Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
451 Commits 3 Branches 1 Tag
f2d65d3cd4ad16edf1f58676fecfebeeb2b584c1
Commit Graph

100 Commits

Author SHA1 Message Date
Hartmut 82466a4e34 fix(api): derive secure sse subscriptions 2026-03-30 14:20:18 +02:00
Hartmut f0bea6235d fix(web): reuse project combobox in timeline popovers 2026-03-30 13:34:59 +02:00
Hartmut 58824545fc fix(assistant): align tool metadata with router audiences 2026-03-30 13:18:00 +02:00
Hartmut 94ad3004b7 docs(scope): mark notification follow-up complete 2026-03-30 12:33:54 +02:00
Hartmut 3c4894a966 docs(scope): refresh backlog status after hardening batch 2026-03-30 12:25:56 +02:00
Hartmut a9a01e8df0 test(resource): cover chapter and skill import access 2026-03-30 12:23:35 +02:00
Hartmut d3ad350821 test(assistant): document self-service approval access 2026-03-30 12:20:55 +02:00
Hartmut c9a35452dc fix(blueprint): require planning access for global field defs 2026-03-30 12:18:59 +02:00
Hartmut c82a146f84 docs(scope): add audience scoping backlog 2026-03-30 12:16:16 +02:00
Hartmut 016f862405 fix(holiday-calendar): scope resource holiday reads 2026-03-30 12:10:52 +02:00
Hartmut c7434c968e fix(vacation): scope preview requests to owned resources 2026-03-30 12:07:26 +02:00
Hartmut 22cff9648e test(entitlement): cover self-service and role boundaries 2026-03-30 12:01:34 +02:00
Hartmut 3a29ce4332 fix(blueprint): require planning access for detailed reads 2026-03-30 11:55:43 +02:00
Hartmut b254ab70ba test(auth): cover notification and user router audiences 2026-03-30 11:08:14 +02:00
Hartmut c8e82ac221 feat(settings): restrict AI readiness checks to admins 2026-03-30 11:00:42 +02:00
Hartmut 81a46c81bd feat(blueprint): scope summary reads to planning audience 2026-03-30 10:55:28 +02:00
Hartmut 9b764008c3 feat(management-level): scope reads to planning audience 2026-03-30 10:45:44 +02:00
Hartmut c2ca6a6d0d feat(holiday-calendar): restrict catalog reads to admins 2026-03-30 10:36:05 +02:00
Hartmut 54769ca0f5 feat(utilization-category): scope reads to planning audience 2026-03-30 10:29:40 +02:00
Hartmut ae74700f7c feat(client): scope planning reads to explicit audience 2026-03-30 10:24:52 +02:00
Hartmut 2b514ea962 feat(org-unit): scope structural reads to resource overview 2026-03-30 10:17:57 +02:00
Hartmut 65fe7ce04f feat(assistant): align resource tool visibility with read audiences 2026-03-30 10:11:55 +02:00
Hartmut bd654251f7 feat(master-data): scope detail reads to resource overview 2026-03-30 10:08:44 +02:00
Hartmut 8495b83b3e docs(security): document audience scoping rollout rules 2026-03-30 09:59:33 +02:00
Hartmut 93c4374973 feat(auth): introduce explicit planning read permission 2026-03-30 09:15:07 +02:00
Hartmut a50ca09333 feat(auth): tighten allocation read audiences 2026-03-30 09:03:44 +02:00
Hartmut db45829eca feat(auth): classify planning and resource read audiences 2026-03-30 08:51:07 +02:00
Hartmut f6daf21983 feat(import): harden untrusted spreadsheet boundaries 2026-03-30 08:02:52 +02:00
Hartmut fac8c1c3a5 feat(sse): scope timeline events to affected audiences 2026-03-30 00:40:24 +02:00
Hartmut 819345acfa feat(platform): harden access scoping and delivery baseline 2026-03-30 00:27:31 +02:00
Hartmut 00b936fa1f feat(assistant): extend audit and import parity 2026-03-29 12:56:29 +02:00
Hartmut 47e4d701ff chore(repo): checkpoint current capakraken implementation state 2026-03-29 12:47:12 +02:00
Hartmut beae1a5d6e feat(assistant): add approval inbox and e2e hardening 2026-03-29 10:10:59 +02:00
Hartmut 4f48afe7b4 feat(planning): ship holiday-aware planning and assistant upgrades 2026-03-28 22:49:28 +01:00
Hartmut 1fc1e9f24c feat: AI security controls + PostgreSQL hardening (Week 1 Quick Wins) 
AI Security (EGAI 4.3.1.3, 4.3.1.4, 4.1.3.1, IAAI 3.6.26):
- AI Disclaimer banner in ChatPanel: "AI responses may be inaccurate"
- "AI Generated" violet badge on: chat messages, AI summaries,
  project narratives, AI-generated cover images
- HITL: system prompt now requires explicit user confirmation
  before any data mutation (strongly worded instruction)
- Mutation tool audit logging: all 31 write tools logged with
  tool name, params, userId, userRole via Pino

