ahmido dd175c16a1 fix: tighten workspace RBAC access boundaries (#364) ... ## Summary - tighten workspace RBAC and panel access boundaries - remove non-owner workspace membership management capability from workspace role mapping - add focused boundary coverage for admin panel, managed environments, providers, review packs, operation runs, finding exceptions, and workspace role capabilities - include spec artifacts for feature 309 ## Testing - cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Auth/WorkspaceFirstManagedEnvironmentAccessTest.php tests/Feature/Rbac/RoleMatrix/ManagerAccessTest.php tests/Feature/Rbac/WorkspaceMembershipsRelationManagerUiEnforcementTest.php tests/Feature/Rbac/AdminPanelAccessBoundaryTest.php tests/Feature/Rbac/FindingExceptionLifecycleAccessBoundaryTest.php tests/Feature/Rbac/ManagedEnvironmentAccessBoundaryTest.php tests/Feature/Rbac/OperationRunAccessBoundaryTest.php tests/Feature/Rbac/ProviderConnectionAccessBoundaryTest.php tests/Feature/Rbac/ReviewPackAccessBoundaryTest.php tests/Feature/Rbac/SystemPanelAccessBoundaryTest.php tests/Feature/Rbac/WorkspaceRoleCapabilityBoundaryTest.php tests/Unit/Auth/CapabilityResolverTest.php tests/Unit/Auth/WorkspaceRoleCapabilityMapTest.php - cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #364		2026-05-15 14:00:21 +00:00
..
ManagerAccessTest.php	fix: tighten workspace RBAC access boundaries (#364)	2026-05-15 14:00:21 +00:00
OperatorAccessTest.php	feat: remove findings acknowledged compatibility and unify canonical operation types (#296)	2026-04-29 07:34:39 +00:00
OwnerAccessTest.php	feat: remove findings acknowledged compatibility and unify canonical operation types (#296)	2026-04-29 07:34:39 +00:00
ReadonlyAccessTest.php	feat: remove findings acknowledged compatibility and unify canonical operation types (#296)	2026-04-29 07:34:39 +00:00