stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Close admin trust audit gaps and stabilize live sweeps

Browse Source
This commit is contained in:
master
2026-03-12 10:14:00 +02:00
parent a00efb7ab2
commit 6964a046a5
50 changed files with 5968 additions and 2850 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/technical/architecture/console-admin-rbac.md
View File

@@ -72,7 +72,7 @@ Role bundles are grouped by module and map to existing Authority scopes unless n
| Module | Role bundle | Scopes |
| --- | --- | --- |
| Console | `role/console-viewer` | `ui.read` |
| Console | `role/console-admin` | `ui.read`, `ui.admin`, `authority:tenants.read`, `authority:users.read`, `authority:roles.read`, `authority:clients.read`, `authority:tokens.read`, `authority:audit.read`, `authority:branding.read` |
| Console | `role/console-admin` | `ui.read`, `ui.admin`, `authority:tenants.read`, `authority:tenants.write`, `authority:users.read`, `authority:users.write`, `authority:roles.read`, `authority:roles.write`, `authority:clients.read`, `authority:clients.write`, `authority:tokens.read`, `authority:tokens.revoke`, `authority.audit.read`, `authority:branding.read`, `authority:branding.write` |
| Console | `role/console-superadmin` | `ui.read`, `ui.admin`, `authority:tenants.*`, `authority:users.*`, `authority:roles.*`, `authority:clients.*`, `authority:tokens.*`, `authority:audit.read`, `authority:branding.*` |
| Scanner | `role/scanner-viewer` | `scanner:read`, `findings:read`, `aoc:verify` |
| Scanner | `role/scanner-operator` | `scanner:read`, `scanner:scan`, `scanner:export`, `findings:read`, `aoc:verify` |
@@ -155,7 +155,7 @@ Scanner scopes are not yet defined in Authority. They are proposed as `scanner:r
Scheduler scopes are not yet defined in Authority. They are proposed as `scheduler:read`, `scheduler:operate`, and `scheduler:admin` and must be added to Authority constants, discovery metadata, and gateway enforcement.
Authority admin scopes (partial): `authority:tenants.read` exists. Must add: `authority:tenants.write`, `authority:users.read`, `authority:users.write`, `authority:roles.read`, `authority:roles.write`, `authority:clients.read`, `authority:clients.write`, `authority:tokens.read`, `authority:tokens.revoke`, `authority:branding.read`, `authority:branding.write`.
Authority admin scopes are now part of the local bootstrap console client and the seeded console-admin bundle: `authority:tenants.read|write`, `authority:users.read|write`, `authority:roles.read|write`, `authority:clients.read|write`, `authority:tokens.read|revoke`, `authority:branding.read|write`, and `authority.audit.read`.
UI admin scope: `ui.admin` must be added to Authority constants.

5
docs/technical/architecture/console-branding.md
View File

@@ -31,6 +31,11 @@ Constraints:
- Only `image/svg+xml`, `image/png`, or `image/jpeg` accepted.
- Theme tokens restricted to a whitelist (no arbitrary CSS).
Persistence contract:
- Authority persists branding under `authority.tenants.settings.consoleBranding`.
- The stored record contains `displayName`, `logoUri`, `faviconUri`, `themeTokens`, `updatedAtUtc`, `updatedBy`, and `hash`.
- `GET /console/branding` and `GET /console/admin/branding` must read the persisted record first and only fall back to static defaults when no tenant record exists yet.
## 4. Configuration Layering
1. **Static defaults** from `/config.json`.
2. **Tenant branding** from Authority after login.