feat: Add brand manifest policy system for flexible product discovery #663
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Implements three-tier brand manifest policy system based on updated AdCP schema where brand_manifest is now optional in get-products-request. **Policy Options:** - `public`: Products visible to anyone, no auth required, no pricing shown - `require_auth`: Auth required, brand_manifest optional, pricing shown to authenticated users - `require_brand`: Auth + brand_manifest required (strictest, default for backward compatibility) **Changes:** - Database: New `brand_manifest_policy` column in tenants table with migration - Model: Added field to Tenant model with SQLAlchemy 2.0 style annotations - Business Logic: Policy enforcement in get_products with pricing visibility rules - Admin UI: Brand manifest policy dropdown in policy settings (both templates) - Tests: Comprehensive unit tests for all three policy modes (8 tests, all passing) - Schema: Updated AdCP schemas to v1 with optional brand_manifest **Behavior:** - Default policy is `require_brand` (preserves existing behavior) - Pricing visibility depends on policy + authentication + brand_manifest presence - Generic offering text used when brand_manifest not provided - Policy validated with clear error messages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Implements a two-tier product catalog access control system allowing publishers to choose between authenticated buyers or public access to their ad products. Changes: - Add brand_manifest_policy column to tenants table (default: require_auth) - Create migration to change default from require_brand to require_auth - Implement policy enforcement in get_products endpoint - Add simplified UI with 2 options (authenticated buyers vs public access) - Update admin UI templates with clean, minimal wording - Add OAuth redirect URI configuration for local development - Maps both require_auth and require_brand to same "authenticated" option Technical details: - Three backend values: require_auth, require_brand, public - Two UI options: "Authenticated buyers only" and "Public access" - Default behavior: require_auth (standard B2B - signup to see pricing) - Public mode: Products visible without auth, but no pricing shown - All tests passing (8 unit tests for policy enforcement) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
bokelley
added a commit
that referenced
this pull request
Nov 10, 2025
The brand_manifest_policy system (added in PR #663) allows per-tenant configuration of when brand_manifest is required: - require_auth: Auth required, brand_manifest optional (default) - require_brand: Auth + brand_manifest required (strictest) - public: No auth required (no pricing shown) This commit adds: - Documentation explaining the three policy options - Python script to update all tenants to require_auth - Instructions for updating via Admin UI, SQL, or Fly.io To make brand_manifest optional for testing, simply set the tenant's brand_manifest_policy to 'require_auth' instead of 'require_brand'. Related: PR #663
bokelley
added a commit
that referenced
this pull request
Nov 10, 2025
Add UI dropdown in Policies & Workflows section to configure brand_manifest_policy. The brand_manifest_policy system was added in PR #663 with three options: - require_auth (default): Auth required, brand_manifest optional - require_brand: Auth + brand_manifest required (strictest) - public: No auth required, no pricing shown This PR adds the missing UI piece so admins can configure the policy: Changes: - Added dropdown to tenant_settings.html in Policies & Workflows section - Added backend handling in settings.py to save the policy value - Added documentation in docs/brand-manifest-policy.md - Added script to batch update tenants: scripts/update_brand_manifest_policy.py Usage: Admin UI → Tenant Settings → Policies & Workflows → Brand Manifest Policy Related: PR #663 (original implementation)
bokelley
added a commit
that referenced
this pull request
Nov 10, 2025
* docs: Add brand manifest policy configuration docs and update script The brand_manifest_policy system (added in PR #663) allows per-tenant configuration of when brand_manifest is required: - require_auth: Auth required, brand_manifest optional (default) - require_brand: Auth + brand_manifest required (strictest) - public: No auth required (no pricing shown) This commit adds: - Documentation explaining the three policy options - Python script to update all tenants to require_auth - Instructions for updating via Admin UI, SQL, or Fly.io To make brand_manifest optional for testing, simply set the tenant's brand_manifest_policy to 'require_auth' instead of 'require_brand'. Related: PR #663 * feat: Add brand manifest policy UI dropdown in Admin Add UI dropdown in Policies & Workflows section to configure brand_manifest_policy. The brand_manifest_policy system was added in PR #663 with three options: - require_auth (default): Auth required, brand_manifest optional - require_brand: Auth + brand_manifest required (strictest) - public: No auth required, no pricing shown This PR adds the missing UI piece so admins can configure the policy: Changes: - Added dropdown to tenant_settings.html in Policies & Workflows section - Added backend handling in settings.py to save the policy value - Added documentation in docs/brand-manifest-policy.md - Added script to batch update tenants: scripts/update_brand_manifest_policy.py Usage: Admin UI → Tenant Settings → Policies & Workflows → Brand Manifest Policy Related: PR #663 (original implementation)
