supertable 2.0.4__tar.gz → 2.0.5__tar.gz

{supertable-2.0.4/supertable.egg-info → supertable-2.0.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: supertable
-Version: 2.0.4
+Version: 2.0.5
 Summary: SuperTable — versioned data lake library for SQL analytics on Parquet + Redis.
 Author: Levente Kupas
 Author-email: Levente Kupas <lkupas@kladnasoft.com>

{supertable-2.0.4 → supertable-2.0.5}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "supertable"
-version = "2.0.4"
+version = "2.0.5"
 description = "SuperTable — versioned data lake library for SQL analytics on Parquet + Redis."
 readme = "README.md"
 requires-python = ">=3.10"

{supertable-2.0.4 → supertable-2.0.5}/setup.py

@@ -19,7 +19,7 @@ long_description = readme.read_text(encoding="utf-8") if readme.exists() else ""
 
 setup(
     name="supertable",
-    version="2.0.4",
+    version="2.0.5",
     description="SuperTable — versioned data lake library for SQL analytics on Parquet + Redis.",
     long_description=long_description,
     long_description_content_type="text/markdown",

{supertable-2.0.4 → supertable-2.0.5}/supertable/__init__.py

@@ -25,7 +25,7 @@ See the ``supertable.demo`` package for runnable end-to-end demos and the
 project documentation for the full API surface.
 """
 
-__version__ = "2.0.4"
+__version__ = "2.0.5"
 
 # Re-export the core public surface so users can do ``from supertable import …``
 # instead of remembering submodule paths.

{supertable-2.0.4 → supertable-2.0.5}/supertable/redis_infra.py

@@ -64,13 +64,25 @@ if settings.SUPERTABLE_LOGIN_MASK not in (1, 2, 3):
         f"Invalid SUPERTABLE_LOGIN_MASK (must be 1, 2, or 3): {settings.SUPERTABLE_LOGIN_MASK}"
     )
 
-_missing_envs: List[str] = []
-if not settings.SUPERTABLE_ORGANIZATION:
-    _missing_envs.append("SUPERTABLE_ORGANIZATION")
-if not (settings.SUPERTABLE_SUPERUSER_TOKEN or "").strip():
-    _missing_envs.append("SUPERTABLE_SUPERUSER_TOKEN")
-if _missing_envs:
-    raise RuntimeError("Missing required environment variables: " + ", ".join(_missing_envs))
+def _require_runtime_env() -> None:
+    """Validate the env vars needed to actually talk to Redis.
+
+    Called lazily by code paths that open a real Redis connection or
+    otherwise need the deployment's organization / superuser token.
+    Importing the SDK no longer fails when these are unset — only
+    running against Redis does. This keeps the module importable in
+    test, build, and inspection contexts where the runtime
+    credentials aren't (and shouldn't be) present.
+    """
+    missing: List[str] = []
+    if not settings.SUPERTABLE_ORGANIZATION:
+        missing.append("SUPERTABLE_ORGANIZATION")
+    if not (settings.SUPERTABLE_SUPERUSER_TOKEN or "").strip():
+        missing.append("SUPERTABLE_SUPERUSER_TOKEN")
+    if missing:
+        raise RuntimeError(
+            "Missing required environment variables: " + ", ".join(missing)
+        )
 
 
 def _now_ms() -> int:
@@ -297,6 +309,11 @@ def _build_redis_client() -> redis.Redis:
       If SUPERTABLE_REDIS_SENTINEL is enabled and SUPERTABLE_REDIS_SENTINELS is set,
       use the same Sentinel connection behavior as RedisCatalog (ping-probe + optional fallback).
     """
+    # Gate runtime-credential validation here so that simply importing the
+    # module (e.g. to inspect ``redis_keys`` helpers or run unit tests
+    # against the public API) does not require an organization + token to
+    # be set. Anything that actually opens a connection still fails fast.
+    _require_runtime_env()
     settings = Settings()
     url = (settings.SUPERTABLE_REDIS_URL or "").strip() or None
 

