5699bc6c5b
refactor(config): remove runtime config files and centralize route/bootstrap
2026-04-01 20:27:42 +02:00
0c351f6aff
refactor(audit): extract audit domain into self-contained module
...
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.
Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers
Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n
Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling
All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-25 21:12:49 +01:00
c429ff43cd
refactor: fix 7 CRUD system inconsistencies for robustness and maintainability
...
- Add user-assignment dependency check to DepartmentService.deleteByUuid (409 when users assigned)
- Standardize POST detection to isMethod('POST') in 10 create/edit actions
- Align RoleService code uniqueness to warning pattern (matching departments)
- Normalize repository create() return types from mixed to int|false (3 repos + 3 interfaces)
- Add JSON response branches to 4 non-user delete actions
- Document delete authorization ordering pattern
- Decompose AdminSettingsService.updateFromAdmin into domain-scoped private methods
Workflow: .agents/runs/CRUD-CONSISTENCY-001/
Reviewed by: Code Reviewer (pass), Security Reviewer (pass), Acceptance Tester (pass)
Quality gates: QG-001 PHPUnit pass, QG-002 PHPStan pass, QG-003 Architecture pass
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-22 18:25:33 +01:00
5739cc1200
Refactor helper drift in lib: centralize theme/translation and remove app() hotspots
2026-03-19 08:23:14 +01:00
add5cca222
settings cache
2026-03-13 14:38:58 +01:00
892da0048d
refactor(arch): enforce gateway compliance and remove service-wrapping gateways
2026-03-13 11:31:33 +01:00
964c07a9de
feat(auth): add microsoft auto-remember policy with tenant override and configurable remember TTL
2026-03-10 22:48:10 +01:00
792af5a532
feat(settings): add admin session policy management
2026-03-09 20:07:55 +01:00
11ca546eae
feat(security): add session timeout + transaction wrapping (B1)
...
Session timeout: configurable idle (default 30min) and absolute (default 8h)
timeouts via DB settings, enforced in web/index.php on every request.
Timestamps set at login in action layer; graceful fallback for pre-existing
sessions.
Transaction wrapping: UserAccountService.createFromAdmin/register, roles
create/edit, and permissions edit now wrap multi-step DB operations in
transactions to guarantee atomicity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-09 19:16:26 +01:00
9a08f96c11
agent foundation
2026-03-06 00:44:52 +01:00
c5f657c8c8
listen ansichten verbessert
2026-03-05 11:17:42 +01:00
4b31fc7664
Repo Interface für tests
2026-03-05 08:26:51 +01:00
8f4dd5840d
major update
2026-03-04 15:56:58 +01:00
99db252f60
instances added god may help
2026-02-23 12:58:19 +01:00
25370a1a55
add composer-unused, comprehensive docs, and project restructure
...
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-02-22 15:27:35 +01:00
3eb9cc0ac4
big restructure
2026-02-11 19:28:12 +01:00