dohertj2/lmxopcua
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

DiffViewer ACL section � extend sp_ComputeGenerationDiff with NodeAcl (#196 slice 3) #146

Merged
dohertj2 merged 1 commits from diff-acl-section into v2 2026-04-20 00:39:13 -04:00
Conversation 0 Commits 1 Files Changed 3 +1678 -1
dohertj2 commented 2026-04-20 00:38:51 -04:00
Owner
Copy Link

Closes slice 3 + completes #196. New migration extends sp_ComputeGenerationDiff with NodeAcl rows. Logical id = LdapGroup|ScopeKind|ScopeId so permission-change vs scope-move surface distinctly. LogicalId column widened to nvarchar(128) for the composite key. DiffViewer NodeAcl card description updated (drops proc-extension-pending note). Down migration restores the exact V1 proc text. Full suite green.

Closes slice 3 + completes #196. New migration extends sp_ComputeGenerationDiff with NodeAcl rows. Logical id = LdapGroup|ScopeKind|ScopeId so permission-change vs scope-move surface distinctly. LogicalId column widened to nvarchar(128) for the composite key. DiffViewer NodeAcl card description updated (drops proc-extension-pending note). Down migration restores the exact V1 proc text. Full suite green.
dohertj2 added 1 commit 2026-04-20 00:38:52 -04:00
DiffViewer ACL section — extend sp_ComputeGenerationDiff with NodeAcl rows. Closes the final slice of task #196 (draft-diff ACL section). The DiffViewer already rendered a placeholder "NodeAcl" card from the task #156 refactor; it stayed empty because the stored proc didn't emit NodeAcl rows. This PR lights the card up by adding a fifth UNION to the proc. Logical id for NodeAcl is the composite LdapGroup + ScopeKind + ScopeId triple — format "cn=group|Cluster|scope-id" or "cn=group|Cluster|(cluster)" when ScopeId is null (Cluster-wide rows). That shape means a permission-only change (same group + same scope, PermissionFlags shifted) appears as a single Modified row with the full triple as its identifier, whereas a scope move (same group, new ScopeId) correctly surfaces as Added + Removed of two different logical ids. CHECKSUM signature covers ClusterId + PermissionFlags + Notes so both operator-visible changes (permission bitmask) and audit-tier changes (notes) round-trip through the diff. New migration 20260420000001_ExtendComputeGenerationDiffWithNodeAcl.cs ships both Up (install V2 proc) + Down (restore the exact V1 proc text shipped in 20260417215224_StoredProcedures so the migration is reversible). Row-id column widens from nvarchar(64) to nvarchar(128) in V2 since the composite key (group DN + scope + scope-id) exceeds 64 chars comfortably — narrow column would silently truncate in prod. Designer .cs cloned from the prior migration since the EF model is unchanged; DiffViewer.razor section description updated to drop the "(proc-extension pending)" note it carried since task #156 — the card will now populate live. Admin + Core full-solution build clean. No unit-test changes needed — the existing StoredProceduresTests cover the proc-exec path + would immediately catch any SQL syntax regression on next SQL Server integration run. Task #196 fully closed now — Probe-this-permission (slice 1, PR 144), SignalR invalidation (slice 2, PR 145), draft-diff ACL section (this PR). df0d7c2d84 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
dohertj2 merged commit d1e50db304 into v2 2026-04-20 00:39:13 -04:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
dohertj2
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: dohertj2/lmxopcua#146
Delete Branch "diff-acl-section"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?