ahmido
eef85af990
Kurzbeschreibung Implementiert Tenant RBAC v1 (specs/062-tenant-rbac-v1): tenant_memberships, Capability registry/resolver, gates, Filament RelationManager für Tenant→Members, Last‑Owner‑Guard, bootstrap assign/recover (break‑glass), Audit-Logging. Wichtige Änderungen Migration: create_tenant_memberships_table (T004) — ausgeführt Models/Services: TenantMembership, Capabilities, RoleCapabilityMap, CapabilityResolver (T008–T013) Auth: Gates registriert in AuthServiceProvider.php (T011) Filament: RelationManager unter Settings → Tenants (Members CRUD + Last‑Owner‑Guard) (T017–T018) Break‑glass: lokale platform superadmin + persistent banner + bootstrap_recover action (T024–T026) Audit: Audit‑Einträge für membership actions mit canonical action_ids (T022) Tests: neue/aktualisierte Feature- und Unit‑Tests (siehe Test‑Abschnitt) Migrations / Deploy Run migrations: vendor/bin/sail artisan migrate Keine neuen Panel‑Assets registriert (kein php artisan filament:assets nötig) Wenn Frontend nicht sichtbar: vendor/bin/sail npm run dev oder vendor/bin/sail npm run build Tests (geprüft / neu) Fokus-Suite ausgeführt für Tenant RBAC (T031). Neu / aktualisiert: CapabilitiesRegistryTest CapabilityResolverTest TenantSwitcherScopeTest TenantRouteDenyAsNotFoundTest TenantMembershipCrudTest LastOwnerGuardTest TenantBootstrapAssignTest MembershipAuditLogTest BreakGlassRecoveryTest Befehl zum lokalen Ausführen (minimal): vendor/bin/sail artisan test tests/Feature/TenantRBAC --stop-on-failure Filament / Sicherheits‑Contract (erforderliche Punkte) Livewire v4.0+ compliance: bestätigt (Filament v5 target). Provider registration: keine neue Panel‑Provider-Änderung; falls nötig: providers.php (Laravel 11+). Globale Suche: keine neuen Ressourcen für Global Search hinzugefügt; vorhandene Ressourcen behalten Edit/View‑Pages unverändert. Destructive actions: tenant_membership.remove und role‑demote sind destruktive — implemented via Action::make(...)->action(...)->requiresConfirmation() + policy checks. Asset strategy: keine globalen Assets; on‑demand/load as before. Deployment: filament:assets nicht erforderlich für diese PR. Testing plan: Livewire/Filament Komponenten + actions abgedeckt — RelationManager CRUD, Last‑Owner‑Guard, BreakGlassRecovery, CapabilityResolver/Registry, Tenant switcher + deny‑as‑not‑found route tests. Offene/optionale Punkte T005/T028/T029 (tenant_role_mappings migration + UI + Tests) sind optional und noch nicht umgesetzt. Checklist (aus tasks.md) T001–T003 Discovery T004, T006–T007 Migrations (T005 optional) T008–T013 Models/Capabilities/Gates T014–T016 Tenant isolation & route enforcement T017–T021 Membership UI + bootstrap flows T022–T023 Audit logging + tests T024–T027 Break‑glass flows & tests T005, T028, T029 Optional mappings T030–T031 Formatting + focused tests Migration / Test commands to run locally vendor/bin/sail up -d vendor/bin/sail artisan migrate vendor/bin/sail artisan tinker (falls manuell Benutzer/Flags setzen) vendor/bin/sail artisan test tests/Feature/TenantRBAC --stop-on-failure Wenn du einen PR‑Titel und Labels willst, schlage ich vor: Title: feat(062): Tenant RBAC v1 — memberships, capability resolver, break‑glass recovery Labels: feature, tests, migration Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box> Reviewed-on: #74 |
||
|---|---|---|
| .ai/guidelines | ||
| .codex/prompts | ||
| .gemini | ||
| .gitea | ||
| .github | ||
| .specify | ||
| app | ||
| bootstrap | ||
| config | ||
| database | ||
| docs | ||
| drizzle | ||
| public | ||
| resources | ||
| routes | ||
| scripts | ||
| spechistory | ||
| specs | ||
| storage | ||
| tests | ||
| .dockerignore | ||
| .editorconfig | ||
| .env.example | ||
| .gitattributes | ||
| .gitignore | ||
| .npmignore | ||
| .prettierignore | ||
| Agents.md | ||
| artisan | ||
| boost.json | ||
| composer.json | ||
| composer.lock | ||
| docker-compose.yml | ||
| drizzle.config.ts | ||
| GEMINI.md | ||
| opencode.json | ||
| package-lock.json | ||
| package.json | ||
| phpunit.xml | ||
| PROJECT_SUMMARY.md | ||
| README.md | ||
| vite.config.js | ||
TenantPilot setup
- Local dev (Sail-first):
- Start stack:
./vendor/bin/sail up -d - Init DB:
./vendor/bin/sail artisan migrate --seed - Tests:
./vendor/bin/sail artisan test - Policy sync:
./vendor/bin/sail artisan intune:sync-policies
- Start stack:
- Filament admin:
/admin(seed usertest@example.com, set password via factory orartisan tinker). - Microsoft Graph (Intune) env vars:
GRAPH_TENANT_IDGRAPH_CLIENT_IDGRAPH_CLIENT_SECRETGRAPH_SCOPE(defaulthttps://graph.microsoft.com/.default)- Without these, the
NullGraphClientruns in dry mode (no Graph calls). - Required API Permissions: See docs/PERMISSIONS.md for complete list
- Missing permissions? Scope tags will show as "Unknown (ID: X)" - add
DeviceManagementRBAC.Read.All
- Missing permissions? Scope tags will show as "Unknown (ID: X)" - add
- Deployment (Dokploy, staging → production):
- Containerized deploy; ensure Postgres + Redis are provisioned (see
docker-compose.ymlfor local baseline). - Run migrations on staging first, validate backup/restore flows, then promote to production.
