TenantAtlas/.agent/skills/repo-contracts/rbac-action-safety/SKILL.md
ahmido 332f6325cb feat: add tenantpilot agent skill layer v1 (#483)
Automated PR provided by Codex via Gitea API.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #483
2026-06-25 23:03:47 +00:00

4.3 KiB

name description
tenantpilot-rbac-action-safety Hard-gate TenantPilot RBAC, capability, global-search, and destructive/high-impact action safety.

Purpose

Use this skill to keep TenantPilot authorization server-side, capability-driven, tenant/workspace-safe, and tested for both visible UI affordances and direct execution.

Activate When

  • Adding or changing Filament actions, table actions, bulk actions, header actions, form actions, or controller mutations.
  • Touching policies, gates, capabilities, UiEnforcement, WorkspaceUiEnforcement, or global search.
  • Adding destructive or high-impact operations such as delete, force delete, restore, archive, retry, sync, snapshot, provider disable, credential rotation, publish, export, or evidence capture.

Do Not Activate When

  • The task has no runtime authorization, action, global search, or mutation surface.
  • The task only updates docs/tooling and explicitly cannot change runtime files.

Maturity

L4 hard gate.

Gate Type

hard-gate.

Source Evidence

  • docs/security-guidelines.md
  • docs/filament-guidelines.md
  • docs/testing-guidelines.md
  • docs/research/filament-v5-notes.md
  • specs/402-resource-policy-authorization-proof-matrix/implementation-report.md
  • apps/platform/app/Support/Rbac/UiEnforcement.php
  • apps/platform/app/Support/Rbac/WorkspaceUiEnforcement.php
  • apps/platform/app/Policies/ProviderConnectionPolicy.php
  • apps/platform/tests/Feature/Filament/ProviderConnectionsUiEnforcementTest.php
  • apps/platform/tests/Feature/Rbac/AdminGlobalSearchContextSafetyTest.php
  • apps/platform/tests/Feature/Rbac/UiEnforcementDestructiveTest.php

External Anchors

  • Filament v5 actions confirmation docs and global search docs cited in docs/research/filament-v5-notes.md.

Required Repo Context

  • The affected panel/resource/page/relation manager/action.
  • Existing policy and capability constants.
  • UiEnforcement or WorkspaceUiEnforcement usage.
  • Direct execution tests for action handlers.
  • Global search pages, title attributes, scoped queries, and View/Edit page posture.

Execution Checklist

  • Enforce authorization in the handler through policy/gate/service, not only via hidden UI.
  • Apply UiEnforcement or WorkspaceUiEnforcement for visible/disabled affordances.
  • Use canonical capability constants, not raw role strings.
  • Make destructive/high-impact actions execute through ->action(...).
  • Require ->requiresConfirmation() for destructive/high-impact actions.
  • Write audit logs for mutating security/governance actions.
  • Add tests for allowed, denied/disabled, direct execution denial, side effects, audit, and scope where behavior changes.
  • Disable global search unless the resource has safe View/Edit pages, title attributes, scoped URLs, and non-member-safe results.

Stop Conditions

  • Missing server-side authorization for a mutation or operation start.
  • Destructive/high-impact action lacks ->action(...) or ->requiresConfirmation().
  • Hidden UI remains directly callable through Livewire/action APIs.
  • Global search can reveal inaccessible records, labels, URLs, or relationship details.
  • Authorization uses role strings or unregistered capability strings in new code.
  • Mutating action lacks audit evidence where the domain requires auditability.

Required Evidence After Use

  • Policy/gate/capability path.
  • UI affordance path and direct execution path.
  • Tests proving allowed and denied behavior.
  • Confirmation of global search posture for changed resources.
  • Audit behavior for mutating or high-impact actions.

Common Failure Modes

  • Confusing action visibility with authorization.
  • Assuming confirmation works on URL-only actions.
  • Using per-record UI filters while leaving bulk/direct action paths open.
  • Enabling global search on tenant-sensitive resources without safe detail routes.
  • Returning 403 where deny-as-not-found 404 is required for non-member scope.

Quarantined Rules

Full Spec 416 quarantine list applies. Especially quarantined here: stale provider Healthy/Ready semantics; limited customer download vocabulary; raw provider/evidence payload default display; historical audits as current truth.

Review / Expiry

Review whenever RBAC planes, capabilities, Filament action rules, or global search posture change. No planned expiry.