+**Test naming convention:** Group tests by category with descriptive names. Map security-relevant tests to vector numbers in `docs/security-vectors.md`.
 
 ### Security-First Thinking
 This is a data security product. Every feature that touches access control, policy resolution, or data visibility must be evaluated through a security lens:

CHANGELOG.md

@@ -111,7 +111,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - **Admin UI — Policy Assignments** — assign/remove policies per datasource with optional user scope and priority
 - **Admin UI — Query Audit** — paginated audit log with original query, rewritten query, and applied policy snapshots
 - **Demo e-commerce schema** — `scripts/demo_ecommerce/` with schema, seed script, and example policies
-- **Docs** — `docs/permission-system.md` (user guide) and `docs/permission-security-tests.md` (security test plan)
+- **Docs** — `docs/permission-system.md` (user guide) and `docs/security-vectors.md` (security test plan)
 
 ### Changed
 - **Arrow encoding** — migrated to `arrow-pg`; handler simplified; removed `arrow_conversion` and `sql_rewrite` modules

Cargo.lock

@@ -150,7 +150,7 @@ betweenrows/
 ├── migration/src/                    SeaORM migrations (41 total)
 ├── docs/                             User-facing documentation
 │   ├── permission-system.md          Policy system user guide
-│   ├── permission-security-tests.md  Security test plan
+│   ├── security-vectors.md           Security attack vectors & test plan
 │   ├── permission-stories.md         Detailed permission use cases
 │   └── roadmap.md                    Project roadmap and backlog
 ├── scripts/demo_ecommerce/           Demo schema + seed data
@@ -333,7 +333,7 @@ QueryProxy enforces a two-layer access control model:
 
 **Data plane** — controlled by two independent mechanisms:
 1. *Connection access* — `data_source_access` entries. A user can connect to a datasource via direct assignment, role membership (including inherited roles), or all-user scope. Being an admin does **not** automatically grant data plane access.
-2. *Query policy* — `PolicyHook` applies row filters, column masks, and column access controls per-query based on assigned policies (direct, role-based, or all-scoped). If the datasource `access_mode` is `"policy_required"`, tables with no matching permit policy return empty results.
+2. *Query policy* — `PolicyHook` applies row filters, column masks, and column access controls per-query based on assigned policies (direct, role-based, or all-scoped). If the datasource `access_mode` is `"policy_required"`, tables with no matching permit policy return empty results. Policies can reference built-in identity fields (`{user.tenant}`, `{user.username}`, `{user.id}`) and custom user attributes (`{user.KEY}`) for attribute-based access control (ABAC). Optional decision functions (JavaScript/WASM) provide programmable policy gates.
 
 See `docs/permission-system.md` for the full policy system user guide.
 
@@ -455,6 +455,29 @@ All policy endpoints require admin (`is_admin = true`).
 | POST | `/datasources/{id}/policies` | Assign policy to datasource (scope: user/role/all) |
 | DELETE | `/datasources/{id}/policies/{assignment_id}` | Remove assignment |
 
+### Decision Functions
+
+| Method | Path | Description |
+|--------|------|-------------|
+| GET | `/decision-functions` | List decision functions (paginated) |
+| POST | `/decision-functions` | Create decision function |
+| GET | `/decision-functions/{id}` | Get decision function |
+| PUT | `/decision-functions/{id}` | Update decision function (optimistic concurrency) |
+| DELETE | `/decision-functions/{id}` | Delete decision function |
+| POST | `/decision-functions/{id}/test` | Test decision function with sample context |
+
+### Attribute Definitions
+
+| Method | Path | Description |
+|--------|------|-------------|
+| GET | `/attribute-definitions` | List definitions (`?entity_type=user` filter, paginated) |
+| POST | `/attribute-definitions` | Create attribute definition |
+| GET | `/attribute-definitions/{id}` | Get definition |
+| PUT | `/attribute-definitions/{id}` | Update definition |
+| DELETE | `/attribute-definitions/{id}` | Delete definition (`?force=true` to cascade-remove from entities) |
+
+User attributes are set via `PUT /users/{id}` with an `attributes` field (full-replace semantics, validated against definitions). Attributes are available as `{user.KEY}` template variables in policy expressions and as `ctx.session.user.attributes` in decision functions.
+
 ### Audit Log
 