- Ensure queue workers are running for jobs (e.g., policy sync) after deploy.
- Keep secrets/env in Dokploy, never in code.
- Containerized deploy; ensure Postgres + Redis are provisioned (see
Bulk operations (Feature 005)
- Bulk actions are available in Filament resource tables (Policies, Policy Versions, Backup Sets, Restore Runs).
- Destructive operations require type-to-confirm at higher thresholds (e.g.
DELETE). - Long-running bulk ops are queued; the bottom-right progress widget polls for active runs.
Troubleshooting
- Progress stuck on “Queued…” usually means the queue worker is not running (or not processing the queue you expect).
- Prefer using the Sail/Docker worker (see
docker-compose.yml) rather than starting an additional localphp artisan queue:work. - Check worker status/logs:
./vendor/bin/sail psand./vendor/bin/sail logs -f queue.
- Prefer using the Sail/Docker worker (see
- Exit code 137 for
queue:worktypically means the process was killed (often OOM). Increase Docker memory/limits or run the worker inside the container.
Configuration
TENANTPILOT_BULK_CHUNK_SIZE(default10): job refresh/progress chunk size.TENANTPILOT_BULK_POLL_INTERVAL_SECONDS(default3): Livewire polling interval for the progress widget (clamped to 1–10s).
Intune RBAC Onboarding Wizard
- Entry point: Tenant detail in Filament (
Setup Intune RBACin the ⋯ ActionGroup). Visible only for active tenants withapp_client_id. - Flow (synchronous, delegated):
- Configure Role (default Policy/Profile Manager), Scope (global or scope group), Group mode (create default
TenantPilot-Intune-RBACor pick existing security-enabled group). Review planned changes. - Delegated admin login (short-lived token, not stored in DB/cache).
- Execute: resolve service principal, ensure/validate security group, ensure membership, ensure/create/patch Intune role assignment; persists IDs on tenant for idempotency; no queue.
- Post-verify: forces fresh token, runs canary reads (deviceConfigurations/deviceCompliancePolicies; CA canary only if feature enabled), updates health and warnings (scope-limited, CA disabled, manual assignment required).
- Configure Role (default Policy/Profile Manager), Scope (global or scope group), Group mode (create default
- Safety/notes: least-privilege default, idempotent reruns, “already exists” treated as success. If service principal missing, run Admin consent first. Scope-limited setups may yield partial inventory/restore; warnings are surfaced in UI and health panel.
Graph Contract Registry & Drift Guard
- Registry:
config/graph_contracts.phpdefines per-type contracts (resource paths, allowed$select/$expand, @odata.type family, create/update methods, id field, hydration). - Client behavior:
- Sanitizes
$select/$expandto allowed fields; logs warnings on trim. - Derived @odata.type values within the family are accepted for preview/restore routing.
- Capability fallback: on 400s related to select/expand, retries without those clauses and surfaces warnings.
- Sanitizes
- Drift check:
php artisan graph:contract:check [--tenant=]runs lightweight probes against contract endpoints to detect capability/shape issues; useful in staging/CI (prod optional). - If Graph returns capability errors, TenantPilot downgrades safely, records warnings/audit entries, and avoids breaking preview/restore flows.
Policy Settings Display
- Policy detail pages render normalized settings instead of raw JSON:
- OMA-URI/custom policies → path/value table
- Settings Catalog → flattened key/value entries
- Standard objects → labeled key/value view with metadata filtered
- Version detail pages show both pretty-printed JSON and normalized settings.
- Warnings surface malformed snapshots or @odata.type mismatches before restore.
Policy JSON Viewer (Feature 002)
- Location: Policy View pages (
/admin/policies/{record}) - Capability: Pretty-printed JSON snapshot viewer with copy-to-clipboard
- Settings Catalog Enhancement: Dual-view tabs (Settings table + JSON viewer) for Settings Catalog policies
- Features:
- Copy JSON to clipboard with success message
- Large payload detection (>500 KB) with warning badge and auto-collapse
- Dark mode support integrated with Filament design system
- Browser native search (Cmd+F / Ctrl+F) for finding specific keys or values
- Scrollable container with max height to prevent page overflow
- Usage: See
specs/002-filament-json/quickstart.mdfor detailed examples and configuration - Performance: Optimized for payloads up to 1 MB; auto-collapse improves initial render for large snapshots
About Laravel
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
- Simple, fast routing engine.
- Powerful dependency injection container.
- Multiple back-ends for session and cache storage.
- Expressive, intuitive database ORM.
- Database agnostic schema migrations.
- Robust background job processing.
- Real-time event broadcasting.
Laravel is accessible, powerful, and provides tools required for large, robust applications.
Learning Laravel
Laravel has the most extensive and thorough documentation and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework. You can also check out Laravel Learn, where you will be guided through building a modern Laravel application.
If you don't feel like reading, Laracasts can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
Laravel Sponsors
We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the Laravel Partners program.
Premium Partners
Contributing
Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the Laravel documentation.
Code of Conduct
In order to ensure that the Laravel community is welcoming to all, please review and abide by the Code of Conduct.
Security Vulnerabilities
If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via taylor@laravel.com. All security vulnerabilities will be promptly addressed.
License
The Laravel framework is open-sourced software licensed under the MIT license.