wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10
This commit is contained in:
master
@@ -8,6 +8,10 @@ This dossier summarises the end-to-end runtime topology after the Aggregation-On
|
||||
|
||||
---
|
||||
|
||||
Tenant behavior inventory for Platform endpoints: `docs/modules/platform/tenant-endpoint-classification.md`
|
||||
|
||||
---
|
||||
|
||||
> Need a quick orientation? The [Developer Quickstart](../../dev/onboarding/dev-quickstart.md) (29-Nov-2025 advisory) captures the core repositories, determinism checks, DSSE conventions, and starter tasks that explain how the platform pieces fit together.
|
||||
|
||||
> Testing strategy models and CI lanes live in `docs/technical/testing/testing-strategy-models.md`, with the source catalog in `docs/technical/testing/TEST_CATALOG.yml`.
|
||||
|
||||
32
docs/modules/platform/tenant-endpoint-classification.md
Normal file
32
docs/modules/platform/tenant-endpoint-classification.md
Normal file
@@ -0,0 +1,32 @@
|
||||
# Platform Endpoint Tenant Classification
|
||||
|
||||
## Scope
|
||||
- Service: `src/Platform/StellaOps.Platform.WebService/Endpoints`
|
||||
- Date: 2026-02-22
|
||||
- Purpose: classify endpoint files by tenant behavior and document intentional non-resolver paths.
|
||||
|
||||
## Classification Ledger
|
||||
| Endpoint file | Category | Tenant source | Auth baseline | Notes |
|
||||
| --- | --- | --- | --- | --- |
|
||||
| `AdministrationTrustSigningMutationEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | platform policy groups | Tenant-scoped key/issuer/certificate operations. |
|
||||
| `AnalyticsEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | `PlatformPolicies.AnalyticsRead` | Aggregation paths require tenant context for cache keys and result shaping. |
|
||||
| `ContextEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | `PlatformPolicies.ContextRead/Write` | Context preferences keyed by `(tenant, actor)`. |
|
||||
| `EnvironmentSettingsEndpoints.cs` | global/system | none | `AllowAnonymous` | Setup/bootstrap configuration payload for frontend shell. |
|
||||
| `EnvironmentSettingsAdminEndpoints.cs` | global/system | none | `PlatformPolicies.SetupRead/SetupAdmin` | DB setting overrides are setup-admin operations, not tenant business data. |
|
||||
| `EvidenceThreadEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | evidence policy groups | Evidence queries are tenant-scoped. |
|
||||
| `FederationTelemetryEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | federation policy groups | Consent/status/bundles remain tenant scoped. |
|
||||
| `FunctionMapEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | function-map policy groups | Tenant-scoped function map catalog and operations. |
|
||||
| `IntegrationReadModelEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | `PlatformPolicies.IntegrationsRead` | Feed/vex source projections require tenant context. |
|
||||
| `LegacyAliasEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | same as canonical mapped policies | Compatibility aliases enforce same tenant requirements as canonical endpoints. |
|
||||
| `MigrationAdminEndpoints.cs` | global/system | none | `PlatformPolicies.SetupAdmin` | Migration operations are control-plane/system admin functions. |
|
||||
| `PackAdapterEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | pack adapter policies | Release-pack adaptation paths are tenant-scoped. |
|
||||
| `PlatformEndpoints.cs` | tenant-required business (plus guarded tenant-param admin reads) | `PlatformRequestContextResolver` + route tenant parity check | health/quota/onboarding/preferences/search/metadata policy groups | Route tenant IDs are now validated against resolved tenant (`tenant_forbidden` on mismatch). |
|
||||
| `PolicyInteropEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | policy interop policy groups | Import/export and interop views are tenant-scoped. |
|
||||
| `ReleaseControlEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | release-control policy groups | Bundle/version/materialization operations use tenant-bound store calls. |
|
||||
| `ReleaseReadModelEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | release-read policies | Run/activity/release projections are tenant scoped. |
|
||||
| `ScoreEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | score policies | Score history/replay/verify operations are tenant scoped. |
|
||||
| `SecurityReadModelEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | security-read policies | Finding/disposition projections are tenant scoped. |
|
||||
| `SeedEndpoints.cs` | global/system | none | `PlatformPolicies.SetupAdmin` + `STELLAOPS_ENABLE_DEMO_SEED` gate | Explicitly system/admin for controlled demo seeding. |
|
||||
| `SetupEndpoints.cs` | tenant-aware admin | resolver when available; controlled bootstrap setup context when platform not initialized | setup policy groups | Intentional bootstrap bypass is bounded to setup lifecycle checks. |
|
||||
| `TopologyReadModelEndpoints.cs` | tenant-required business | `PlatformRequestContextResolver` | `PlatformPolicies.TopologyRead` | Topology data assembled from tenant-keyed release control stores. |
|
||||
|
||||
Reference in New Issue
Block a user