ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects 1 Releases Wiki Activity

feat: provider access hardening (RBAC write gate) #132

Merged
ahmido merged 3 commits from 108-provider-access-hardening into dev 2026-02-23 00:49:38 +00:00
Conversation 0 Commits 3 Files Changed 43 +2710 -235
ahmido commented 2026-02-23 00:20:41 +00:00
Owner
Copy Link

Implements provider access hardening for Intune write operations:

  • RBAC-based write gate with configurable staleness thresholds
  • Gate enforced at restore start and in jobs (execute + assignments)
  • UI affordances: disabled rerun action, tenant RBAC status card, refresh RBAC action
  • Audit logging for blocked writes
  • Ops UX label: rbac.health_check now displays as “RBAC health check”
  • Adds/updates Pest tests and SpecKit artifacts for feature 108

Notes:

  • Filament v5 / Livewire v4 compliant.
  • Destructive actions require confirmation.
  • Assets: no new global assets.

Tested:

  • vendor/bin/sail artisan test --compact (suite previously green) + focused OpsUx tests for OperationCatalog labels.
  • vendor/bin/sail bin pint --dirty.
Implements provider access hardening for Intune write operations: - RBAC-based write gate with configurable staleness thresholds - Gate enforced at restore start and in jobs (execute + assignments) - UI affordances: disabled rerun action, tenant RBAC status card, refresh RBAC action - Audit logging for blocked writes - Ops UX label: `rbac.health_check` now displays as “RBAC health check” - Adds/updates Pest tests and SpecKit artifacts for feature 108 Notes: - Filament v5 / Livewire v4 compliant. - Destructive actions require confirmation. - Assets: no new global assets. Tested: - `vendor/bin/sail artisan test --compact` (suite previously green) + focused OpsUx tests for OperationCatalog labels. - `vendor/bin/sail bin pint --dirty`.
ahmido added 2 commits 2026-02-23 00:20:42 +00:00 
Implements RBAC-based write gating for Intune restore flows, UI affordances, and audit logging; adds tests and specs.
ahmido added 1 commit 2026-02-23 00:22:52 +00:00
ahmido merged commit 0dc79520a4 into dev 2026-02-23 00:49:38 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ahmido/TenantAtlas#132
No description provided.
Delete Branch "108-provider-access-hardening"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?