ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

062-tenant-rbac-v1 #74

Merged
ahmido merged 3 commits from 062-tenant-rbac-v1 into dev 2026-01-25 15:27:40 +00:00
Conversation 0 Commits 3 Files Changed 39 +1971 -29
ahmido commented 2026-01-25 15:09:39 +00:00
Owner
Copy Link

Kurzbeschreibung

Implementiert Tenant RBAC v1 (specs/062-tenant-rbac-v1): tenant_memberships, Capability registry/resolver, gates, Filament RelationManager für Tenant→Members, Last‑Owner‑Guard, bootstrap assign/recover (break‑glass), Audit-Logging.
Wichtige Änderungen

Migration: create_tenant_memberships_table (T004) — ausgeführt
Models/Services: TenantMembership, Capabilities, RoleCapabilityMap, CapabilityResolver (T008–T013)
Auth: Gates registriert in AuthServiceProvider.php (T011)
Filament: RelationManager unter Settings → Tenants (Members CRUD + Last‑Owner‑Guard) (T017–T018)
Break‑glass: lokale platform superadmin + persistent banner + bootstrap_recover action (T024–T026)
Audit: Audit‑Einträge für membership actions mit canonical action_ids (T022)
Tests: neue/aktualisierte Feature- und Unit‑Tests (siehe Test‑Abschnitt)
Migrations / Deploy

Run migrations: vendor/bin/sail artisan migrate
Keine neuen Panel‑Assets registriert (kein php artisan filament:assets nötig)
Wenn Frontend nicht sichtbar: vendor/bin/sail npm run dev oder vendor/bin/sail npm run build
Tests (geprüft / neu)

Fokus-Suite ausgeführt für Tenant RBAC (T031).
Neu / aktualisiert:
CapabilitiesRegistryTest
CapabilityResolverTest
TenantSwitcherScopeTest
TenantRouteDenyAsNotFoundTest
TenantMembershipCrudTest
LastOwnerGuardTest
TenantBootstrapAssignTest
MembershipAuditLogTest
BreakGlassRecoveryTest
Befehl zum lokalen Ausführen (minimal): vendor/bin/sail artisan test tests/Feature/TenantRBAC --stop-on-failure
Filament / Sicherheits‑Contract (erforderliche Punkte)

Livewire v4.0+ compliance: bestätigt (Filament v5 target).
Provider registration: keine neue Panel‑Provider-Änderung; falls nötig: providers.php (Laravel 11+).
Globale Suche: keine neuen Ressourcen für Global Search hinzugefügt; vorhandene Ressourcen behalten Edit/View‑Pages unverändert.
Destructive actions: tenant_membership.remove und role‑demote sind destruktive — implemented via Action::make(...)->action(...)->requiresConfirmation() + policy checks.
Asset strategy: keine globalen Assets; on‑demand/load as before. Deployment: filament:assets nicht erforderlich für diese PR.
Testing plan: Livewire/Filament Komponenten + actions abgedeckt — RelationManager CRUD, Last‑Owner‑Guard, BreakGlassRecovery, CapabilityResolver/Registry, Tenant switcher + deny‑as‑not‑found route tests.
Offene/optionale Punkte

T005/T028/T029 (tenant_role_mappings migration + UI + Tests) sind optional und noch nicht umgesetzt.
Checklist (aus tasks.md)

T001–T003 Discovery
T004, T006–T007 Migrations (T005 optional)
T008–T013 Models/Capabilities/Gates
T014–T016 Tenant isolation & route enforcement
T017–T021 Membership UI + bootstrap flows
T022–T023 Audit logging + tests
T024–T027 Break‑glass flows & tests
T005, T028, T029 Optional mappings
T030–T031 Formatting + focused tests
Migration / Test commands to run locally

vendor/bin/sail up -d
vendor/bin/sail artisan migrate
vendor/bin/sail artisan tinker (falls manuell Benutzer/Flags setzen)
vendor/bin/sail artisan test tests/Feature/TenantRBAC --stop-on-failure
Wenn du einen PR‑Titel und Labels willst, schlage ich vor:

Title: feat(062): Tenant RBAC v1 — memberships, capability resolver, break‑glass recovery
Labels: feature, tests, migration

