Skip to content

Feature/plans resources#20

Merged
envoyr merged 8 commits into
mainfrom
feature/plans-resources
Jun 27, 2026
Merged

Feature/plans resources#20
envoyr merged 8 commits into
mainfrom
feature/plans-resources

Conversation

@d00p

@d00p d00p commented Jun 25, 2026

Copy link
Copy Markdown
Member

No description provided.

d00p added 8 commits June 20, 2026 21:36
…signment guard.

- Added `Froxlor\Core\Support\ResourceRegistry` as the central registration and synchronization point for Core and package-defined resources.
- Added `IsTenantResource` and `IsEnvironmentResource` marker traits. Models keep using `IsResource` as the base technical contract and add one or both marker traits to opt into tenant/environment plan scopes.
- Core and standard package model resources are now routed through `ResourceRegistry` before being synchronized by `PlansAndResourcesTableSeeder`.
- Resource key conflicts are rejected per scope before the database unique key is hit.
- Plan limits now follow the intended semantics consistently in assignment checks: `0` means no access, `-1` means unlimited, positive values are finite limits.
- Tenant-user plan assignment now requires a tenant-scope plan that is global or owned by the route tenant.
- Tenant-user explicit plans must be a subset of the tenant's own plan; they cannot grant missing resources, unlimited resources above a finite parent, or finite limits above the parent limit.
- Environment-user plan assignment now requires an environment-scope plan that is global or owned by the route tenant.
- Environment-user explicit plans must be a subset of the environment's plan.
- Tenant/environment user creation paths now validate optional plan assignments through `PlanAssignments`, analogous to role assignment validation through `RoleAssignments`.
- Plan delete operations now reject used plans with a validation response before deletion. This covers `tenants.plan_id`, `environments.plan_id`, `tenant_user.plan_id`, and `environment_user.plan_id`.
- Added global plan-resource API routes for assigning/removing resources on global plans:
  - `GET /api/plans/{plan}/resources`
  - `POST /api/plans/{plan}/resources`
  - `DELETE /api/plans/{plan}/resources/{resource}`
- Added tenant plan-resource API routes for assigning/removing resources on tenant-owned plans:
  - `GET /api/tenants/{tenant}/plans/{plan}/resources`
  - `POST /api/tenants/{tenant}/plans/{plan}/resources`
  - `DELETE /api/tenants/{tenant}/plans/{plan}/resources/{resource}`
- Plan-resource listings return every resource matching the plan type with `assigned` and `limit` metadata for UI editing.
- Plan-resource assignment validates that the resource type matches the plan type.
- Tenant plan-resource assignment validates tenant-scope resource limits against the tenant's own plan.
- Plan-resource attach/detach operations write audit log entries and dispatch `ResourceUpdated` for the plan.
- Added `plans.resources.*` and `tenants.plans.resources.*` permission keys.
- Added PHPUnit coverage for plan assignment scope/type checks, subset-limit checks, unlimited-above-finite denial, assigned-plan delete guards, plan-resource assignment, response metadata, type mismatch denial, parent-limit denial, foreign/global route isolation, unassigned detach validation, and audit logging.
- Added PHPUnit coverage for the resource registry contract, duplicate key detection per scope, and automatic package resource seeding.
- Core, domain, and mail testing seeders now attach package resources to the new deterministic test plans instead of relying on the old generic `Unlimited` plan name.

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
- Resource CRUD operations via /api/resources have been removed.
- GET /api/plans/{plan}/users lists plan usage based on tenant, environment, TenantUser, and EnvironmentUser assignments.
- Deleting an environment plan now also utilizes the central PlanAssignments guard.
- Plan updates now block the `tenant_id` field and prevent changes to the `type` once resources or assignments exist.

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
…tenants. Global plans are no longer directly reusable for child-tenant creation.

- Added `tenant_resource_reservations` for delegated tenant-scope budget. Assigning a tenant-owned plan to a child tenant reserves the enabled plan limits from the parent tenant's available budget.
- Parent tenant availability now subtracts real `tenant_usage` and existing child reservations before a child plan can be assigned.
- Environment create/update now validates selected plans through the central plan-assignment guard using tenant availability, without a separate environment-plan grant table.
- Added PHPUnit coverage for plan assignment scope checks, subset-limit checks, unlimited-above-finite denial, assigned-plan delete guards, plan-resource assignment, response metadata, parent-limit denial, foreign/global route isolation, unassigned detach validation, and audit logging.
- Added PHPUnit coverage for the resource registry contract, duplicate key detection per scope, and automatic package resource seeding.
- Core, domain, and mail testing seeders now attach package resources to the new deterministic test plans instead of relying on the old generic `Unlimited` plan name.

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
…event collisions between identical keys across different scopes.

- Child tenant reservations now capture all enabled plan resources, not just those with `type=tenant`.
- Tenant/environment user plan assignments also compare all plan resources against the parent plan.
- Actual usage remains scope-specific: tenant resources via `tenant_usage`, and environment resources via `env_usage`.

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
  - Limits können reduziert werden, solange bestehende Usage und weiterdelegierte Reservations nicht darüber liegen.
  - Entfernen einer Resource wird abgelehnt, wenn dafür bereits Usage oder Delegation existiert.
  - Child-Tenant-Reservations werden nach erfolgreicher Planänderung synchronisiert.
  - Die alte pauschale Sperre für zugewiesene Pläne ist entfernt.
  - Global zugewiesene Pläne werden gegen aktuelle Usage geprüft, aber nicht fälschlich als Child-Tenant-Reservation behandelt.
  - Tenant-owned Child-Pläne aktualisieren die Parent-Reservations korrekt.
  - Tests decken Erhöhung, Senkung und Ablehnung unterhalb bestehender Usage ab.

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
…ble and correct

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
- Introduce Audit severity based log-methods according to RFC 5424

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
@d00p d00p requested a review from envoyr June 25, 2026 08:55
@d00p d00p self-assigned this Jun 25, 2026
@envoyr envoyr merged commit 16d3b67 into main Jun 27, 2026
2 checks passed
@envoyr envoyr deleted the feature/plans-resources branch June 27, 2026 09:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants