Skip to content

[OpenSpec] Authorization RBAC Enhancement#953

Merged
rubenvdlinde merged 2 commits intodevelopmentfrom
feature/951/authorization-rbac-enhancement
Mar 22, 2026
Merged

[OpenSpec] Authorization RBAC Enhancement#953
rubenvdlinde merged 2 commits intodevelopmentfrom
feature/951/authorization-rbac-enhancement

Conversation

@rubenvdlinde
Copy link
Contributor

@rubenvdlinde rubenvdlinde commented Mar 22, 2026

Implements fine-grained RBAC enhancements: register-level authorization cascade, named role definitions, manage action delegation, permission matrix UI, audit logging. Closes #951

@rubenvdlinde
feat: Enrich all 51 OpenSpec specifications with deep research
57258e8 
Enriched all active specs to 10-15+ requirements with 3-5 GIVEN/WHEN/THEN
scenarios each. Research includes codebase analysis, competitor analysis,
Dutch government standards, and ADR compliance.

Moved 8 specs to their correct app homes (redirect stubs remain).
Reframed 6 specs as extensions of existing functionality.
All specs pass openspec validate --strict.
@rubenvdlinde
feat: Add RBAC enhancement with register cascade, named roles, delega…
37516d4 
…tion, and permission matrix

Implement fine-grained role-based access control enhancements:
- Register-level authorization cascade to schemas without own auth config
- Named role definitions stored in register configuration
- Manage action type for authorization delegation
- Permission matrix admin UI (PermissionMatrix.vue)
- Authorization change audit logging (AuthorizationAuditService)
- Bulk role assignment for schemas within a register
- Public access toggle per schema/register

Backend changes span PermissionHandler, MagicRbacHandler, OasService,
SchemasController, and RegistersController. All pass PHPCS strict checks.

Closes #951
@rubenvdlinde rubenvdlinde mentioned this pull request Mar 22, 2026
Open
@github-actions
Copy link
Contributor

github-actions bot commented Mar 22, 2026

Quality Report
Repository ConductionNL/openregister
Commit c06c10c
Branch 953/merge
Event pull_request
Generated 2026-03-22 18:40 UTC
Workflow Run https://github.com/ConductionNL/openregister/actions/runs/23409765798

Summary

Group Result
PHP Quality FAIL
Vue Quality FAIL
Security PASS
License PASS
PHPUnit SKIP
Newman SKIP

PHP Quality

Tool Result
lint PASS
phpcs FAIL
phpmd PASS
psalm PASS
phpstan PASS
phpmetrics PASS

Vue Quality

Tool Result
eslint FAIL
stylelint PASS

Security

Ecosystem Result
composer PASS
npm PASS

License Compliance

Ecosystem Result
composer PASS
npm PASS

composer dependencies (147 total)

Metric Count
Approved (allowlist) 146
Approved (override) 1
Denied 0

npm dependencies (586 total)

Metric Count
Approved (allowlist) 585
Approved (override) 1
Denied 0

PHPUnit Tests

PHPUnit tests were not enabled for this run.

Integration Tests (Newman)

Newman integration tests were not enabled for this run.

Generated automatically by the Quality workflow.

Download the full PDF report from the workflow artifacts.

@rubenvdlinde rubenvdlinde merged commit 16dbaac into development Mar 22, 2026
33 of 37 checks passed
@rubenvdlinde rubenvdlinde deleted the feature/951/authorization-rbac-enhancement branch March 22, 2026 21:20
@remko48 remko48 mentioned this pull request Mar 24, 2026
Merged
@rubenvdlinde rubenvdlinde mentioned this pull request Mar 24, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rubenvdlinde