TenantAtlas

ahmido/TenantAtlas

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ahmed Darrazi	222a7e0a97	feat(104): implement Provider Permission Posture - T001-T014: Foundation - StoredReport model/migration, Finding resolved lifecycle, badge mappings (resolved status, permission_posture type), OperationCatalog + AlertRule constants - T015-T022: US1 - PermissionPostureFindingGenerator with fingerprint-based idempotent upsert, severity from feature-impact count, auto-resolve on grant, auto-reopen on revoke, error findings (FR-015), stale finding cleanup; GeneratePermissionPostureFindingsJob dispatched from health check; PostureResult VO + PostureScoreCalculator - T023-T026: US2+US4 - Stored report payload validation, temporal ordering, polymorphic reusability, score accuracy acceptance tests - T027-T029: US3 - EvaluateAlertsJob.permissionMissingEvents() wired into alert pipeline, AlertRuleResource event type option, cooldown/dedupe tests - T030-T034: Polish - PruneStoredReportsCommand with config retention, scheduled daily, end-to-end integration test, Pint clean UI bug fixes found during testing: - FindingResource: hide Diff section for non-drift findings - TenantRequiredPermissions: fix re-run verification link - tenant-required-permissions.blade.php: preserve details open state 70 tests (50 PermissionPosture + 20 FindingResolved/Badge/Alert), 216 assertions	2026-02-21 23:31:03 +01:00
ahmido	d32b2115a8	Spec 103: IA semantics (scope vs filter vs targeting) + UI polish (#126 ) Implements Spec 103 (IA semantics: Scope vs Filter vs Targeting) across Monitoring + Manage. Changes - Monitoring tenant indicator copy: “All tenants” / “Filtered by tenant: …” - Alerts KPI header resolves tenant via OperateHubShell::activeEntitledTenant() for consistency - Manage list pages (Alert Rules / Destinations) no longer show tenant indicator - AlertRule form uses targeting semantics + sections (Rule / Applies to / Delivery) - Additional UI polish: resource sections, tenant view widgets layout, RBAC progressive disclosure (“Not configured” when empty) Notes - US6 (“Add current tenant” convenience button) intentionally skipped (optional P3). Testing - CI=1 vendor/bin/sail artisan test tests/Feature/TenantRBAC/ tests/Feature/Onboarding/OnboardingIdentifyTenantTest.php - vendor/bin/sail bin pint --dirty --format agent Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #126	2026-02-21 00:28:15 +00:00
ahmido	3ed275cef3	feat(alerts): Monitoring cluster + v1 resources (spec 099) (#121 ) Implements spec `099-alerts-v1-teams-email`. - Monitoring navigation: Alerts as a cluster under Monitoring; default landing is Alert deliveries. - Tenant panel: Alerts points to `/admin/alerts` and the cluster navigation is hidden in tenant panel. - Guard compliance: removes direct `Gate::` usage from Alert resources so `NoAdHocFilamentAuthPatternsTest` passes. Verification: - Full suite: `1348 passed, 7 skipped` (EXIT=0). Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #121	2026-02-18 15:20:43 +00:00

Author

SHA1

Message

Date

Ahmed Darrazi

222a7e0a97

feat(104): implement Provider Permission Posture

- T001-T014: Foundation - StoredReport model/migration, Finding resolved
  lifecycle, badge mappings (resolved status, permission_posture type),
  OperationCatalog + AlertRule constants
- T015-T022: US1 - PermissionPostureFindingGenerator with fingerprint-based
  idempotent upsert, severity from feature-impact count, auto-resolve on
  grant, auto-reopen on revoke, error findings (FR-015), stale finding
  cleanup; GeneratePermissionPostureFindingsJob dispatched from health check;
  PostureResult VO + PostureScoreCalculator
- T023-T026: US2+US4 - Stored report payload validation, temporal ordering,
  polymorphic reusability, score accuracy acceptance tests
- T027-T029: US3 - EvaluateAlertsJob.permissionMissingEvents() wired into
  alert pipeline, AlertRuleResource event type option, cooldown/dedupe tests
- T030-T034: Polish - PruneStoredReportsCommand with config retention,
  scheduled daily, end-to-end integration test, Pint clean

UI bug fixes found during testing:
- FindingResource: hide Diff section for non-drift findings
- TenantRequiredPermissions: fix re-run verification link
- tenant-required-permissions.blade.php: preserve details open state

70 tests (50 PermissionPosture + 20 FindingResolved/Badge/Alert), 216 assertions

2026-02-21 23:31:03 +01:00

ahmido

d32b2115a8

Spec 103: IA semantics (scope vs filter vs targeting) + UI polish (#126 )

Implements Spec 103 (IA semantics: Scope vs Filter vs Targeting) across Monitoring + Manage.

Changes
- Monitoring tenant indicator copy: “All tenants” / “Filtered by tenant: …”
- Alerts KPI header resolves tenant via OperateHubShell::activeEntitledTenant() for consistency
- Manage list pages (Alert Rules / Destinations) no longer show tenant indicator
- AlertRule form uses targeting semantics + sections (Rule / Applies to / Delivery)
- Additional UI polish: resource sections, tenant view widgets layout, RBAC progressive disclosure (“Not configured” when empty)

Notes
- US6 (“Add current tenant” convenience button) intentionally skipped (optional P3).

Testing
- CI=1 vendor/bin/sail artisan test tests/Feature/TenantRBAC/ tests/Feature/Onboarding/OnboardingIdentifyTenantTest.php
- vendor/bin/sail bin pint --dirty --format agent

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #126

2026-02-21 00:28:15 +00:00

ahmido

3ed275cef3

feat(alerts): Monitoring cluster + v1 resources (spec 099) (#121 )

Implements spec `099-alerts-v1-teams-email`.

- Monitoring navigation: Alerts as a cluster under Monitoring; default landing is Alert deliveries.
- Tenant panel: Alerts points to `/admin/alerts` and the cluster navigation is hidden in tenant panel.
- Guard compliance: removes direct `Gate::` usage from Alert resources so `NoAdHocFilamentAuthPatternsTest` passes.

Verification:
- Full suite: `1348 passed, 7 skipped` (EXIT=0).

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #121

2026-02-18 15:20:43 +00:00

3 Commits