ahmido
023274c46c
## Summary - normalize provider-neutral target-scope and identity contracts across provider connection resolution, operation-start gating, verification reporting, and boundary configuration - align provider connection resource, onboarding, tenant summaries, and operation follow-up on the same shared scope contract while keeping Microsoft-specific profile details in provider-owned metadata - add Spec 281 artifacts and focused feature/browser coverage for the new provider-scope contract - move the tenant dashboard context-chip rail into Filament header widgets so the metadata row renders directly under the page subtitle ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Providers/ProviderConnectionTargetScopeNeutralityTest.php tests/Feature/Providers/ProviderIdentityResolutionNeutralityTest.php tests/Feature/Providers/ProviderOperationStartGateTargetScopeContextTest.php tests/Feature/Filament/ProviderConnectionResourceScopeSummaryTest.php tests/Feature/Onboarding/ManagedTenantOnboardingProviderConnectionScopeTest.php tests/Feature/Guards/ProviderConnectionMicrosoftScopeLeakGuardTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Dashboard/TenantDashboardProductizationSummaryTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Dashboard/TenantDashboardProductizationSmokeTest.php` - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` ## Notes - Filament remains on v5 with Livewire v4-compatible surfaces only. - Provider registration location is unchanged; Laravel 11+ providers stay in `apps/platform/bootstrap/providers.php`. - `ProviderConnectionResource` remains non-globally-searchable and still exposes View/Edit pages. - No new asset registration was added; deploy-time `filament:assets` expectations are unchanged. - No new destructive action path was introduced; existing server authorization and confirmation handling remain in place where applicable. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #339
117 lines
5.0 KiB
PHP
117 lines
5.0 KiB
PHP
<?php
|
|
|
|
use App\Support\Providers\Boundary\ProviderBoundaryOwner;
|
|
use App\Support\Providers\Boundary\ProviderBoundarySeam;
|
|
|
|
return [
|
|
'seams' => [
|
|
'provider.gateway_runtime' => [
|
|
'owner' => ProviderBoundaryOwner::ProviderOwned->value,
|
|
'description' => 'Provider-owned runtime boundary that translates provider connection identity into Microsoft Graph request options and executes Graph calls.',
|
|
'implementation_paths' => [
|
|
'app/Services/Providers/ProviderGateway.php',
|
|
'app/Services/Providers/MicrosoftGraphOptionsResolver.php',
|
|
],
|
|
'neutral_terms' => [
|
|
'provider',
|
|
'provider connection',
|
|
'target scope',
|
|
'runtime request context',
|
|
],
|
|
'retained_provider_semantics' => [
|
|
'Microsoft Graph option keys',
|
|
'client_request_id',
|
|
'tenant',
|
|
'client_id',
|
|
'client_secret',
|
|
],
|
|
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
|
|
],
|
|
'provider.identity_resolution' => [
|
|
'owner' => ProviderBoundaryOwner::PlatformCore->value,
|
|
'description' => 'Platform-core identity resolution contract that resolves provider connection identity without owning provider transport option shaping.',
|
|
'implementation_paths' => [
|
|
'app/Services/Providers/ProviderIdentityResolution.php',
|
|
'app/Services/Providers/ProviderIdentityResolver.php',
|
|
'app/Services/Providers/PlatformProviderIdentityResolver.php',
|
|
],
|
|
'neutral_terms' => [
|
|
'provider connection',
|
|
'target scope',
|
|
'credential source',
|
|
'effective client identity',
|
|
'provider context',
|
|
],
|
|
'retained_provider_semantics' => [
|
|
'provider_context.microsoft_tenant_id',
|
|
'platform_config',
|
|
'graph.tenant_id',
|
|
'admin.consent.callback',
|
|
],
|
|
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
|
|
],
|
|
'provider.connection_resolution' => [
|
|
'owner' => ProviderBoundaryOwner::PlatformCore->value,
|
|
'description' => 'Platform-core provider connection selection and validation path that publishes neutral target-scope truth with provider-specific profile detail kept as bounded context metadata.',
|
|
'implementation_paths' => [
|
|
'app/Services/Providers/ProviderConnectionResolver.php',
|
|
'app/Services/Providers/ProviderConnectionResolution.php',
|
|
],
|
|
'neutral_terms' => [
|
|
'provider',
|
|
'provider connection',
|
|
'target scope',
|
|
'default binding',
|
|
'unsupported combination',
|
|
],
|
|
'retained_provider_semantics' => [
|
|
'microsoft',
|
|
'provider_context.microsoft_tenant_id',
|
|
'consent_status',
|
|
],
|
|
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
|
|
],
|
|
'provider.operation_registry' => [
|
|
'owner' => ProviderBoundaryOwner::PlatformCore->value,
|
|
'description' => 'Platform-core operation definition catalog with provider binding metadata kept explicit and secondary.',
|
|
'implementation_paths' => [
|
|
'app/Services/Providers/ProviderOperationRegistry.php',
|
|
],
|
|
'neutral_terms' => [
|
|
'operation type',
|
|
'operation module',
|
|
'required capability',
|
|
'provider binding',
|
|
'unsupported binding',
|
|
],
|
|
'retained_provider_semantics' => [
|
|
'microsoft',
|
|
'active provider binding',
|
|
'binding_status',
|
|
'handler_notes',
|
|
'exception_notes',
|
|
],
|
|
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
|
|
],
|
|
'provider.operation_start_gate' => [
|
|
'owner' => ProviderBoundaryOwner::PlatformCore->value,
|
|
'description' => 'Platform-core operation start orchestration that consumes explicit provider bindings and records neutral target-scope context with provider-specific follow-up detail nested separately.',
|
|
'implementation_paths' => [
|
|
'app/Services/Providers/ProviderOperationStartGate.php',
|
|
],
|
|
'neutral_terms' => [
|
|
'operation',
|
|
'provider binding',
|
|
'target scope',
|
|
'execution authority',
|
|
'required capability',
|
|
],
|
|
'retained_provider_semantics' => [
|
|
'microsoft',
|
|
'provider_context.microsoft_tenant_id',
|
|
],
|
|
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
|
|
],
|
|
],
|
|
];
|