50 lines
3.4 KiB
JSON
50 lines
3.4 KiB
JSON
{
|
|
"task_id": "2026-04-24-action-csrf-centralization-step3",
|
|
"issue_summary": "Nach Wave 2 waren in pages/admin noch einzelne Endpunkte mit direkten requestInput()->method() und Session::checkCsrfToken()-Checks vorhanden (JSON/Data und einige User-POST-Endpoints). Ziel ist die komplette Zentralisierung der Request/CSRF-Guards in pages/admin.",
|
|
"affected_layers": ["pages", "core/Support", "tests"],
|
|
"affected_files": [
|
|
{ "path": "core/Support/helpers/request.php", "role": "Action guard helpers (POST/CSRF) extended for JSON-focused endpoints" },
|
|
{ "path": "pages/admin/users/theme().php", "role": "User theme switch endpoint (POST + optional JSON)" },
|
|
{ "path": "pages/admin/users/switch-tenant().php", "role": "Tenant context switch endpoint (POST + optional JSON)" },
|
|
{ "path": "pages/admin/session-ping/data().php", "role": "JSON keepalive endpoint (POST-only + CSRF)" },
|
|
{ "path": "pages/admin/tenants/ldap-test-connection/data().php", "role": "JSON LDAP test endpoint (POST-only + CSRF)" },
|
|
{ "path": "pages/admin/users/create().php", "role": "User create form action (POST + CSRF)" },
|
|
{ "path": "pages/admin/users/bulk($action).php", "role": "Bulk user mutation endpoint (JSON + CSRF)" },
|
|
{ "path": "pages/admin/users/api-token-create($id).php", "role": "API token create action (POST + CSRF)" },
|
|
{ "path": "pages/admin/users/api-token-revoke($id).php", "role": "API token revoke action (POST + CSRF)" },
|
|
{ "path": "pages/admin/imports/index().php", "role": "Import multi-stage POST flow with in-page error rendering" },
|
|
{ "path": "tests/Architecture/AdminActionRequestGuardContractTest.php", "role": "New architecture contract to block direct legacy method/csrf checks in pages/admin" }
|
|
],
|
|
"existing_patterns": [
|
|
"Most admin actions already migrated to actionRequirePost/actionRequireCsrf in waves 1+2",
|
|
"Remaining inline checks were concentrated in a small set of JSON/data and legacy user actions",
|
|
"Some endpoints need JSON payload/status customization and non-redirect CSRF failure handling"
|
|
],
|
|
"related_tests": [
|
|
"tests/Architecture/AdminActionRequestGuardContractTest.php",
|
|
"tests/Architecture/PostEndpointCsrfContractTest.php",
|
|
"tests/Architecture/PostRedirectGetContractTest.php",
|
|
"tests/Architecture/AuthzAdminSettingsContractTest.php",
|
|
"tests/Architecture/AuthzAdminMasterDataContractTest.php",
|
|
"tests/Architecture/AuthzAdminUsersContractTest.php"
|
|
],
|
|
"security_surface": {
|
|
"authz_relevant": true,
|
|
"tenant_scope_relevant": true,
|
|
"input_handling": true,
|
|
"crypto_relevant": false,
|
|
"file_upload_relevant": false,
|
|
"notes": "Focus remains on GR-SEC-001 CSRF hardening and preserving existing authz / redirect/json behavior."
|
|
},
|
|
"assumptions": [
|
|
"Scope is strictly pages/admin completion; non-admin pages and module pages are out-of-scope for this step.",
|
|
"Existing JSON response payload shapes must be preserved where already consumed by frontend code.",
|
|
"No service/repository business logic changes are required."
|
|
],
|
|
"risks_discovered": [
|
|
"JSON-only data endpoints need helper support beyond default Request::wantsJson detection and default payload shape.",
|
|
"imports/index keeps CSRF errors in-page (non-redirect), requiring non-redirect helper mode.",
|
|
"api-token create/revoke previously had no explicit POST method guard; adding it must keep redirect behavior safe."
|
|
]
|
|
}
|