Remove public internet features and fix upstream source UI (#107)

backend/app/routes.py

@@ -7866,7 +7866,6 @@ from .upstream import (
     UpstreamTimeoutError,
     UpstreamHTTPError,
     UpstreamSSLError,
-    AirGapError,
     FileSizeExceededError as UpstreamFileSizeExceededError,
     SourceNotFoundError,
     SourceDisabledError,
@@ -8021,10 +8020,6 @@ def cache_artifact(
        - Optionally creates tag in user project
        - Records URL mapping for provenance
 
-    **Air-Gap Mode:**
-    When `allow_public_internet` is false, only URLs matching private
-    (non-public) upstream sources are allowed.
-
     **Example (curl):**
     ```bash
     curl -X POST "http://localhost:8080/api/v1/cache" \\
@@ -8118,8 +8113,6 @@ def cache_artifact(
             cache_request.url,
             expected_hash=cache_request.expected_hash,
         )
-    except AirGapError as e:
-        raise HTTPException(status_code=403, detail=str(e))
     except SourceDisabledError as e:
         raise HTTPException(status_code=503, detail=str(e))
     except UpstreamHTTPError as e:
@@ -8333,7 +8326,6 @@ def _env_source_to_response(env_source) -> UpstreamSourceResponse:
         source_type=env_source.source_type,
         url=env_source.url,
         enabled=env_source.enabled,
-        is_public=env_source.is_public,
         auth_type=env_source.auth_type,
         username=env_source.username,
         has_password=bool(env_source.password),
@@ -8417,7 +8409,6 @@ def list_upstream_sources(
                 source_type=s.source_type,
                 url=s.url,
                 enabled=s.enabled,
-                is_public=s.is_public,
                 auth_type=s.auth_type,
                 username=s.username,
                 has_password=s.has_password(),
@@ -8466,7 +8457,6 @@ def create_upstream_source(
       "source_type": "npm",
       "url": "https://npm.internal.corp",
       "enabled": true,
-      "is_public": false,
       "auth_type": "basic",
       "username": "reader",
       "password": "secret123",
@@ -8488,7 +8478,6 @@ def create_upstream_source(
         source_type=source_create.source_type,
         url=source_create.url,
         enabled=source_create.enabled,
-        is_public=source_create.is_public,
         auth_type=source_create.auth_type,
         username=source_create.username,
         priority=source_create.priority,
@@ -8528,7 +8517,6 @@ def create_upstream_source(
         source_type=source.source_type,
         url=source.url,
         enabled=source.enabled,
-        is_public=source.is_public,
         auth_type=source.auth_type,
         username=source.username,
         has_password=source.has_password(),
@@ -8576,7 +8564,6 @@ def get_upstream_source(
         source_type=source.source_type,
         url=source.url,
         enabled=source.enabled,
-        is_public=source.is_public,
         auth_type=source.auth_type,
         username=source.username,
         has_password=source.has_password(),
@@ -8663,10 +8650,6 @@ def update_upstream_source(
         changes["enabled"] = {"old": source.enabled, "new": source_update.enabled}
         source.enabled = source_update.enabled
 
-    if source_update.is_public is not None and source_update.is_public != source.is_public:
-        changes["is_public"] = {"old": source.is_public, "new": source_update.is_public}
-        source.is_public = source_update.is_public
-
     if source_update.auth_type is not None and source_update.auth_type != source.auth_type:
         changes["auth_type"] = {"old": source.auth_type, "new": source_update.auth_type}
         source.auth_type = source_update.auth_type
@@ -8719,7 +8702,6 @@ def update_upstream_source(
         source_type=source.source_type,
         url=source.url,
         enabled=source.enabled,
-        is_public=source.is_public,
         auth_type=source.auth_type,
         username=source.username,
         has_password=source.has_password(),
@@ -8860,12 +8842,10 @@ def get_cache_settings(
     Admin-only endpoint for viewing cache configuration.
 
