ahmido
5bcb4f6ab8
## Summary
- add a canonical queued execution legitimacy contract for actor-bound and system-authority operation runs
- enforce legitimacy before queued jobs transition runs to running across provider, inventory, restore, bulk, sync, and scheduled backup flows
- surface blocked execution outcomes consistently in Monitoring, notifications, audit data, and the tenantless operation viewer
- add Spec 149 artifacts and focused Pest coverage for legitimacy decisions, middleware ordering, blocked presentation, retry behavior, and cross-family adoption
## Testing
- vendor/bin/sail artisan test --compact tests/Unit/Operations/QueuedExecutionLegitimacyGateTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionMiddlewareOrderingTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Verification/ProviderExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/RunInventorySyncExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/ExecuteRestoreRunExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/SystemRunBlockedExecutionNotificationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/BulkOperationExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionRetryReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionContractMatrixTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/OperationRunBlockedExecutionPresentationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionAuditTrailTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/TenantlessOperationRunViewerTest.php
- vendor/bin/sail bin pint --dirty --format agent
## Manual validation
- validated queued provider execution blocking for tenant operability drift in the integrated browser on /admin/operations and /admin/operations/{run}
- validated 404 vs 403 route behavior for non-membership vs in-scope capability denial
- validated initiator-null blocked system-run behavior without creating a user terminal notification
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #179
180 lines
3.9 KiB
JSON
180 lines
3.9 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://tenantpilot.local/specs/149/contracts/execution-legitimacy.schema.json",
|
|
"title": "Queued Execution Legitimacy Decision",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"operation_type",
|
|
"authority_mode",
|
|
"allowed",
|
|
"retryable",
|
|
"target_scope",
|
|
"checks"
|
|
],
|
|
"properties": {
|
|
"operation_type": {
|
|
"type": "string",
|
|
"minLength": 1
|
|
},
|
|
"authority_mode": {
|
|
"type": "string",
|
|
"enum": [
|
|
"actor_bound",
|
|
"system_authority"
|
|
]
|
|
},
|
|
"allowed": {
|
|
"type": "boolean"
|
|
},
|
|
"retryable": {
|
|
"type": "boolean",
|
|
"description": "Canonical initial mapping: false for scope_denied, capability_denied, and initiator_invalid; true for tenant_not_operable and prerequisite_invalid."
|
|
},
|
|
"reason_code": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
],
|
|
"enum": [
|
|
"workspace_mismatch",
|
|
"tenant_not_entitled",
|
|
"missing_capability",
|
|
"tenant_not_operable",
|
|
"tenant_missing",
|
|
"initiator_missing",
|
|
"initiator_not_entitled",
|
|
"provider_connection_invalid",
|
|
"write_gate_blocked",
|
|
"execution_prerequisite_invalid",
|
|
null
|
|
]
|
|
},
|
|
"denial_class": {
|
|
"type": [
|
|
"string",
|
|
"null"
|
|
],
|
|
"description": "High-level refusal class used to derive retryable behavior and operator-facing blocked-execution explanation.",
|
|
"enum": [
|
|
"scope_denied",
|
|
"capability_denied",
|
|
"tenant_not_operable",
|
|
"prerequisite_invalid",
|
|
"initiator_invalid",
|
|
null
|
|
]
|
|
},
|
|
"initiator": {
|
|
"type": [
|
|
"object",
|
|
"null"
|
|
],
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"identity_type",
|
|
"user_id"
|
|
],
|
|
"properties": {
|
|
"identity_type": {
|
|
"type": "string",
|
|
"enum": [
|
|
"user",
|
|
"system"
|
|
]
|
|
},
|
|
"user_id": {
|
|
"type": [
|
|
"integer",
|
|
"null"
|
|
],
|
|
"minimum": 1
|
|
}
|
|
}
|
|
},
|
|
"target_scope": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"workspace_id",
|
|
"tenant_id"
|
|
],
|
|
"properties": {
|
|
"workspace_id": {
|
|
"type": "integer",
|
|
"minimum": 1
|
|
},
|
|
"tenant_id": {
|
|
"type": [
|
|
"integer",
|
|
"null"
|
|
],
|
|
"minimum": 1
|
|
},
|
|
"provider_connection_id": {
|
|
"type": [
|
|
"integer",
|
|
"null"
|
|
],
|
|
"minimum": 1
|
|
}
|
|
}
|
|
},
|
|
"checks": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"workspace_scope",
|
|
"tenant_scope",
|
|
"capability",
|
|
"tenant_operability",
|
|
"execution_prerequisites"
|
|
],
|
|
"properties": {
|
|
"workspace_scope": {
|
|
"type": "string",
|
|
"enum": [
|
|
"passed",
|
|
"failed",
|
|
"not_applicable"
|
|
]
|
|
},
|
|
"tenant_scope": {
|
|
"type": "string",
|
|
"enum": [
|
|
"passed",
|
|
"failed",
|
|
"not_applicable"
|
|
]
|
|
},
|
|
"capability": {
|
|
"type": "string",
|
|
"enum": [
|
|
"passed",
|
|
"failed",
|
|
"not_applicable"
|
|
]
|
|
},
|
|
"tenant_operability": {
|
|
"type": "string",
|
|
"enum": [
|
|
"passed",
|
|
"failed",
|
|
"not_applicable"
|
|
]
|
|
},
|
|
"execution_prerequisites": {
|
|
"type": "string",
|
|
"enum": [
|
|
"passed",
|
|
"failed",
|
|
"not_applicable"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"metadata": {
|
|
"type": "object"
|
|
}
|
|
}
|
|
} |