PostgreSQL Hardening (PG Standard V1.6):
- Audit logging: log_connections, log_disconnections, log_statement=ddl,
  log_min_duration_statement=1000 in docker-compose
- SUPERUSER removal script: scripts/harden-postgres.sh
  (NOSUPERUSER + minimal GRANT for app user)
- Health check: pg_isready -U capakraken -d capakraken
- Documentation: security-architecture.md Section 12 updated

Controls closed: EGAI 4.1.3.1, 4.3.1.3, 4.3.1.4, PG 3.3, 3.5

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 16:18:35 +01:00
Hartmut 3f76211955 docs: full ACN standards compliance audit — 6 standards, ~208 controls 
Browsed and analyzed 6 relevant Accenture security standards:
1. Application Security V7.30 (73% compliant)
2. Generative AI Security V1.1 (~33% - NEW, critical)
3. Agentic AI Security V1.2 (~20% - NEW, critical, 36 MCP controls)
4. PostgreSQL Security V1.6 (~32%)
5. Logging & Auditing (~80%)
6. Access Control (~80%)

Overall: ~99/208 controls compliant (~48%)

Top 10 critical action items identified:
1. HITL for AI mutations (AI can create/delete without confirmation)
2. AI content labeling ("AI Generated" badges)
3. AI disclaimer in chat panel
4. PostgreSQL TLS
5. PostgreSQL audit logging
6. PostgreSQL SUPERUSER removal
7. Prompt injection detection
8. AI tool read/write separation
9. Adversarial testing suite
10. Content filtering on AI outputs

6-week implementation roadmap included.

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 16:08:37 +01:00
Hartmut 6ba3efd7ea docs: ACN Security Standards Applicability Matrix — 19 of ~87 relevant 
Mapped all Accenture IS Standards against CapaKraken tech stack.
19 standards relevant, ~68 not applicable.

Key findings:
- Application Security Standard: 73% compliant (already analyzed)
- Gen AI + Agentic AI Standards: NEW, critical for HartBOT — must read
- PostgreSQL, nginx, Container, DevSecOps: need gap analysis
- 12 action items across 4 priority tiers

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 16:00:23 +01:00
Hartmut cd0c2fe3e2 feat: close 4 more security compliance gaps (46/63 OK, 73%) 
Error-Page Headers (3.3.1.3.03 → OK):
- Cache-Control no-store on ALL routes (API, auth, catch-all)

Proactive Monitoring (3.2.1.04 → OK):
- /api/cron/health-check: DB + Redis check with latency, ADMIN alerts on failure

Security Scanning (3.2.2.7 → improved):
- /api/cron/security-audit: package version check against minimum safe versions

Server Hardening (3.3.1.4 → OK):
- docs/nginx-hardening.conf: complete template (rate limits, SSL, headers)

Database Security (3.3.3 → OK):
- docs/security-architecture.md Section 12: DB auth, isolation, SSL/audit recommendations

Compliance: 46 OK / 5 PARTIAL / 8 TODO / 4 N/A (was 42/9/8/4)

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 15:43:44 +01:00
Hartmut 187c28e01e docs: complete ACN V7.30 compliance report — 63 controls mapped 
42 OK (67%), 9 PARTIAL (14%), 8 TODO (13%), 4 N/A (6%)
Full mapping of all EAPPS controls across 20 categories.

