R2-05 AdminUI authorization (arch-review round 2) #428

Closed
dohertj2 wants to merge 0 commits from r2/05-adminui-authz into master
Owner

Round-2 arch-review plan R2-05 (finding 04/C-1, High — under-gated AdminUI config surfaces; stakes raised because ResilienceConfig rides the config-authoring surface).

  • New AdminUiPolicies constants (single source of truth for the 4 policy names).
  • Two new policies: ConfigEditor (Administrator+Designer) on the 20-page config-authoring surface (incl. all 8 driver pages authoring live ResilienceConfig + /api/script-analysis/*); AuthenticatedRead on the 16 read pages. FleetAdmin/DriverOperator literals→constants.
  • Every routable page carries an explicit named-policy attribute; zero bare [Authorize], zero Roles=.
  • Anti-drift reflection guard PageAuthorizationGuardTests (the no-bUnit substitute) + AdminUiPoliciesTests role matrix.

15/16 tasks; T15 deferred-live (docker-dev DisableLogin=true auto-admin makes role-deny unobservable there — deny proof is CI-side, green). Build clean; AdminUI.Tests 517/517, Security.Tests 80/80. Plan: archreview/plans/R2-05-adminui-authz-plan.md.

Round-2 arch-review plan **R2-05** (finding 04/C-1, High — under-gated AdminUI config surfaces; stakes raised because ResilienceConfig rides the config-authoring surface). - New `AdminUiPolicies` constants (single source of truth for the 4 policy names). - Two new policies: **ConfigEditor** (Administrator+Designer) on the 20-page config-authoring surface (incl. all 8 driver pages authoring live ResilienceConfig + `/api/script-analysis/*`); **AuthenticatedRead** on the 16 read pages. FleetAdmin/DriverOperator literals→constants. - Every routable page carries an explicit named-policy attribute; zero bare `[Authorize]`, zero `Roles=`. - Anti-drift reflection guard `PageAuthorizationGuardTests` (the no-bUnit substitute) + `AdminUiPoliciesTests` role matrix. 15/16 tasks; **T15 deferred-live** (docker-dev DisableLogin=true auto-admin makes role-deny unobservable there — deny proof is CI-side, green). Build clean; AdminUI.Tests 517/517, Security.Tests 80/80. Plan: `archreview/plans/R2-05-adminui-authz-plan.md`.
dohertj2 added 5 commits 2026-07-13 10:11:17 -04:00
Author
Owner

Landed on master via merge commit 12b32065 (local --no-ff merge, STATUS.md conflict resolved additively, clean build barrier). Closing as merged.

Landed on `master` via merge commit `12b32065` (local --no-ff merge, STATUS.md conflict resolved additively, clean build barrier). Closing as merged.
dohertj2 closed this pull request 2026-07-13 10:12:59 -04:00
Some checks are pending
v2-ci / build (pull_request) Successful in 3m50s
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.Host.IntegrationTests) (pull_request) Failing after 3m35s
v2-ci / integration (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.IntegrationTests) (pull_request) Failing after 1m42s
v2-ci / unit-tests (pull_request) Failing after 9m55s

Pull request closed

Sign in to join this conversation.