ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
3f09fd50f6
TenantAtlas/specs/080-workspace-managed-tenant-admin/data-model.md
ahmido 3f09fd50f6 feat(spec-080): workspace-managed tenant administration migration (#97) 
Implements Spec 080: split Filament into workspace-managed `/admin/*` (manage) vs tenant operations `/admin/t/{tenant}/*` (operate).

Highlights:
- Adds tenant operations panel (`tenant`) at `/admin/t` with tenancy by `Tenant.external_id`
- Keeps management resources in workspace panel (`admin`) under `/admin/tenants/*`
- Moves Provider Connections to workspace-managed routes: `/admin/tenants/{tenant}/provider-connections`
- Adds discoverability CTA on tenant view (Actions → Provider connections)
- Adds/updates Pest regression tests for routing boundaries, 404/403 RBAC-UX semantics, and global search isolation
- Includes full Spec Kit artifacts under `specs/080-workspace-managed-tenant-admin/`

Validation:
- `vendor/bin/sail bin pint --dirty`
- `vendor/bin/sail artisan test --compact tests/Feature/Spec080WorkspaceManagedTenantAdminMigrationTest.php`

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #97
2026-02-07 19:45:13 +00:00

2.6 KiB
Raw Blame History

Data Model — Spec 080 Workspace-Managed Tenant Administration Migration

This feature is primarily a routing + panel registration change. No new entities are required, but the plan relies on these existing domain objects and their relationships.

Entities

Workspace

  • Represents the portfolio/customer context.
  • Key fields (typical): id, name, slug or uuid, archived_at, timestamps.

WorkspaceMembership

  • Joins a User to a Workspace with a role.
  • Key fields: id, workspace_id, user_id, role, timestamps.
  • Rules:
    • Workspace membership is an isolation boundary for /admin/* management.

Tenant (Managed Tenant)

  • Workspace-owned representation of an Entra/Intune tenant.
  • Key fields (from usage in the codebase):
    • id
    • workspace_id
    • external_id (canonical route identifier; Entra tenant GUID)
    • tenant_id (Entra tenant ID / GUID — may be same domain meaning depending on model)
    • name, domain, environment
    • metadata (JSON)
    • archived_at (if supported)
    • timestamps
  • Notes:
    • {tenant} route parameter refers to Tenant.external_id in both /admin/tenants/{tenant} and /admin/t/{tenant}.

TenantMembership

  • Joins a User to a Tenant with a tenant role.
  • Key fields: id, tenant_id, user_id, role, timestamps.
  • Rules:
    • Tenant membership is an isolation boundary for /admin/t/{tenant}/*.
    • Guardrails: cannot remove/demote the last Owner (existing rule in constitution and code).

ProviderConnection

  • Stores provider integration configuration for a managed tenant.
  • Key fields (from resource usage):
    • id, workspace_id, tenant_id
    • provider
    • display_name
    • entra_tenant_id
    • is_default
    • status, health_status
    • timestamps
  • Notes:
    • Treated as workspace-managed configuration, but scoped to a specific managed tenant via FK.

AuditLog

  • Append-only record of security/management events.
  • Required attributes (per spec): workspace_id, tenant_id, actor_id, action_id, redacted metadata, timestamp.

OperationRun

  • Existing observability record for long-running operations.
  • This migration itself should not introduce new runs; management page renders must be DB-only.

Relationships (high level)

  • Workspace 1—* WorkspaceMembership
  • Workspace 1—* Tenant
  • Tenant 1—* TenantMembership
  • Tenant 1—* ProviderConnection
  • Workspace 1—* ProviderConnection
  • Workspace/Tenant 1—* AuditLog

State & Transitions

  • This feature does not add new domain state transitions.
  • Any existing onboarding/activation state changes remain workspace-managed in UI (per spec) and must continue to be audited.