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 15:33:18 +01:00
Hartmut 103ba009b6 docs: ACN Security Compliance Status Report (management summary) 
19/23 controls implemented (83%). 4 open items require external
access (AIR portal, SAST tool, nginx SSH, HTTPS for cookie prefix).

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 15:05:24 +01:00
Hartmut 9d43e4b113 feat: ACN Application Security Standard V7.30 compliance (19/23 items) 
CRITICAL — Authentication & Access:
- TOTP MFA: otpauth-based, QR setup UI, sign-in flow integration,
  admin disable override, /account/security self-service page
- Session Timeouts: 8h absolute (maxAge), 30min idle (updateAge)
- Failed Auth Logging: Pino warn for invalid password/user/totp,
  info for successful login, audit entries for all auth events
- Concurrent Session Limit: ActiveSession model, oldest-kick strategy,
  max 3 per user (configurable in SystemSettings)

CRITICAL — HTTP Security:
- HSTS: max-age=31536000; includeSubDomains
- CSP: script/style/img/font/connect-src with Gemini/OpenAI whitelist
- X-XSS-Protection: 0 (CSP replaces legacy)
- Auth page cache: no-store, no-cache, must-revalidate
- Rate Limiting: 100/15min general API, 5/15min auth (Map-based)

Data Protection:
- XSS Sanitization: DOMPurify on comment bodies
- autocomplete="new-password" on all password/secret fields
- SameSite=Strict on all cookies (Credentials-only, no OAuth)
- File Upload Magic Bytes validation (PNG/JPEG/WebP/GIF/BMP/TIFF)

Logging & Monitoring:
- Login/Logout audit entries (Auth entityType)
- External API call logging with timing (OpenAI, Gemini)
- Input validation failure logging at warn level
- Concurrent session tracking in ActiveSession table

Documentation:
- docs/security-architecture.md (11 sections)
- docs/sdlc.md (CI pipeline, security gates, incident response)
- .gitea/PULL_REQUEST_TEMPLATE.md (security checklist)

Schema: User.totpSecret/totpEnabled, SystemSettings.sessionMaxAge/
sessionIdleTimeout/maxConcurrentSessions, ActiveSession model

Tests: 310 engine + 37 staffing pass. TypeScript clean.

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 14:16:39 +01:00
Hartmut 70ae830623 docs: Accenture Application Security Standard V7.30 compliance ToDo 
Gap analysis of CapaKraken against Accenture AppSec Standard V7.30.
23 action items across 3 priority levels.

Critical (before production): MFA, session timeouts, HSTS, CSP,
rate limiting, Sentry DSN, failed auth logging.

High (30 days): AIR registration, security architecture doc,
SAST/DAST, XSS sanitization, login/logout audit.

Already compliant: SQL injection (Prisma), Argon2 hashing, RBAC,
Zod input validation, audit logging, security headers (partial).

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 13:50:14 +01:00
Hartmut cd78f72f33 chore: full technical rename planarchy → capakraken 
Complete rename of all technical identifiers across the codebase:

Package names (11 packages):
- @planarchy/* → @capakraken/* in all package.json, tsconfig, imports

Import statements: 277 files, 548 occurrences replaced

Database & Docker:
- PostgreSQL user/db: planarchy → capakraken
- Docker volumes: planarchy_pgdata → capakraken_pgdata
- Connection strings updated in docker-compose, .env, CI

CI/CD:
- GitHub Actions workflow: all filter commands updated
- Test database credentials updated

