stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
822a92faeebbceea6fa005b7eddb7572a8b29b41
git.stella-ops.org/docs/features/checked/concelier/concelier-tenant-scoping.md
master 9ca2de05df more features checks. setup improvements
2026-02-13 02:04:55 +02:00

34 lines
2.1 KiB
Markdown
Raw Blame History

# Concelier Tenant Scoping
## Module
Concelier
## Status
VERIFIED
## Description
Tenant-scoped advisory data isolation with scope normalization and capabilities endpoint for multi-tenant Concelier deployments. Not in the known list as a Concelier-specific feature.
## Implementation Details
- **Modules**: `src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/`
- **Key Classes**:
- `TenantScopeNormalizer` (`src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantScopeNormalizer.cs`) - normalizes tenant scope identifiers for consistent isolation
- `LinkNotMergeTenantCapabilitiesProvider` (`src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantCapabilitiesEndpoint.cs`) - exposes tenant capabilities including LNM support
- `TenantScopeException` (`src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantScope.cs`) - exception for tenant scope violations
- **Interfaces**: `ITenantCapabilitiesProvider`
- **Source**: Sprint 0115 (batch_14/file_16.md)
## E2E Test Plan
- [x] Create advisories under tenant A and verify they are not visible to tenant B
- [x] Verify `TenantScopeNormalizer` normalizes different scope formats to a canonical form
- [x] Verify capabilities endpoint: query tenant capabilities and confirm LNM feature availability is reported
- [x] Verify scope violation: attempt cross-tenant access and confirm `TenantScopeException` is thrown
## Verification
- **Run ID**: run-002 (deep verification)
- **Date**: 2026-02-13
- **Result**: PASS - Deep behavioral verification with 63 NEW unit tests written.
- WebService.Tests 215/215: TenantAllowlistTests (13) + ObservationsEndpoint tenant-scoped integration test (1).
- Core.Tests 515/517 (2 pre-existing FeedSnapshotPinningService failures, unrelated): 63 new tests for TenantScopeNormalizer (30 tests: URN normalization, extraction, equality, cross-tenant validation), LinkNotMergeTenantCapabilitiesProvider (14 tests: LNM mode, merge override, scope enforcement, expiry), TenantScope (19 tests: validation, CanRead/CanWrite/CanAdmin, URN generation).
- **Previous Run**: run-001 (shallow verification, WebService.Tests only)
Reference in New Issue View Git Blame Copy Permalink