1
0

refactor(actions): introduce action-context helpers (step 1)

Six orthogonal building blocks plus three cluster aggregators in
core/Support/helpers/action_context.php, preparing consolidation of the
~40-60 line vorspiel duplicated across edit/create/view-fragment actions.

Step 1 of a planned 3-step rollout: no production call sites yet —
pages/ and modules/ are untouched. Architecture tests freeze the
building-block signatures and verify drawer-fragment AuthZ parity.

GR-SEC-009 is structurally enforced via the actionDeriveTenantScope
return shape (PHPStan array{scope: 'all'|'list', ids: list<int>});
'all' is unreachable without an explicit can_manage_all_tenants flag.
Aggregator docblocks carry a mandatory CSRF-pairing warning per
GR-SEC-001; actionBuildViewAuth flags the e()-escape obligation per
GR-SEC-010.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-04-25 23:08:52 +02:00
parent 61c1d18e95
commit f9c09f8746
7 changed files with 1225 additions and 0 deletions

View File

@@ -1,4 +1,7 @@
{
"action.context.forbidden": "Zugriff verweigert",
"action.context.model_not_found": "Datensatz nicht gefunden",
"action.context.tenant_scope_violation": "Zugriff außerhalb des erlaubten Mandantenbereichs",
"%d active API tokens": "%d aktive API-Tokens",
"%d active login tokens": "%d aktive Login-Tokens",
"%d API audit entries purged": "%d API-Protokoll-Einträge bereinigt",

View File

@@ -1,4 +1,7 @@
{
"action.context.forbidden": "Access denied",
"action.context.model_not_found": "Record not found",
"action.context.tenant_scope_violation": "Access outside allowed tenant scope",
"%d active API tokens": "%d active API tokens",
"%d active login tokens": "%d active login tokens",
"%d API audit entries purged": "%d API log entries purged",