 | Method | Path | Description |

README.md

@@ -27,6 +27,11 @@ React 19, Vite 7, Tailwind 4, TanStack Query 5, react-router-dom 7, Vitest 4, @t
 - `src/types/role.ts` — TypeScript interfaces for roles, members, audit entries
 - `src/types/decisionFunction.ts` — TypeScript interfaces (`DecisionFunctionResponse`, `DecisionFunctionSummary`, `CreateDecisionFunctionPayload`, `UpdateDecisionFunctionPayload`, `TestDecisionFnPayload`, `TestDecisionFnResponse`, `EvaluateContext`, `OnErrorBehavior`, `LogLevel`)
 - `src/api/decisionFunctions.ts` — API client: `listDecisionFunctions`, `getDecisionFunction`, `createDecisionFunction`, `updateDecisionFunction`, `deleteDecisionFunction`, `testDecisionFn`
+- `src/api/attributeDefinitions.ts` — API client: `listAttributeDefinitions`, `getAttributeDefinition`, `createAttributeDefinition`, `updateAttributeDefinition`, `deleteAttributeDefinition`
+- `src/types/attributeDefinition.ts` — TypeScript interfaces (`AttributeDefinition`, `CreateAttributeDefinitionPayload`, `UpdateAttributeDefinitionPayload`, `ValueType`, `EntityType`)
+- `src/pages/AttributeDefinitionsPage.tsx` — List attribute definitions with entity type filter, force-delete support
+- `src/pages/AttributeDefinitionEditPage.tsx` — Create/edit attribute definitions (exports `AttributeDefinitionCreatePage` and `AttributeDefinitionEditPage`)
+- `src/components/UserAttributeEditor.tsx` — Inline editor for user attributes on UserEditPage. Loads attribute definitions to show type-appropriate inputs (text, number, boolean toggle, enum dropdown). Shows `{user.KEY}` syntax hint per attribute.
 - `src/test/test-utils.tsx` — `renderWithProviders` (QueryClient + AuthProvider + MemoryRouter)
 - `src/test/factories.ts` — `makeUser`, `makeDataSource`, `makeDataSourceType`, `makeDiscoveredSchema/Table/Column`, `makeDecisionFunction`, `makePolicy`, `makePolicyAssignment`
 

admin-ui/CLAUDE.md

@@ -19,6 +19,8 @@ import { RolesListPage } from './pages/RolesListPage'
 import { RoleCreatePage } from './pages/RoleCreatePage'
 import { RoleEditPage } from './pages/RoleEditPage'
 import { AdminAuditPage } from './pages/AdminAuditPage'
+import { AttributeDefinitionsPage } from './pages/AttributeDefinitionsPage'
+import { AttributeDefinitionCreatePage, AttributeDefinitionEditPage } from './pages/AttributeDefinitionEditPage'
 
 const queryClient = new QueryClient({
   defaultOptions: {
@@ -49,6 +51,9 @@ export function App() {
                 <Route path="roles" element={<RolesListPage />} />
                 <Route path="roles/create" element={<RoleCreatePage />} />
                 <Route path="roles/:id" element={<RoleEditPage />} />
+                <Route path="attributes" element={<AttributeDefinitionsPage />} />
+                <Route path="attributes/create" element={<AttributeDefinitionCreatePage />} />
+                <Route path="attributes/:id/edit" element={<AttributeDefinitionEditPage />} />
                 <Route path="policies" element={<PoliciesListPage />} />
                 <Route path="policies/create" element={<PolicyCreatePage />} />
                 <Route path="policies/:id/edit" element={<PolicyEditPage />} />

admin-ui/src/App.tsx

@@ -0,0 +1,46 @@
+import { client } from './client'
+import type {
+  AttributeDefinition,
+  CreateAttributeDefinitionPayload,
+  UpdateAttributeDefinitionPayload,
+} from '../types/attributeDefinition'
+import type { PaginatedResponse } from '../types/user'
+
+export async function listAttributeDefinitions(params?: {
+  entity_type?: string
+  page?: number
+  page_size?: number
+}): Promise<PaginatedResponse<AttributeDefinition>> {
+  const { data } = await client.get<PaginatedResponse<AttributeDefinition>>(
+    '/attribute-definitions',
+    { params },
+  )
+  return data
+}
+
+export async function getAttributeDefinition(id: string): Promise<AttributeDefinition> {
+  const { data } = await client.get<AttributeDefinition>(`/attribute-definitions/${id}`)
+  return data
+}
+
+export async function createAttributeDefinition(
+  payload: CreateAttributeDefinitionPayload,
+): Promise<AttributeDefinition> {
+  const { data } = await client.post<AttributeDefinition>('/attribute-definitions', payload)
+  return data
+}
+
+export async function updateAttributeDefinition(
+  id: string,
+  payload: UpdateAttributeDefinitionPayload,
+): Promise<AttributeDefinition> {
+  const { data } = await client.put<AttributeDefinition>(`/attribute-definitions/${id}`, payload)
+  return data
+}
+
+export async function deleteAttributeDefinition(
+  id: string,
+  force = false,
+): Promise<void> {
+  await client.delete(`/attribute-definitions/${id}`, { params: force ? { force: true } : {} })
+}

admin-ui/src/api/attributeDefinitions.ts

@@ -57,6 +57,18 @@ export function Layout() {
           >
             Roles
           </NavLink>
+          <NavLink
+            to="/attributes"
+            className={({ isActive }) =>
+              `flex items-center gap-2 px-3 py-2 rounded-lg text-sm transition-colors ${
+                isActive
+                  ? 'bg-blue-600 text-white'
+                  : 'text-gray-300 hover:bg-gray-700 hover:text-white'
+              }`
+            }
+          >
+            Attributes
+          </NavLink>
           <NavLink
             to="/policies"
             className={({ isActive }) =>

