ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
a098ca2f16
TenantAtlas/specs/150-tenant-owned-query-canon-and-wrong-tenant-guards/quickstart.md
Ahmed Darrazi a098ca2f16 feat: implement tenant-owned query canon guards
2026-03-18 09:30:13 +01:00

2.2 KiB
Raw Blame History

Quickstart: Tenant-Owned Query Canon and Wrong-Tenant Guards

Goal

Implement a reusable tenant-owned query contract that keeps list, detail, search, relation-manager, and protected action paths aligned to the same tenant boundary.

Suggested Implementation Order

  1. Identify the first-slice family inventory from TenantOwnedTables and map each family to its primary Filament surface.
  2. Introduce the shared tenant-owned query and explicit record-resolution helper(s) for representative families.
  3. Migrate representative resources to the shared helper, starting with EntraGroupResource, PolicyResource, PolicyVersionResource, BackupScheduleResource, BackupSetResource, RestoreRunResource, FindingResource, and InventoryItemResource.
  4. Update relation managers in the first slice so their action targets prove owner-record and tenant congruence.
  5. Align global search posture per family: keep it scoped where parity exists, disable it deliberately where parity still does not exist.
  6. Add the wrong-tenant regression matrix and the lightweight architectural guard.

Expected Code Areas

  • app/Filament/Concerns/
  • app/Filament/Resources/
  • app/Policies/
  • app/Support/WorkspaceIsolation/
  • routes/web.php
  • tests/Feature/Filament/
  • tests/Feature/Rbac/
  • tests/Feature/Guards/

Verification Flow

Run the minimum relevant checks through Sail:

vendor/bin/sail artisan test --compact tests/Feature/Filament/EntraGroupAdminScopeTest.php
vendor/bin/sail artisan test --compact tests/Feature/BackupScheduling/BackupScheduleAdminTenantParityTest.php
vendor/bin/sail artisan test --compact tests/Feature/Guards/AdminTenantResolverGuardTest.php
vendor/bin/sail artisan test --compact tests/Feature/Guards/NoAdHocFilamentAuthPatternsTest.php
vendor/bin/sail artisan test --compact tests/Feature/Rbac
vendor/bin/sail bin pint --dirty --format agent

Completion Criteria

  • Representative tenant-owned families share one canonical query and lookup pattern.
  • Wrong-tenant index, detail, relation-manager, and protected action regressions are covered.
  • Global search is either safely scoped or explicitly disabled per family.
  • Guard coverage prevents new forbidden query patterns on covered surfaces.