supertable-2.0.5/supertable/redis_keys.py

@@ -0,0 +1,404 @@
+# route: supertable.redis_keys
+"""
+Single source of truth for every Redis key used by SuperTable + the
+platform layer (dataisland-core).
+
+Rule (enforced by tests/test_redis_key_prefix.py):
+  Every key constructed here MUST start with one of the two recognised
+  top-level prefixes:
+    * ``supertable:`` — SuperTable SDK state (catalog, RBAC, locks,
+                       audit, share federation, table meta, …).
+    * ``dataisland:`` — platform / dataisland-core state that is not
+                       SuperTable's concern (service registry, app
+                       bootstrap config, etc.).
+  Per-app config keys (lighthouse, gatekeeper, studio, …) live under
+  their own app-name prefix and are written via the MCP server's
+  ``store_app_config`` tool — they do **not** go through this module.
+
+Hierarchy
+---------
+
+    dataisland:
+      apps:{app_name}:master_mcp                ← per-app bootstrap (one global key)
+      {org}:
+        registry:{service_type}:{host}:{pid}    ← service-instance heartbeats (TTL)
+
+    supertable:
+      {org}:                                   ← organization / company scope
+        _system_:                              ← reserved system scope (supertable-side)
+          auth:tokens                          ← organization login tokens
+        shares:doc:{share_id}
+        shares:index
+        audit:stream
+        audit:chain_head:{instance_id}
+        audit:config                           ← runtime toggle (per org)
+        spark:thrifts
+        spark:plugs
+        {sup}:                                 ← supertable scope
+          meta:root
+          meta:leaf:{simple}
+          meta:mirrors
+          meta:table_config:{simple}
+          meta:staging:{staging_name}
+          meta:staging:meta
+          meta:staging:{staging_name}:pipe:{pipe_name}
+          meta:staging:{staging_name}:pipe:meta
+          config:engine
+          lock:leaf:{simple}
+          lock:stage:{stage_name}
+          rbac:users:meta
+          rbac:users:index
+          rbac:users:doc:{user_id}
+          rbac:users:name_to_id
+          rbac:roles:meta
+          rbac:roles:index
+          rbac:roles:doc:{role_id}
+          rbac:roles:type:{role_type}
+          rbac:roles:name_to_id
+          schema:{simple}
+          table_names
+          linked_shares:doc:{link_id}
+          linked_shares:index
+          monitor:{monitor_type}
+
+Reserved supertable names
+-------------------------
+
+``_system_`` is reserved.  It MUST NOT be used as a supertable name and
+``SuperTable(..., super_name="_system_")`` raises ``ValueError``.  The
+name is reserved because we keep everything system-related — service
+registry heartbeats, organization-level auth tokens, future
+system-only scopes — under that prefix to avoid collisions with
+user-created supertables.
+"""
+from __future__ import annotations
+
+from typing import FrozenSet
+
+# The canonical SuperTable SDK prefix. Everything the SDK itself writes
+# lives under this.
+SUPERTABLE_PREFIX: str = "supertable"
+
+# The platform-layer prefix. dataisland-core writes its own
+# infrastructure (service-registry heartbeats, app-bootstrap configs)
+# here. Per-app config keys (lighthouse:*, gatekeeper:*, …) live in
+# yet another set of namespaces and are not built through this module.
+DATAISLAND_PREFIX: str = "dataisland"
+
+# Recognised top-level prefixes for assert_prefixed(). Adding a new
+# layer to the platform → extend this set.
+_RECOGNISED_PREFIXES: FrozenSet[str] = frozenset({SUPERTABLE_PREFIX, DATAISLAND_PREFIX})
+
+# The org-level system scope.  Reserved as a supertable name (see
+# ``is_reserved_super_name`` below).  Everything system-related under an
+# organization lives here so user-supplied supertable names can never
+# collide with infrastructure keys.
+SYSTEM_SCOPE: str = "_system_"
+
+# All names that may NOT be used for user-created supertables.
+RESERVED_SUPER_NAMES: FrozenSet[str] = frozenset({SYSTEM_SCOPE})
+
+
+# --------------------------------------------------------------------------- #
+# Guards
+# --------------------------------------------------------------------------- #
+
+def assert_prefixed(key: str) -> str:
+    """Raise ValueError if *key* does not start with a recognised prefix.
+
+    Recognised prefixes: ``supertable:`` (SDK state) and
+    ``dataisland:`` (platform state). Returns the key unchanged so
+    callers can write::
+
+        self.r.set(assert_prefixed(some_key), value)
+    """
+    if not isinstance(key, str):
+        raise ValueError(
+            f"Redis key violates namespace policy (must be a str): {key!r}"
+        )
+    if not any(key.startswith(p + ":") for p in _RECOGNISED_PREFIXES):
+        raise ValueError(
