Commit Graph

18 Commits

Author SHA1 Message Date
fs
5699bc6c5b refactor(config): remove runtime config files and centralize route/bootstrap 2026-04-01 20:27:42 +02:00
fs
0c351f6aff refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.

Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers

Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n

Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
  surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling

All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
fs
07fbb96246 test: add PHPUnit coverage for 7 critical Tier 1 services (GR-TEST-001)
199 new tests across 9 files covering auth, user lifecycle, and settings:
- ApiTokenService: create/validate/rotate/revoke, timing-safe hash, tenant scope
- ApiTokenEndpointService: pagination, scope filtering, tenant resolution, expiry
- SsoUserLinkService: 2-phase identity lookup, provisioning, profile+avatar sync
- UserAssignmentService: sync methods, assignable-role freeze, transactions
- UserLifecycleAuditService: encrypted snapshots, enum normalization, retention
- UserLifecycleRestoreService: full restore flow, 9 error exits, rollback
- AdminSettingsService: API/lifecycle, Microsoft/telemetry, color/SMTP validation

Workflow: TEST-TIER1-001 (Analyst → Planner → Executor → Code Review → Security Review → Acceptance → Finalizer — all pass)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 23:29:07 +01:00
fs
555199b217 fix: PHPStan and test strictness improvements
Add bin/ scripts to PHPStan scanFiles, suppress property.onlyWritten for
by-ref test properties, add exhaustive default match arm, use explicit
expects() on mock stubs, fix data provider return type, and simplify
redundant null check in NotificationServiceTest.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 14:15:36 +01:00
fs
b873efc973 Strengthen settings gateway tests 2026-03-19 20:32:34 +01:00
fs
011d662dfc Drop redundant crypto gateway tests 2026-03-19 20:17:11 +01:00
fs
5c7a1148ac Consolidate settings session policy tests 2026-03-19 19:45:16 +01:00
fs
bc72fa50a6 Consolidate settings normalization tests 2026-03-19 19:43:55 +01:00
fs
83aadb3535 Deduplicate crypto gateway tests 2026-03-19 19:36:17 +01:00
fs
f6777113ec test(gateways): add 27 unit tests for 3 security-critical gateway classes
AuthCryptoGatewayTest (10 tests): encrypt/decrypt round-trip, unique IVs,
Crypto payload format verification (GR-SEC-005), error handling.
SettingsCryptoGatewayTest (9 tests): interface compliance, round-trip,
AES-256-GCM format, tampered ciphertext handling.
OidcHttpGatewayTest (8 tests): success, 401/500, network error, malformed JSON.

Plan amended: PermissionGateway removed (does not exist in codebase).
SC-002 amended: payload format verification accepted as Crypto delegation proof.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-13 13:57:33 +01:00
fs
892da0048d refactor(arch): enforce gateway compliance and remove service-wrapping gateways 2026-03-13 11:31:33 +01:00
fs
964c07a9de feat(auth): add microsoft auto-remember policy with tenant override and configurable remember TTL 2026-03-10 22:48:10 +01:00
fs
792af5a532 feat(settings): add admin session policy management 2026-03-09 20:07:55 +01:00
fs
11ca546eae feat(security): add session timeout + transaction wrapping (B1)
Session timeout: configurable idle (default 30min) and absolute (default 8h)
timeouts via DB settings, enforced in web/index.php on every request.
Timestamps set at login in action layer; graceful fallback for pre-existing
sessions.

Transaction wrapping: UserAccountService.createFromAdmin/register, roles
create/edit, and permissions edit now wrap multi-step DB operations in
transactions to guarantee atomicity.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-09 19:16:26 +01:00
fs
9a08f96c11 agent foundation 2026-03-06 00:44:52 +01:00
fs
8f4dd5840d major update 2026-03-04 15:56:58 +01:00
fs
7b53faca37 bisschen tests fixen 2026-02-23 16:00:04 +01:00
fs
99db252f60 instances added god may help 2026-02-23 12:58:19 +01:00