     **Settings:**
-    - `allow_public_internet`: When false, blocks all requests to sources marked `is_public=true` (air-gap mode)
     - `auto_create_system_projects`: When true, system projects (`_npm`, etc.) are created automatically on first cache
 
     **Environment variable overrides:**
     Settings can be overridden via environment variables:
-    - `ORCHARD_CACHE_ALLOW_PUBLIC_INTERNET`: Overrides `allow_public_internet`
     - `ORCHARD_CACHE_AUTO_CREATE_SYSTEM_PROJECTS`: Overrides `auto_create_system_projects`
 
     When an env var override is active, the `*_env_override` field will contain the override value.
@@ -8874,12 +8854,6 @@ def get_cache_settings(
     db_settings = _get_cache_settings(db)
 
     # Apply env var overrides
-    allow_public_internet = db_settings.allow_public_internet
-    allow_public_internet_env_override = None
-    if app_settings.cache_allow_public_internet is not None:
-        allow_public_internet = app_settings.cache_allow_public_internet
-        allow_public_internet_env_override = app_settings.cache_allow_public_internet
-
     auto_create_system_projects = db_settings.auto_create_system_projects
     auto_create_system_projects_env_override = None
     if app_settings.cache_auto_create_system_projects is not None:
@@ -8887,9 +8861,7 @@ def get_cache_settings(
         auto_create_system_projects_env_override = app_settings.cache_auto_create_system_projects
 
     return CacheSettingsResponse(
-        allow_public_internet=allow_public_internet,
         auto_create_system_projects=auto_create_system_projects,
-        allow_public_internet_env_override=allow_public_internet_env_override,
         auto_create_system_projects_env_override=auto_create_system_projects_env_override,
         created_at=db_settings.created_at,
         updated_at=db_settings.updated_at,
@@ -8915,16 +8887,11 @@ def update_cache_settings(
     Supports partial updates - only provided fields are updated.
 
     **Settings:**
-    - `allow_public_internet`: When false, enables air-gap mode (blocks public sources)
     - `auto_create_system_projects`: When false, system projects must be created manually
 
     **Note:** Environment variables can override these settings. When overridden,
     the `*_env_override` fields in the response indicate the effective value.
     Updates to the database will be saved but won't take effect until the env var is removed.
-
-    **Warning:** Changing `allow_public_internet` to false will immediately block
-    all cache requests to public sources. This is a security-sensitive setting
-    and is logged prominently.
     """
     app_settings = get_settings()
     settings = _get_cache_settings(db)
@@ -8932,26 +8899,6 @@ def update_cache_settings(
     # Track changes for audit log
     changes = {}
 
-    if settings_update.allow_public_internet is not None:
-        if settings_update.allow_public_internet != settings.allow_public_internet:
-            changes["allow_public_internet"] = {
-                "old": settings.allow_public_internet,
-                "new": settings_update.allow_public_internet,
-            }
-            settings.allow_public_internet = settings_update.allow_public_internet
-
-            # Log prominently for security audit
-            if not settings_update.allow_public_internet:
-                logger.warning(
-                    f"AIR-GAP MODE ENABLED by {current_user.username} - "
-                    f"all public internet access is now blocked"
-                )
-            else:
-                logger.warning(
-                    f"AIR-GAP MODE DISABLED by {current_user.username} - "
-                    f"public internet access is now allowed"
-                )
-
     if settings_update.auto_create_system_projects is not None:
         if settings_update.auto_create_system_projects != settings.auto_create_system_projects:
             changes["auto_create_system_projects"] = {
@@ -8961,11 +8908,9 @@ def update_cache_settings(
             settings.auto_create_system_projects = settings_update.auto_create_system_projects
 
     if changes:
-        # Audit log with security flag for air-gap changes
-        is_security_change = "allow_public_internet" in changes
         _log_audit(
             db,
-            action="cache_settings.update" if not is_security_change else "cache_settings.security_update",
+            action="cache_settings.update",
             resource="cache-settings",
             user_id=current_user.username,
             source_ip=request.client.host if request.client else None,
@@ -8976,12 +8921,6 @@ def update_cache_settings(
     db.refresh(settings)
 
     # Apply env var overrides for the response
-    allow_public_internet = settings.allow_public_internet
-    allow_public_internet_env_override = None
-    if app_settings.cache_allow_public_internet is not None:
-        allow_public_internet = app_settings.cache_allow_public_internet
-        allow_public_internet_env_override = app_settings.cache_allow_public_internet
-
     auto_create_system_projects = settings.auto_create_system_projects
     auto_create_system_projects_env_override = None
     if app_settings.cache_auto_create_system_projects is not None:
@@ -8989,9 +8928,7 @@ def update_cache_settings(
         auto_create_system_projects_env_override = app_settings.cache_auto_create_system_projects
 
     return CacheSettingsResponse(
-        allow_public_internet=allow_public_internet,
         auto_create_system_projects=auto_create_system_projects,
-        allow_public_internet_env_override=allow_public_internet_env_override,
         auto_create_system_projects_env_override=auto_create_system_projects_env_override,
         created_at=settings.created_at,
         updated_at=settings.updated_at,