+            f"Redis key violates namespace policy (must start with one "
+            f"of {sorted(_RECOGNISED_PREFIXES)}): {key!r}"
+        )
+    return key
+
+
+def is_reserved_super_name(name: str) -> bool:
+    """Return True when *name* is reserved (cannot be a supertable name)."""
+    if not isinstance(name, str):
+        return False
+    return name.strip() in RESERVED_SUPER_NAMES
+
+
+# --------------------------------------------------------------------------- #
+# Per-organization system scope (registry, auth tokens, future system keys)
+# --------------------------------------------------------------------------- #
+
+def system_scope(org: str) -> str:
+    """Return the system-scope prefix for one organization."""
+    return f"{SUPERTABLE_PREFIX}:{org}:{SYSTEM_SCOPE}"
+
+
+def system_scope_pattern(org: str) -> str:
+    """SCAN pattern for everything under one org's system scope."""
+    return f"{SUPERTABLE_PREFIX}:{org}:{SYSTEM_SCOPE}:*"
+
+
+# --------------------------------------------------------------------------- #
+# Service registry (per organization) — under the dataisland: prefix
+# --------------------------------------------------------------------------- #
+#
+# Service-instance heartbeats are a *platform* concern, not a SuperTable
+# concern. They live at:
+#
+#     dataisland:{org}:registry:{service_type}:{host}:{pid}
+#
+# (No ``_system_`` segment — that segment exists only inside
+# ``supertable:{org}:`` to avoid colliding with user-created supertable
+# names. Under ``dataisland:`` there are no user supertables, so the
+# extra segment is dropped.)
+
+def registry(org: str, service_type: str, host: str, pid: int) -> str:
+    """Per-organization service registry entry.
+
+    Example::
+
+        dataisland:kladna-soft:registry:api:host1:1234
+    """
+    return f"{DATAISLAND_PREFIX}:{org}:registry:{service_type}:{host}:{pid}"
+
+
+def registry_pattern_for_org(org: str) -> str:
+    """SCAN pattern for all service-registry entries in one organization."""
+    return f"{DATAISLAND_PREFIX}:{org}:registry:*"
+
+
+def registry_pattern() -> str:
+    """SCAN pattern for service-registry entries across every organization.
+
+    Matches ``dataisland:*:registry:*`` — the cross-org pattern that
+    scanners use when no org is supplied (e.g. fleet-wide monitoring).
+    """
+    return f"{DATAISLAND_PREFIX}:*:registry:*"
+
+
+# --------------------------------------------------------------------------- #
+# App bootstrap (per application — Lighthouse, Gatekeeper, Studio, …)
+# --------------------------------------------------------------------------- #
+#
+# The very first thing an app reads on boot is its master-MCP config.
+# That happens before any org context exists, so the key sits at a
+# single global location keyed only by app_name:
+#
+#     dataisland:apps:{app_name}:master_mcp
+#
+# Written via the platform REST API (``POST /api/v1/apps/{app}/master-mcp``,
+# admin-only) and read on every app boot.
+
+def app_master_mcp(app_name: str) -> str:
+    """The platform-side key holding an app's master-MCP coordinates."""
+    return f"{DATAISLAND_PREFIX}:apps:{app_name}:master_mcp"
+
+
+# --------------------------------------------------------------------------- #
+# Organization auth (login tokens) — also under _system_ for the same reason:
+# "auth" must not collide with a possible user-created supertable called "auth".
+# --------------------------------------------------------------------------- #
+
+def auth_tokens(org: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{SYSTEM_SCOPE}:auth:tokens"
+
+
+# --------------------------------------------------------------------------- #
+# Organization scope (non-system)
+# --------------------------------------------------------------------------- #
+
+def share_doc(org: str, share_id: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:shares:doc:{share_id}"
+
+
+def share_index(org: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:shares:index"
+
+
+def audit_stream(org: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:audit:stream"
+
+
+def audit_chain_head(org: str, instance_id: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:audit:chain_head:{instance_id}"
+
+
+def audit_config(org: str) -> str:
+    """Per-organization runtime audit configuration (enable toggle, sub-flags)."""
+    return f"{SUPERTABLE_PREFIX}:{org}:audit:config"
+
+
+def spark_thrifts(org: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:spark:thrifts"
+
+
+def spark_plugs(org: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:spark:plugs"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — meta
+# --------------------------------------------------------------------------- #
+
+def meta_root(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:root"
