v1.1.0:8 — admin-gate whole-DB routes + AI custom-URL providers; SSRF guard

Multi-user authorization hardening from a full security evaluation (EVALUATION.md):

- P0: /api/settings/{export,import}-db are now admin-only. Previously any signed-in user could download the whole instance DB (all bcrypt hashes + plaintext AI keys) or replace it wholesale. Per-user CSV export/import stays open.

- AI custom-URL providers (Ollama, OpenAI-compatible) are now admin-only, and every server fetch to a user-supplied URL passes through assertSafeProviderUrl (blocks link-local/cloud-metadata; private LAN allowed by design). Fixed-URL cloud providers stay per-user. Removed the dead legacy /api/ai/config route.

- Dev: fixed broken quick-start (added npm run create-admin; rewrote README; dropped dead CLAUDE_API_KEY) and the export-db 0-byte path resolution (resolveDatabasePath now matches Prisma).

ExVer bumped to 1.1.0:8 (no schema/data migration). Tests 197 pass, build green, tsc clean.

proof-of-work/app/api/ai/configs/route.ts

@@ -3,6 +3,7 @@ import { z } from 'zod';
 import { getCurrentUser } from '@/lib/auth';
 import { prisma } from '@/lib/prisma';
 import { activate } from '@/lib/ai/activateConfig';
+import { isCustomUrlProvider } from '@/lib/ai/providers';
 
 /**
  * v1.1.0:4 — Multi-config CRUD.
@@ -80,6 +81,20 @@ export async function POST(request: NextRequest) {
   }
 
   const { name, provider, model, baseUrl, apiKey, setActive } = parsed.data;
+
+  // Custom-URL providers (Ollama / OpenAI-compatible) are admin-only — a
+  // non-admin pointing the server at an arbitrary URL is the SSRF actor
+  // vector. Fixed-URL cloud providers stay per-user.
+  if (!user.isAdmin && (baseUrl || isCustomUrlProvider(provider))) {
+    return NextResponse.json(
+      {
+        error:
+          'Only an admin can configure providers with a custom base URL (Ollama / OpenAI-compatible).',
+      },
+      { status: 403 },
+    );
+  }
+
   const profile = await prisma.aIConfigProfile.create({
     data: {
       userId: user.id,