danf-newton
pushed a commit
to Newton-Research-Inc/salesagent
that referenced
this pull request
Nov 24, 2025
…adcontextprotocol#663) * feat: Add brand manifest policy system for flexible product discovery Implements three-tier brand manifest policy system based on updated AdCP schema where brand_manifest is now optional in get-products-request. **Policy Options:** - `public`: Products visible to anyone, no auth required, no pricing shown - `require_auth`: Auth required, brand_manifest optional, pricing shown to authenticated users - `require_brand`: Auth + brand_manifest required (strictest, default for backward compatibility) **Changes:** - Database: New `brand_manifest_policy` column in tenants table with migration - Model: Added field to Tenant model with SQLAlchemy 2.0 style annotations - Business Logic: Policy enforcement in get_products with pricing visibility rules - Admin UI: Brand manifest policy dropdown in policy settings (both templates) - Tests: Comprehensive unit tests for all three policy modes (8 tests, all passing) - Schema: Updated AdCP schemas to v1 with optional brand_manifest **Behavior:** - Default policy is `require_brand` (preserves existing behavior) - Pricing visibility depends on policy + authentication + brand_manifest presence - Generic offering text used when brand_manifest not provided - Policy validated with clear error messages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * feat: Add simplified brand manifest policy system for product discovery Implements a two-tier product catalog access control system allowing publishers to choose between authenticated buyers or public access to their ad products. Changes: - Add brand_manifest_policy column to tenants table (default: require_auth) - Create migration to change default from require_brand to require_auth - Implement policy enforcement in get_products endpoint - Add simplified UI with 2 options (authenticated buyers vs public access) - Update admin UI templates with clean, minimal wording - Add OAuth redirect URI configuration for local development - Maps both require_auth and require_brand to same "authenticated" option Technical details: - Three backend values: require_auth, require_brand, public - Two UI options: "Authenticated buyers only" and "Public access" - Default behavior: require_auth (standard B2B - signup to see pricing) - Public mode: Products visible without auth, but no pricing shown - All tests passing (8 unit tests for policy enforcement) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
danf-newton
pushed a commit
to Newton-Research-Inc/salesagent
that referenced
this pull request
Nov 24, 2025
…ol#726) * docs: Add brand manifest policy configuration docs and update script The brand_manifest_policy system (added in PR adcontextprotocol#663) allows per-tenant configuration of when brand_manifest is required: - require_auth: Auth required, brand_manifest optional (default) - require_brand: Auth + brand_manifest required (strictest) - public: No auth required (no pricing shown) This commit adds: - Documentation explaining the three policy options - Python script to update all tenants to require_auth - Instructions for updating via Admin UI, SQL, or Fly.io To make brand_manifest optional for testing, simply set the tenant's brand_manifest_policy to 'require_auth' instead of 'require_brand'. Related: PR adcontextprotocol#663 * feat: Add brand manifest policy UI dropdown in Admin Add UI dropdown in Policies & Workflows section to configure brand_manifest_policy. The brand_manifest_policy system was added in PR adcontextprotocol#663 with three options: - require_auth (default): Auth required, brand_manifest optional - require_brand: Auth + brand_manifest required (strictest) - public: No auth required, no pricing shown This PR adds the missing UI piece so admins can configure the policy: Changes: - Added dropdown to tenant_settings.html in Policies & Workflows section - Added backend handling in settings.py to save the policy value - Added documentation in docs/brand-manifest-policy.md - Added script to batch update tenants: scripts/update_brand_manifest_policy.py Usage: Admin UI → Tenant Settings → Policies & Workflows → Brand Manifest Policy Related: PR adcontextprotocol#663 (original implementation)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Implements a three-tier brand manifest policy system based on the updated AdCP schema where
brand_manifestis now optional inget-products-request.This allows tenants to control how they want to handle product discovery requests:
Policy Options
publicrequire_authrequire_brandChanges
Database
brand_manifest_policycolumn intenantstablerequire_brand(preserves existing strict behavior)Business Logic (
src/core/tools/products.py)Admin UI
Tests
Schema Updates
brand_manifestTest Plan
Manual Testing
Public Policy:
Require Auth Policy:
Require Brand Policy (default):
Automated Tests
Backward Compatibility
require_brand- existing tenants maintain strict behaviorMigration Notes
The migration adds the
brand_manifest_policycolumn with:'require_brand'falseScreenshots
Admin UI screenshots showing the new brand manifest policy dropdown in policy settings would go here.
🤖 Generated with Claude Code