ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
d57fc5994b
TenantAtlas/specs/006-sot-foundations-assignments/plan.md
Ahmed Darrazi d14ad7b525 spec(006): add plan artifacts
2025-12-25 14:52:28 +01:00

4.5 KiB
Raw Blame History

Implementation Plan: SoT Foundations & Assignments

Branch: 006-sot-foundations-assignments | Date: 2025-12-25 | Spec: ./spec.md Input: Feature specification from /specs/006-sot-foundations-assignments/spec.md

Note: This template is filled in by the /speckit.plan command. See .specify/templates/commands/plan.md for the execution workflow.

Summary

Implement foundations-first backup/restore for Intune dependencies (Assignment Filters, Scope Tags, Notification Message Templates) and extend restore to be assignment-aware using a deterministic old→new ID mapping report. Conditional Access remains preview-only (never executed) until its dependency mapping is supported.

Phase outputs:

  • Phase 0 research: ./research.md
  • Phase 1 design: ./data-model.md, ./contracts/, ./quickstart.md

Technical Context

Language/Version: PHP 8.4 (Laravel 12)
Primary Dependencies: Laravel 12, Filament v4, Livewire v3, Microsoft Graph (custom client abstraction)
Storage: PostgreSQL (JSONB payload storage for snapshots)
Testing: Pest v4 + PHPUnit 12
Target Platform: Docker/Sail locally; container deploy via Dokploy Project Type: Web application (Laravel backend + Filament admin UI)
Performance Goals: Restore preview for ~100 items in <2 minutes (SC-003); handle Graph paging and throttling safely
Constraints: Restore must be defensive: no deletions; skip unsafe assignments; produce audit/report; respect Graph throttling
Scale/Scope: Tenants with large policy inventories; focus on foundational object types + assignment application for already-supported policy types

Constitution Check

GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.

The constitution at .specify/memory/constitution.md is currently an unfilled template (no ratified gates). For this feature, adopt the repos documented operating rules as gates:

  • Sail-first local dev/test commands.
  • SpecKit Gate Rule: code changes must be accompanied by specs/006-sot-foundations-assignments/ updates.
  • Testing is required: every behavioral change covered by Pest tests.
  • Safety: restore never deletes; assignments only applied when mapped; CA stays preview-only.
  • Auditability: restore/backup outcomes recorded and tenant-scoped.

If the team later ratifies a real constitution, re-map these gates accordingly.

Post-Phase 1 re-check: Pass (no violations introduced by the Phase 1 design artifacts).

Project Structure

Documentation (this feature)

specs/[###-feature]/
├── plan.md              # This file (/speckit.plan command output)
├── research.md          # Phase 0 output (/speckit.plan command)
├── data-model.md        # Phase 1 output (/speckit.plan command)
├── quickstart.md        # Phase 1 output (/speckit.plan command)
├── contracts/           # Phase 1 output (/speckit.plan command)
└── tasks.md             # Phase 2 output (/speckit.tasks command - NOT created by /speckit.plan)

Source Code (repository root)

app/
├── Filament/
│   └── Resources/
├── Jobs/
├── Models/
│   ├── BackupItem.php
│   ├── BackupSet.php
│   └── RestoreRun.php
├── Services/
│   ├── Graph/
│   └── Intune/
└── Support/

config/
├── graph_contracts.php
└── tenantpilot.php

database/
├── migrations/
└── factories/

tests/
├── Feature/
└── Unit/

Structure Decision: Implement as incremental additions to existing Laravel services/models/jobs, with Filament UI using the existing Backup/Restore flows.

Complexity Tracking

Fill ONLY if Constitution Check has violations that must be justified

Violation Why Needed Simpler Alternative Rejected Because
[e.g., 4th project] [current need] [why 3 projects insufficient]
[e.g., Repository pattern] [specific problem] [why direct DB access insufficient]