Kurzbeschreibung Implementiert Tenant RBAC v1 (specs/062-tenant-rbac-v1): tenant_memberships, Capability registry/resolver, gates, Filament RelationManager für Tenant→Members, Last‑Owner‑Guard, bootstrap assign/recover (break‑glass), Audit-Logging. Wichtige Änderungen Migration: create_tenant_memberships_table (T004) — ausgeführt Models/Services: TenantMembership, Capabilities, RoleCapabilityMap, CapabilityResolver (T008–T013) Auth: Gates registriert in AuthServiceProvider.php (T011) Filament: RelationManager unter Settings → Tenants (Members CRUD + Last‑Owner‑Guard) (T017–T018) Break‑glass: lokale platform superadmin + persistent banner + bootstrap_recover action (T024–T026) Audit: Audit‑Einträge für membership actions mit canonical action_ids (T022) Tests: neue/aktualisierte Feature- und Unit‑Tests (siehe Test‑Abschnitt) Migrations / Deploy Run migrations: vendor/bin/sail artisan migrate Keine neuen Panel‑Assets registriert (kein php artisan filament:assets nötig) Wenn Frontend nicht sichtbar: vendor/bin/sail npm run dev oder vendor/bin/sail npm run build Tests (geprüft / neu) Fokus-Suite ausgeführt für Tenant RBAC (T031). Neu / aktualisiert: CapabilitiesRegistryTest CapabilityResolverTest TenantSwitcherScopeTest TenantRouteDenyAsNotFoundTest TenantMembershipCrudTest LastOwnerGuardTest TenantBootstrapAssignTest MembershipAuditLogTest BreakGlassRecoveryTest Befehl zum lokalen Ausführen (minimal): vendor/bin/sail artisan test tests/Feature/TenantRBAC --stop-on-failure Filament / Sicherheits‑Contract (erforderliche Punkte) Livewire v4.0+ compliance: bestätigt (Filament v5 target). Provider registration: keine neue Panel‑Provider-Änderung; falls nötig: providers.php (Laravel 11+). Globale Suche: keine neuen Ressourcen für Global Search hinzugefügt; vorhandene Ressourcen behalten Edit/View‑Pages unverändert. Destructive actions: tenant_membership.remove und role‑demote sind destruktive — implemented via Action::make(...)->action(...)->requiresConfirmation() + policy checks. Asset strategy: keine globalen Assets; on‑demand/load as before. Deployment: filament:assets nicht erforderlich für diese PR. Testing plan: Livewire/Filament Komponenten + actions abgedeckt — RelationManager CRUD, Last‑Owner‑Guard, BreakGlassRecovery, CapabilityResolver/Registry, Tenant switcher + deny‑as‑not‑found route tests. Offene/optionale Punkte T005/T028/T029 (tenant_role_mappings migration + UI + Tests) sind optional und noch nicht umgesetzt. Checklist (aus tasks.md) T001–T003 Discovery T004, T006–T007 Migrations (T005 optional) T008–T013 Models/Capabilities/Gates T014–T016 Tenant isolation & route enforcement T017–T021 Membership UI + bootstrap flows T022–T023 Audit logging + tests T024–T027 Break‑glass flows & tests T005, T028, T029 Optional mappings T030–T031 Formatting + focused tests Migration / Test commands to run locally vendor/bin/sail up -d vendor/bin/sail artisan migrate vendor/bin/sail artisan tinker (falls manuell Benutzer/Flags setzen) vendor/bin/sail artisan test tests/Feature/TenantRBAC --stop-on-failure Wenn du einen PR‑Titel und Labels willst, schlage ich vor: Title: feat(062): Tenant RBAC v1 — memberships, capability resolver, break‑glass recovery Labels: feature, tests, migration
ahmido added 2 commits 2026-01-25 15:09:40 +00:00 
This commit introduces a comprehensive Role-Based Access Control (RBAC) system for TenantAtlas.

- Implements authentication via Microsoft Entra ID (OIDC).
- Manages authorization on a per-Suite-Tenant basis using a  table.
- Follows a capabilities-first approach, using Gates and Policies.
- Includes a break-glass mechanism for platform superadmins.
- Adds policies for bootstrapping tenants and managing admin responsibilities.
ahmido added 1 commit 2026-01-25 15:26:54 +00:00
ahmido merged commit eef85af990 into dev 2026-01-25 15:27:40 +00:00
ahmido referenced this issue from a commit 2026-01-25 15:27:41 +00:00
062-tenant-rbac-v1 (#74)
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ahmido/TenantAtlas#74
No description provided.
Delete Branch "062-tenant-rbac-v1"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?