stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9ca2de05dff9c7db11eb49df6d4e47bbfe7a99f6
git.stella-ops.org/docs/features/checked/concelier/concelier-tenant-scoping.md
master 9ca2de05df more features checks. setup improvements
2026-02-13 02:04:55 +02:00

2.1 KiB
Raw Blame History

Concelier Tenant Scoping

Module

Concelier

Status

VERIFIED

Description

Tenant-scoped advisory data isolation with scope normalization and capabilities endpoint for multi-tenant Concelier deployments. Not in the known list as a Concelier-specific feature.

Implementation Details

  • Modules: src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/
  • Key Classes:
    • TenantScopeNormalizer (src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantScopeNormalizer.cs) - normalizes tenant scope identifiers for consistent isolation
    • LinkNotMergeTenantCapabilitiesProvider (src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantCapabilitiesEndpoint.cs) - exposes tenant capabilities including LNM support
    • TenantScopeException (src/Concelier/__Libraries/StellaOps.Concelier.Core/Tenancy/TenantScope.cs) - exception for tenant scope violations
  • Interfaces: ITenantCapabilitiesProvider
  • Source: Sprint 0115 (batch_14/file_16.md)

E2E Test Plan

  • Create advisories under tenant A and verify they are not visible to tenant B
  • Verify TenantScopeNormalizer normalizes different scope formats to a canonical form
  • Verify capabilities endpoint: query tenant capabilities and confirm LNM feature availability is reported
  • Verify scope violation: attempt cross-tenant access and confirm TenantScopeException is thrown

Verification

  • Run ID: run-002 (deep verification)
  • Date: 2026-02-13
  • Result: PASS - Deep behavioral verification with 63 NEW unit tests written.
    • WebService.Tests 215/215: TenantAllowlistTests (13) + ObservationsEndpoint tenant-scoped integration test (1).
    • Core.Tests 515/517 (2 pre-existing FeedSnapshotPinningService failures, unrelated): 63 new tests for TenantScopeNormalizer (30 tests: URN normalization, extraction, equality, cross-tenant validation), LinkNotMergeTenantCapabilitiesProvider (14 tests: LNM mode, merge override, scope enforcement, expiry), TenantScope (19 tests: validation, CanRead/CanWrite/CanAdmin, URN generation).
  • Previous Run: run-001 (shallow verification, WebService.Tests only)