+
+
+def meta_leaf(org: str, sup: str, simple: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:leaf:{simple}"
+
+
+def meta_leaf_pattern(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:leaf:*"
+
+
+def meta_root_pattern_for_org(org: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:*:meta:root"
+
+
+def meta_mirrors(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:mirrors"
+
+
+def meta_table_config(org: str, sup: str, simple: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:table_config:{simple}"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — engine config
+# --------------------------------------------------------------------------- #
+
+def config_engine(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:config:engine"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — locks
+# --------------------------------------------------------------------------- #
+
+def lock_leaf(org: str, sup: str, simple: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:lock:leaf:{simple}"
+
+
+def lock_stage(org: str, sup: str, stage_name: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:lock:stage:{stage_name}"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — RBAC users
+# --------------------------------------------------------------------------- #
+
+def rbac_user_meta(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:users:meta"
+
+
+def rbac_user_index(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:users:index"
+
+
+def rbac_user_doc(org: str, sup: str, user_id: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:users:doc:{user_id}"
+
+
+def rbac_username_to_id(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:users:name_to_id"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — RBAC roles
+# --------------------------------------------------------------------------- #
+
+def rbac_role_meta(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:roles:meta"
+
+
+def rbac_role_index(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:roles:index"
+
+
+def rbac_role_doc(org: str, sup: str, role_id: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:roles:doc:{role_id}"
+
+
+def rbac_role_type_index(org: str, sup: str, role_type: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:roles:type:{role_type}"
+
+
+def rbac_rolename_to_id(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:rbac:roles:name_to_id"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — staging / pipes
+# --------------------------------------------------------------------------- #
+
+def staging(org: str, sup: str, staging_name: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:staging:{staging_name}"
+
+
+def staging_index(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:staging:meta"
+
+
+def staging_pattern(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:staging:*"
+
+
+def staging_subkey_pattern(org: str, sup: str, staging_name: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:staging:{staging_name}:*"
+
+
+def pipe(org: str, sup: str, staging_name: str, pipe_name: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:staging:{staging_name}:pipe:{pipe_name}"
+
+
+def pipe_index(org: str, sup: str, staging_name: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:staging:{staging_name}:pipe:meta"
+
+
+def pipe_pattern(org: str, sup: str, staging_name: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:meta:staging:{staging_name}:pipe:*"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — schema / table_names / linked shares
+# --------------------------------------------------------------------------- #
+
+def schema(org: str, sup: str, simple: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:schema:{simple}"
+
+
+def table_names(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:table_names"
+
+
+def linked_share_doc(org: str, sup: str, link_id: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:linked_shares:doc:{link_id}"
+
+
+def linked_share_index(org: str, sup: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:linked_shares:index"
+
+
+# --------------------------------------------------------------------------- #
+# SuperTable scope — monitoring
+# --------------------------------------------------------------------------- #
+
+def monitor(org: str, sup: str, monitor_type: str) -> str:
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:monitor:{monitor_type}"
+
+
+# --------------------------------------------------------------------------- #
+# Wildcard / SCAN helpers used by deletes
+# --------------------------------------------------------------------------- #
+
+def super_table_pattern(org: str, sup: str) -> str:
+    """Matches every key for one supertable (used by delete_super_table)."""
+    return f"{SUPERTABLE_PREFIX}:{org}:{sup}:*"

