2026-03-19 18:23:04 +01:00
|
|
|
# Core Boundaries (MUST / MUST NOT)
|
|
|
|
|
|
|
|
|
|
## Schichtgrenzen
|
|
|
|
|
|
2026-04-13 23:20:05 +02:00
|
|
|
1. MUST SQL nur in `core/Repository/**` halten.
|
|
|
|
|
2. MUST Business-Logik in `core/Service/**` halten.
|
2026-03-19 18:23:04 +01:00
|
|
|
3. MUST `pages/**` auf Input, Auth/AuthZ, Orchestrierung, Response begrenzen.
|
|
|
|
|
4. MUST NOT Business- oder Permission-Logik in `templates/**` legen.
|
|
|
|
|
|
|
|
|
|
## Instanziierung
|
|
|
|
|
|
|
|
|
|
1. MUST in Actions/Helpern/Templates nur `app(Foo::class)` verwenden.
|
|
|
|
|
2. MUST NOT in `pages/**` direkt `new ...Service|Gateway|Repository` nutzen.
|
2026-04-13 23:20:05 +02:00
|
|
|
3. MUST NOT in `core/Service/**` (ausser `*Factory.php`) direkt `new ...Factory|Service|Gateway|Repository` nutzen.
|
2026-03-19 18:23:04 +01:00
|
|
|
4. MUST NOT in `pages/admin/**` `Factory::class` referenzieren oder `app(...Factory::class)->create...` nutzen.
|
|
|
|
|
|
|
|
|
|
## Input / Validation
|
|
|
|
|
|
2026-04-29 09:57:22 +02:00
|
|
|
1. MUST Input in `pages/**` über `requestInput()` lesen.
|
2026-03-19 18:23:04 +01:00
|
|
|
2. MUST NOT `$_POST`, `$_GET`, `$_FILES`, `REQUEST_METHOD` in `pages/**` verwenden.
|
|
|
|
|
3. MUST NOT `$_SESSION`, `$_SERVER`, `$_COOKIE`, `$_ENV` in `pages/**` direkt verwenden.
|
2026-04-29 09:57:22 +02:00
|
|
|
4. MUST Form-Validation über `FormErrors` führen.
|
|
|
|
|
5. MUST API-Validation-Fehler über `ApiResponse::validationFromFormErrors(...)` ausgeben.
|
2026-03-19 18:23:04 +01:00
|
|
|
6. MUST NOT `ApiResponse::readJsonBody(...)` in `pages/api/v1/**` verwenden.
|
|
|
|
|
|
|
|
|
|
## List-Data Endpoints
|
|
|
|
|
|
|
|
|
|
1. MUST `pages/**/data().php` als GET-only Endpunkte umsetzen (`gridRequireGetRequest()`).
|
2026-04-29 09:57:22 +02:00
|
|
|
2. MUST Query-Filter über `gridParseFilters(...)` + `filter-schema.php` normalisieren.
|
|
|
|
|
3. MUST NOT Query-Filter inline/parallele Alias-Parser in `data().php` neu einführen.
|
2026-03-19 18:23:04 +01:00
|
|
|
|
|
|
|
|
## Security / API
|
|
|
|
|
|
|
|
|
|
1. MUST AuthZ serverseitig erzwingen.
|
|
|
|
|
2. MUST Tenant-Scope serverseitig erzwingen.
|
|
|
|
|
3. MUST CSRF auf POST-Endpunkten vor Body-Verarbeitung verifizieren.
|
|
|
|
|
4. MUST NOT PII/Secrets unredacted in Logs oder Audit-Metadata schreiben.
|
2026-04-29 09:57:22 +02:00
|
|
|
5. MUST SQL nur über Repository mit prepared statements ausführen.
|
2026-03-19 18:23:04 +01:00
|
|
|
6. MUST extern UUID-first bleiben.
|
|
|
|
|
7. MUST API-Fehler konsistent halten (`error`, optional `errors`).
|
2026-04-29 09:57:22 +02:00
|
|
|
8. MUST OpenAPI im selben Merge aktualisieren, wenn API geändert wird.
|
2026-03-19 18:23:04 +01:00
|
|
|
|
2026-04-29 09:57:22 +02:00
|
|
|
## Prüf-Hinweis
|
2026-03-19 18:23:04 +01:00
|
|
|
|
|
|
|
|
- Harte Repo-Gates: `tests/Architecture/CoreStarterkitContractTest.php`
|