From 406ede19ddecbcdf1a10c690cbea854210fa0fe3 Mon Sep 17 00:00:00 2001 From: Joseph Doherty Date: Tue, 2 Jun 2026 04:25:02 -0400 Subject: [PATCH] plan(phase1): ScadaBridge re-arch C2 done+reviewed (mgmt+CLI onto seam); C3 next --- .../2026-06-02-auth-audit-normalization-phase1.md | 10 +++++++++- .../2026-06-02-auth-audit-normalization.md.tasks.json | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/docs/plans/2026-06-02-auth-audit-normalization-phase1.md b/docs/plans/2026-06-02-auth-audit-normalization-phase1.md index 2d8b8ca..d2f5429 100644 --- a/docs/plans/2026-06-02-auth-audit-normalization-phase1.md +++ b/docs/plans/2026-06-02-auth-audit-normalization-phase1.md @@ -243,7 +243,15 @@ CentralUI blast radius (string keyId + scopes replace int Id + ApprovedApiKeyIds Host.Tests 1 fail → **0**. Green baseline now: build 0/0, Host.Tests 228, Security.Tests 89, InboundAPI 163, CentralUI 584. **NOTE for Phase 2:** `AuditLog.AddAuditLog(IConfiguration)` also takes IConfiguration but is intentionally NOT in the `OptionsTests` scanned set — revisit during audit adoption (Task 2.5), don't silently "fix". -- **C2/C3/C4/C5 — PENDING** (C2 next). +- **C2 — DONE + reviewed** (SB commits `6518e93` rewire, `8219b8e` review fixes). Commons messages int→string keyId + + `Methods` + new `SetApiKeyMethodsCommand`; ManagementActor's 5 API-key handlers + CLI `security api-key` now drive + `IInboundApiKeyAdmin`; ScadaBridge management audit preserved (actor = user.Username; secret/token never audited/logged). + Spec PASS, code-review APPROVED after fixes: not-found now throws `ManagementCommandException` BEFORE audit (no spurious + audit on no-op update/delete/set-methods); empty `Methods` rejected server-side (prevents unusable key on create + stealth- + disable via `set-methods ""`); token advisory→stderr. Green: ManagementService 125, CLI 188, + Security/InboundAPI/Host/ + CentralUI unchanged. CentralUI + SQL Server `ApiKey` entity/repo untouched (C3/C5). +- **C3/C4/C5 — PENDING** (C3 next: CentralUI pages onto the seam — incl. the ApiMethodForm "approved keys ↔ key scopes" + inversion via `GetKeysForMethodAsync`/`SetMethodsAsync`). ## Resolved decisions (2026-06-02) diff --git a/docs/plans/2026-06-02-auth-audit-normalization.md.tasks.json b/docs/plans/2026-06-02-auth-audit-normalization.md.tasks.json index f43617e..6013716 100644 --- a/docs/plans/2026-06-02-auth-audit-normalization.md.tasks.json +++ b/docs/plans/2026-06-02-auth-audit-normalization.md.tasks.json @@ -34,7 +34,7 @@ {"id": 32, "subject": "Task 1.3-L: Extend Auth.ApiKeys admin store (SetScopes/SetEnabled) -> lib 0.1.3 (PUBLISHED)", "status": "completed", "blockedBy": []}, {"id": 33, "subject": "Task 1.3-C1: ScadaBridge re-pin 0.1.3 + IInboundApiKeyAdmin seam (additive) + baseline reds fixed", "status": "completed", "blockedBy": [32]}, - {"id": 34, "subject": "Task 1.3-C2: ManagementActor + CLI + Commons messages onto seam", "status": "pending", "blockedBy": [33]}, + {"id": 34, "subject": "Task 1.3-C2: ManagementActor + CLI + Commons messages onto seam", "status": "completed", "blockedBy": [33]}, {"id": 35, "subject": "Task 1.3-C3: CentralUI pages onto seam (string keyId + scopes)", "status": "pending", "blockedBy": [33]}, {"id": 36, "subject": "Task 1.3-C4: TransportExport exclude API keys (methods-only)", "status": "pending", "blockedBy": [33, 35]}, {"id": 37, "subject": "Task 1.3-C5 (=E): retire SQL Server ApiKey entity + EF migration + runbook", "status": "pending", "blockedBy": [34, 35, 36]}