{supertable-2.0.4 → supertable-2.0.5}/supertable/super_table.py

@@ -13,6 +13,7 @@ from supertable.rbac.user_manager import UserManager
 from supertable.storage.storage_factory import get_storage
 from supertable.storage.storage_interface import StorageInterface
 from supertable.redis_catalog import RedisCatalog
+from supertable.redis_keys import is_reserved_super_name, RESERVED_SUPER_NAMES
 
 
 class SuperTable:
@@ -21,9 +22,20 @@ class SuperTable:
       - Ensures storage backend is available
       - Ensures Redis meta:root exists (no file-based meta)
       - Exposes helper to read heavy simple-table snapshots from MinIO/local via StorageInterface
+
+    Reserved supertable names (e.g. ``_system_``) are rejected up-front
+    so they can never collide with the org-level system scope where the
+    service registry, organization auth tokens, and other system-only
+    state live.
     """
 
     def __init__(self, super_name: str, organization: str):
+        if is_reserved_super_name(super_name):
+            raise ValueError(
+                f"SuperTable name {super_name!r} is reserved and cannot be created. "
+                f"Reserved names: {sorted(RESERVED_SUPER_NAMES)}"
+            )
+
         self.identity = "super"
         self.super_name = super_name
         self.organization = organization

{supertable-2.0.4 → supertable-2.0.5}/supertable/tests/test_redis_key_prefix.py

@@ -38,8 +38,12 @@ PIPE = "pipe1"
 def _all_helpers() -> list[tuple[str, str]]:
     """Return (helper_name, sample_key) pairs for every key formatter."""
     return [
-        ("registry",                    RK.registry("api", "host", 1234)),
+        ("system_scope",                RK.system_scope(ORG)),
+        ("system_scope_pattern",        RK.system_scope_pattern(ORG)),
+        ("registry",                    RK.registry(ORG, "api", "host", 1234)),
+        ("registry_pattern_for_org",    RK.registry_pattern_for_org(ORG)),
         ("registry_pattern",            RK.registry_pattern()),
+        ("app_master_mcp",              RK.app_master_mcp("lighthouse")),
         ("auth_tokens",                 RK.auth_tokens(ORG)),
         ("share_doc",                   RK.share_doc(ORG, "share_1")),
         ("share_index",                 RK.share_index(ORG)),
@@ -83,24 +87,92 @@ def _all_helpers() -> list[tuple[str, str]]:
 
 
 @pytest.mark.parametrize("name,key", _all_helpers())
-def test_helpers_emit_supertable_prefix(name, key):
+def test_helpers_emit_recognised_prefix(name, key):
+    """Every constructor must emit a key under a recognised top-level prefix.
+
+    Recognised: ``supertable:`` (SDK state) or ``dataisland:`` (platform
+    state — service registry + app bootstrap). Per-app prefixes
+    (``lighthouse:``, ``gatekeeper:``, …) are not built through this
+    module — they go via the MCP ``store_app_config`` tool.
+    """
     assert isinstance(key, str), f"{name} returned non-str: {key!r}"
-    assert key.startswith("supertable:"), (
+    assert (
+        key.startswith("supertable:") or key.startswith("dataisland:")
+    ), (
         f"{name} returned {key!r} which violates the namespace policy "
-        f"(must start with 'supertable:')"
+        f"(must start with 'supertable:' or 'dataisland:')"
     )
 
 
-def test_assert_prefixed_accepts_valid_key():
+def test_assert_prefixed_accepts_supertable_key():
     assert RK.assert_prefixed("supertable:org:foo") == "supertable:org:foo"
 
