# Concelier Tenant Scoping ## Module Concelier ## Status VERIFIED ## Description Tenant-scoped advisory data isolation with scope normalization and capabilities endpoint for multi-tenant Concelier deployments. Not in the known list as a Concelier-specific feature. ## Implementation Details - **Modules**: `src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/` - **Key Classes**: - `TenantScopeNormalizer` (`src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantScopeNormalizer.cs`) - normalizes tenant scope identifiers for consistent isolation - `LinkNotMergeTenantCapabilitiesProvider` (`src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantCapabilitiesEndpoint.cs`) - exposes tenant capabilities including LNM support - `TenantScopeException` (`src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantScope.cs`) - exception for tenant scope violations - **Interfaces**: `ITenantCapabilitiesProvider` - **Source**: Sprint 0115 (batch_14/file_16.md) ## E2E Test Plan - [x] Create advisories under tenant A and verify they are not visible to tenant B - [x] Verify `TenantScopeNormalizer` normalizes different scope formats to a canonical form - [x] Verify capabilities endpoint: query tenant capabilities and confirm LNM feature availability is reported - [x] Verify scope violation: attempt cross-tenant access and confirm `TenantScopeException` is thrown ## Verification - **Run ID**: run-002 (deep verification) - **Date**: 2026-02-13 - **Result**: PASS - Deep behavioral verification with 63 NEW unit tests written. - WebService.Tests 215/215: TenantAllowlistTests (13) + ObservationsEndpoint tenant-scoped integration test (1). - Core.Tests 515/517 (2 pre-existing FeedSnapshotPinningService failures, unrelated): 63 new tests for TenantScopeNormalizer (30 tests: URN normalization, extraction, equality, cross-tenant validation), LinkNotMergeTenantCapabilitiesProvider (14 tests: LNM mode, merge override, scope enforcement, expiry), TenantScope (19 tests: validation, CanRead/CanWrite/CanAdmin, URN generation). - **Previous Run**: run-001 (shallow verification, WebService.Tests only)