ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
066-rbac-ui-enforcement-helper
TenantAtlas/specs/031-tenant-portfolio-context-switch/tasks.md
ahmido 2ca989c00f feat/031-tenant-portfolio-context-switch (#32) 
Tenant Switch implemented

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #32
2026-01-04 21:28:08 +00:00

34 lines
2.0 KiB
Markdown
Raw Permalink Blame History

# Tasks: Tenant Portfolio & Context Switch (031)
**Branch**: `feat/031-tenant-portfolio-context-switch`
**Date**: 2026-01-04
**Input**: [spec.md](./spec.md), [plan.md](./plan.md)
## Phase 1: Setup
- [x] T001 Create spec/plan/tasks and checklist.
## Phase 2: Research & Design
- [x] T002 Review Filament tenancy support and choose the context mechanism (route vs session).
- [x] T003 Define tenant access roles and mapping (user memberships; future org/group principals).
- [x] T004 Decide how to store `environment` (column vs JSONB) and whether MSP “customer grouping” is in scope.
- [x] T005 Define context precedence rules (env override, route tenant, session/default tenant) and cross-tab safety expectations.
## Phase 3: Tests (TDD)
- [x] T006 Authorization: user cannot access unauthorized tenant (404).
- [x] T007 Authorization: tenant-scoped resources deny cross-tenant access via URL (404).
- [x] T008 Context switching: “Open tenant” navigates into tenant-scoped pages (tenant in URL) and data filters correctly.
- [x] T009 Bulk sync: dispatches one job per selected tenant; readonly role cannot run it.
- [ ] T010 UI (optional browser tests): tenant switcher visible and environment badge shown.
## Phase 4: Implementation
- [x] T011 Add migrations for tenant memberships/roles and environment attribute (and optional preferences).
- [x] T012 Implement `TenantContext` + authorization gate/policy (`canAccessTenant`).
- [x] T013 Integrate tenant switcher into Filament topbar and make Current Tenant always visible.
- [x] T014 Scope tenant resources (Policies/Backups/RestoreRuns/etc.) via TenantContext; replace direct `Tenant::current()` usage.
- [x] T015 Update `TenantResource` into a portfolio view: access-scoped query, columns, filters, “Open”, “Sync”, bulk “Sync selected”.
- [x] T016 Add restore guardrails (target tenant header + tenant-aware confirmations).
## Phase 5: Verification
- [x] T017 Run targeted tests.
- [x] T018 Run Pint (`./vendor/bin/pint --dirty`).
Reference in New Issue View Git Blame Copy Permalink