spec/066-rbac-ui-enforcement-helper-v2 #82

Merged

ahmido merged 4 commits from spec/066-rbac-ui-enforcement-helper-v2 into dev 2026-01-30 17:22:26 +00:00

Conversation 0 Commits 4 Files Changed 9 +803 -681

ahmido commented 2026-01-30 17:10:00 +00:00

Owner

Copy Link

Ziel: Spec/Plan/Tasks für “RBAC UI Enforcement Helper v2” (suite-wide, mixed visibility, record-scoped tenant) bereitstellen, damit die anschließende Implementierung sauber reviewbar ist.

Enthält

Feature-Spec inkl. RBAC-UX Contract (Non-member 404/hidden, member-no-cap disabled + Tooltip, member-with-cap enabled).
Implementation Plan + Research/Decisions.
Contracts:
UiEnforcement v2 (mixed visibility composition, tenant resolvers, bulk preflight).
Guardrails (CI-failing allowlist guard gegen ad-hoc Filament auth patterns).
Data-model/Quickstart/Tasks inkl. “Definition of Done”.
Review-Fokus

Scope: Tenant plane only (/admin/t/{tenant}), Platform plane out of scope.
Bulk semantics: authorization-only all-or-nothing; eligibility separat mit Feedback.
preserveVisibility() nur tenant-scoped, verboten für record-scoped/cross-tenant.
Standard tooltip copy: “Insufficient permission — ask a tenant Owner.”
Keine Code-Änderungen

PR ist spec-only (keine Runtime-Änderungen).

Ziel: Spec/Plan/Tasks für “RBAC UI Enforcement Helper v2” (suite-wide, mixed visibility, record-scoped tenant) bereitstellen, damit die anschließende Implementierung sauber reviewbar ist. Enthält Feature-Spec inkl. RBAC-UX Contract (Non-member 404/hidden, member-no-cap disabled + Tooltip, member-with-cap enabled). Implementation Plan + Research/Decisions. Contracts: UiEnforcement v2 (mixed visibility composition, tenant resolvers, bulk preflight). Guardrails (CI-failing allowlist guard gegen ad-hoc Filament auth patterns). Data-model/Quickstart/Tasks inkl. “Definition of Done”. Review-Fokus Scope: Tenant plane only (/admin/t/{tenant}), Platform plane out of scope. Bulk semantics: authorization-only all-or-nothing; eligibility separat mit Feedback. preserveVisibility() nur tenant-scoped, verboten für record-scoped/cross-tenant. Standard tooltip copy: “Insufficient permission — ask a tenant Owner.” Keine Code-Änderungen PR ist spec-only (keine Runtime-Änderungen).

ahmido added 3 commits 2026-01-30 17:10:01 +00:00

spec: 066 rbac ui enforcement helper v1 e5ad9b6cf8

spec: clarify 066 rbac ui enforcement defaults 07dda36d6e

spec: add 066 UiEnforcement v2 spec/plan/tasks a53bb3f708

ahmido added 1 commit 2026-01-30 17:12:51 +00:00

Merge remote-tracking branch 'origin/dev' into spec/066-rbac-ui-enforcement-helper-v2 ... c48c99a857

# Conflicts:
#	specs/066-rbac-ui-enforcement-helper/checklists/requirements.md
#	specs/066-rbac-ui-enforcement-helper/plan.md
#	specs/066-rbac-ui-enforcement-helper/quickstart.md
#	specs/066-rbac-ui-enforcement-helper/spec.md
#	specs/066-rbac-ui-enforcement-helper/tasks.md

ahmido merged commit 7217559e5a into dev 2026-01-30 17:22:26 +00:00

ahmido referenced this issue from a commit 2026-01-30 17:22:27 +00:00

spec/066-rbac-ui-enforcement-helper-v2 (#82)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ahmido/TenantAtlas#82

No description provided.