ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
c7b38606a9
TenantAtlas/apps/platform/config/provider_boundaries.php
ahmido 1debe40ced feat: implement provider capability registry (#342) 
## Summary
- implement the provider capability registry and derived capability evaluation flow
- update provider connections, onboarding, required-permissions diagnostics, and provider blocker translation to use capability-first summaries
- add bounded unit, feature, and browser test coverage plus the prepared Spec 283 artifacts

## Notes
- branch: `283-provider-capability-registry`
- commit: `74e75c3e`
- no additional validation commands were run in this git/PR flow step

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #342
2026-05-08 21:17:05 +00:00

140 lines
6.2 KiB
PHP
Raw Blame History

<?php
use App\Support\Providers\Boundary\ProviderBoundaryOwner;
use App\Support\Providers\Boundary\ProviderBoundarySeam;
return [
'seams' => [
'provider.gateway_runtime' => [
'owner' => ProviderBoundaryOwner::ProviderOwned->value,
'description' => 'Provider-owned runtime boundary that translates provider connection identity into Microsoft Graph request options and executes Graph calls.',
'implementation_paths' => [
'app/Services/Providers/ProviderGateway.php',
'app/Services/Providers/MicrosoftGraphOptionsResolver.php',
],
'neutral_terms' => [
'provider',
'provider connection',
'target scope',
'runtime request context',
],
'retained_provider_semantics' => [
'Microsoft Graph option keys',
'client_request_id',
'tenant',
'client_id',
'client_secret',
],
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
],
'provider.identity_resolution' => [
'owner' => ProviderBoundaryOwner::PlatformCore->value,
'description' => 'Platform-core identity resolution contract that resolves provider connection identity without owning provider transport option shaping.',
'implementation_paths' => [
'app/Services/Providers/ProviderIdentityResolution.php',
'app/Services/Providers/ProviderIdentityResolver.php',
'app/Services/Providers/PlatformProviderIdentityResolver.php',
],
'neutral_terms' => [
'provider connection',
'target scope',
'credential source',
'effective client identity',
'provider context',
],
'retained_provider_semantics' => [
'provider_context.microsoft_tenant_id',
'platform_config',
'graph.tenant_id',
'admin.consent.callback',
],
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
],
'provider.connection_resolution' => [
'owner' => ProviderBoundaryOwner::PlatformCore->value,
'description' => 'Platform-core provider connection selection and validation path that publishes neutral target-scope truth with provider-specific profile detail kept as bounded context metadata.',
'implementation_paths' => [
'app/Services/Providers/ProviderConnectionResolver.php',
'app/Services/Providers/ProviderConnectionResolution.php',
],
'neutral_terms' => [
'provider',
'provider connection',
'target scope',
'default binding',
'unsupported combination',
],
'retained_provider_semantics' => [
'microsoft',
'provider_context.microsoft_tenant_id',
'consent_status',
],
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
],
'provider.operation_registry' => [
'owner' => ProviderBoundaryOwner::PlatformCore->value,
'description' => 'Platform-core operation definition catalog with provider binding metadata kept explicit and secondary.',
'implementation_paths' => [
'app/Services/Providers/ProviderOperationRegistry.php',
],
'neutral_terms' => [
'operation type',
'operation module',
'required capability',
'provider binding',
'unsupported binding',
],
'retained_provider_semantics' => [
'microsoft',
'active provider binding',
'binding_status',
'handler_notes',
'exception_notes',
],
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
],
'provider.capability_registry' => [
'owner' => ProviderBoundaryOwner::PlatformCore->value,
'description' => 'Platform-core derived provider capability catalog that maps operation readiness to existing provider permission, consent, and connection evidence without adding persistence.',
'implementation_paths' => [
'app/Support/Providers/Capabilities/ProviderCapabilityRegistry.php',
'app/Support/Providers/Capabilities/ProviderCapabilityEvaluator.php',
'app/Support/Verification/TenantPermissionCheckClusters.php',
],
'neutral_terms' => [
'provider capability',
'provider requirement key',
'operation type',
'capability status',
'required provider capability',
],
'retained_provider_semantics' => [
'microsoft',
'Microsoft Graph permission keys',
'admin consent',
'RoleManagement.Read.Directory',
],
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
],
'provider.operation_start_gate' => [
'owner' => ProviderBoundaryOwner::PlatformCore->value,
'description' => 'Platform-core operation start orchestration that consumes explicit provider bindings and records neutral target-scope context with provider-specific follow-up detail nested separately.',
'implementation_paths' => [
'app/Services/Providers/ProviderOperationStartGate.php',
],
'neutral_terms' => [
'operation',
'provider binding',
'target scope',
'execution authority',
'required capability',
],
'retained_provider_semantics' => [
'microsoft',
'provider_context.microsoft_tenant_id',
],
'follow_up_action' => ProviderBoundarySeam::FOLLOW_UP_DOCUMENT_IN_FEATURE,
],
],
];
Reference in New Issue View Git Blame Copy Permalink