admin-ui/src/components/Layout.tsx

@@ -0,0 +1,152 @@
+import { useState, useEffect } from 'react'
+import { useQuery } from '@tanstack/react-query'
+import { listAttributeDefinitions } from '../api/attributeDefinitions'
+import type { AttributeDefinition } from '../types/attributeDefinition'
+
+interface Props {
+  /** Current attribute values from the user model. */
+  attributes: Record<string, string>
+  /** Called with the updated full attribute map when user edits. */
+  onChange: (attributes: Record<string, string>) => void
+}
+
+export function UserAttributeEditor({ attributes, onChange }: Props) {
+  const { data: defsData, isLoading } = useQuery({
+    queryKey: ['attribute-definitions', 'user'],
+    queryFn: () => listAttributeDefinitions({ entity_type: 'user', page_size: 200 }),
+  })
+
+  const definitions = defsData?.data ?? []
+
+  // Local state mirrors props; syncs upward via onChange
+  const [values, setValues] = useState<Record<string, string>>(attributes)
+
+  useEffect(() => {
+    setValues(attributes)
+  }, [attributes])
+
+  function handleChange(key: string, value: string) {
+    const next = { ...values }
+    if (value === '' || value === undefined) {
+      delete next[key]
+    } else {
+      next[key] = value
+    }
+    setValues(next)
+    onChange(next)
+  }
+
+  if (isLoading) {
+    return <p className="text-sm text-gray-400">Loading attribute definitions...</p>
+  }
+
+  if (definitions.length === 0) {
+    return (
+      <p className="text-sm text-gray-500">
+        No attribute definitions yet.{' '}
+        <a href="/attributes/create" className="text-blue-600 hover:underline">
+          Create one
+        </a>{' '}
+        to start using user attributes.
+      </p>
+    )
+  }
+
+  return (
+    <div className="space-y-3 max-w-lg">
+      {definitions.map((def) => (
+        <AttributeField
+          key={def.id}
+          definition={def}
+          value={values[def.key] ?? ''}
+          onChange={(v) => handleChange(def.key, v)}
+        />
+      ))}
+      {/* Show any orphaned attributes (set but no definition) */}
+      {Object.keys(values)
+        .filter((k) => !definitions.some((d) => d.key === k))
+        .map((k) => (
+          <div key={k} className="flex items-center gap-3">
+            <label className="block text-sm font-medium text-gray-400 w-40 truncate">
+              {k} <span className="text-xs">(no definition)</span>
+            </label>
+            <input
+              type="text"
+              value={values[k]}
+              disabled
+              className="flex-1 border border-gray-200 bg-gray-50 rounded-lg px-3 py-2 text-sm text-gray-400"
+            />
+            <button
+              type="button"
+              onClick={() => handleChange(k, '')}
+              className="text-xs text-red-500 hover:text-red-700"
+            >
+              Remove
+            </button>
+          </div>
+        ))}
+    </div>
+  )
+}
+
+function AttributeField({
+  definition,
+  value,
+  onChange,
+}: {
+  definition: AttributeDefinition
+  value: string
+  onChange: (value: string) => void
+}) {
+  const hasEnum = definition.allowed_values && definition.allowed_values.length > 0
+
+  return (
+    <div className="flex items-center gap-3">
+      <label className="block text-sm font-medium text-gray-700 w-40 truncate" title={definition.key}>
+        {definition.display_name}
+        {definition.description && (
+          <span className="block text-xs font-normal text-gray-400 truncate" title={definition.description}>
+            {definition.description}
+          </span>
+        )}
+      </label>
+
+      {definition.value_type === 'boolean' ? (
+        <select
+          value={value}
+          onChange={(e) => onChange(e.target.value)}
+          className="flex-1 border border-gray-300 rounded-lg px-3 py-2 text-sm focus:outline-none focus:ring-2 focus:ring-blue-500"
+        >
+          <option value="">Not set</option>
+          <option value="true">true</option>
+          <option value="false">false</option>
+        </select>
+      ) : hasEnum ? (
+        <select
+          value={value}
+          onChange={(e) => onChange(e.target.value)}
+          className="flex-1 border border-gray-300 rounded-lg px-3 py-2 text-sm focus:outline-none focus:ring-2 focus:ring-blue-500"
+        >
+          <option value="">Not set</option>
+          {definition.allowed_values!.map((v) => (
+            <option key={v} value={v}>
+              {v}
+            </option>
+          ))}
+        </select>
+      ) : (
+        <input
+          type={definition.value_type === 'integer' ? 'number' : 'text'}
+          value={value}
+          onChange={(e) => onChange(e.target.value)}
+          placeholder={definition.default_value ?? `Enter ${definition.value_type}`}
+          className="flex-1 border border-gray-300 rounded-lg px-3 py-2 text-sm focus:outline-none focus:ring-2 focus:ring-blue-500"
+        />
+      )}
+
+      <span className="text-xs text-gray-400 font-mono w-16 text-right">
+        {'{'}user.{definition.key}{'}'}
+      </span>
+    </div>
+  )
+}