 
+def test_assert_prefixed_accepts_dataisland_key():
+    assert RK.assert_prefixed("dataisland:org:foo") == "dataisland:org:foo"
+
+
 def test_assert_prefixed_rejects_bare_root_keys():
-    for bad in ("monitor:org:sup:plans", "spark:org:thrifts", "registry:api"):
+    for bad in ("monitor:org:sup:plans", "spark:org:thrifts", "registry:api",
+                "lighthouse:acme:config"):  # per-app prefixes not built here
         with pytest.raises(ValueError):
             RK.assert_prefixed(bad)
 
 
+# ---------------------------------------------------------------------------
+# 1b. Layout invariants
+# ---------------------------------------------------------------------------
+
+def test_registry_key_lives_under_dataisland_prefix():
+    """Service-registry keys belong to the platform layer, not SuperTable."""
+    key = RK.registry(ORG, "api", "host1", 1234)
+    assert key == f"dataisland:{ORG}:registry:api:host1:1234"
+
+
+def test_app_master_mcp_lives_under_dataisland_prefix():
+    """Bootstrap key for an app's master MCP — global, not org-scoped."""
+    key = RK.app_master_mcp("lighthouse")
+    assert key == "dataisland:apps:lighthouse:master_mcp"
+
+
+def test_auth_tokens_still_lives_under_system_scope():
+    """Org auth tokens stay under supertable:{org}:_system_:auth:tokens
+    (managed by the SuperTable SDK's RBAC / auth subsystem)."""
+    key = RK.auth_tokens(ORG)
+    assert key == f"supertable:{ORG}:_system_:auth:tokens"
+
+
+def test_registry_pattern_targets_all_orgs():
+    """The cross-org SCAN pattern reaches every org's registry."""
+    assert RK.registry_pattern() == "dataisland:*:registry:*"
+
+
+def test_registry_pattern_for_org_is_scoped():
+    assert RK.registry_pattern_for_org(ORG) == f"dataisland:{ORG}:registry:*"
+
+
+# ---------------------------------------------------------------------------
+# 1c. Reserved supertable names
+# ---------------------------------------------------------------------------
+
+def test_system_scope_name_is_reserved():
+    assert RK.is_reserved_super_name("_system_") is True
+    assert "_system_" in RK.RESERVED_SUPER_NAMES
+
+
+def test_arbitrary_supertable_name_is_not_reserved():
+    for name in ("orders", "customers", "_system", "system_", "auth"):
+        assert RK.is_reserved_super_name(name) is False
+
+
+def test_super_table_refuses_reserved_name(monkeypatch):
+    """``SuperTable(super_name='_system_')`` must raise before touching Redis."""
+    # Import lazily so the regression also covers fresh imports.
+    from supertable.super_table import SuperTable
+    with pytest.raises(ValueError, match="reserved"):
+        SuperTable(super_name="_system_", organization=ORG)
+
+
 # ---------------------------------------------------------------------------
 # 2. No raw f-string keys outside redis_keys.py / Lua / docs
 # ---------------------------------------------------------------------------
@@ -109,7 +181,7 @@ def test_assert_prefixed_rejects_bare_root_keys():
 # redis_keys.py.  Note the search is restricted to source files in the
 # library itself.
 _FORBIDDEN_PATTERNS = re.compile(
-    r"""f["'](?:supertable|monitor|spark|registry|audit):"""
+    r"""f["'](?:supertable|dataisland|monitor|spark|registry|audit):"""
 )
 
 # Files / paths that are intentionally exempt from the scan:

{supertable-2.0.4 → supertable-2.0.5/supertable.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: supertable
-Version: 2.0.4
+Version: 2.0.5
 Summary: SuperTable — versioned data lake library for SQL analytics on Parquet + Redis.
 Author: Levente Kupas
 Author-email: Levente Kupas <lkupas@kladnasoft.com>

{supertable-2.0.4 → supertable-2.0.5}/supertable.egg-info/SOURCES.txt

@@ -17,7 +17,6 @@ supertable/redis_catalog.py
 supertable/redis_connector.py
 supertable/redis_infra.py
 supertable/redis_keys.py
-supertable/service_registry.py
 supertable/simple_table.py
 supertable/staging_area.py
 supertable/super_pipe.py