ryanmcdonough wants the database itself to decide who sees what
A proposed hardening pass to lock down every record, not just user profiles, so one client's material can never surface in another's account.
Most legal-AI apps decide who can see which records in the application code - every screen, every query, has to remember to filter correctly. ryanmcdonough's proposal pushes that decision down a level, into the database itself, so the rules travel with the data instead of relying on the app to get it right on every path.
The fork already guarded user-profile records this way. This change would have extended the same per-record access rules to all stored content, aiming to make cross-account access structurally impossible rather than merely discouraged. It's the kind of plumbing that never shows up in the interface but decides whether a multi-tenant system is actually safe to put real client matters into. Worth noting: the change was filed against the main project and closed a week later without being merged, so as proposed it never landed upstream.
Spotted something wrong? Or know the PR text has fresher detail than the writeup above?