Infrastructure:
- Redis channel: planarchy:sse → capakraken:sse
- Logger service name: planarchy-api → capakraken-api
- Anonymization seed updated
- Start/stop/restart scripts updated

Test data:
- Seed emails: @planarchy.dev → @capakraken.dev
- E2E test credentials: all 11 spec files updated
- Email defaults: @planarchy.app → @capakraken.app
- localStorage keys: planarchy_* → capakraken_*

Documentation: 30+ .md files updated

Verification:
- pnpm install: workspace resolution works
- TypeScript: only pre-existing TS2589 (no new errors)
- Engine: 310/310 tests pass
- Staffing: 37/37 tests pass

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-27 13:18:09 +01:00
Hartmut 0d78fe1770 feat: Sprint 0 — CI/CD pipeline, production Docker, health checks 
CI Pipeline (.github/workflows/ci.yml):
- 5 jobs: typecheck, lint, test, build, e2e (parallel where possible)
- PostgreSQL 16 + Redis 7 service containers for test/e2e
- pnpm store, Turborepo, Playwright browser caching
- Concurrency groups cancel in-progress runs

Production Docker:
- Dockerfile.prod: 3-stage build (deps → build → runtime ~150MB)
- docker-compose.prod.yml: postgres + redis + app with health checks
- .dockerignore for fast builds
- next.config.ts: output: "standalone" for minimal runtime

Health Check Endpoints:
- GET /api/health — liveness probe (200 OK, no deps)
- GET /api/ready — readiness probe (postgres + redis connectivity)

Documentation:
- docs/ci-cd-manual.md — full pipeline manual with troubleshooting
- plan.md — Product Owner strategic plan (bottlenecks, growth, automation)

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-19 20:33:18 +01:00
Hartmut ddec3a927a feat: timeline multi-select, demand popover, resource hover card, merged tooltips, dark mode fixes 
Major timeline enhancements:
- Right-click drag multi-selection with floating action bar (batch delete/assign)
- DemandPopover for demand strip details (replaces broken "Loading" modal)
- ResourceHoverCard on name hover showing skills, rates, role, chapter
- Merged heatmap+vacation tooltips into unified TimelineTooltip component
- Fixed overbooking blink animation (date normalization, z-index ordering)
- Fixed dark mode sticky column bleed-through in project view
- System roles admin page, notification task management, performance review docs

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-18 23:43:51 +01:00
Hartmut eb283147d1 feat: project colors, timeline filters, sidebar fix, GitLooper agent, and misc improvements 
- Fix sidebar double-highlight on /vacations/my (Gitea #6): add isNavItemActive() helper
- Add project color picker (schema + API + modal + timeline rendering)
- Add ProjectCombobox/ResourceCombobox to timeline toolbar
- Show PENDING vacations on timeline with dashed/dimmed style
- Add "show demand projects" preference with localStorage persistence
- Add ProjectAssignmentsTable with total hours/cost columns
- Extend vacation API to accept status arrays
- Add GitLooper formal YAML agent configuration
- Extend user admin with permission overrides UI
- Add delete-assignment use case tests
- Add status-styles.ts shared badge constants
- Centralize formatMoney/formatCents in format.ts

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-17 10:22:52 +01:00
Hartmut f5551e33c7 docs: add security audit, calculation reference, and review report 
Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-15 09:29:19 +01:00
Hartmut 625a842d89 feat: dashboard overhaul, chargeability reports, dispo import enhancements, UI polish 
Dashboard: expanded chargeability widget, resource/project table widgets
with sorting and filters, stat cards with formatMoney integration.

Chargeability: new report client with filtering, chargeability-bookings
use case, updated dashboard overview logic.

Dispo import: TBD project handling, parse-dispo-matrix improvements,
stage-dispo-projects resource value scores, new tests.

Estimates: CommercialTermsEditor component, commercial-terms engine
module, expanded estimate schemas and types.

UI: AppShell navigation updates, timeline filter/toolbar enhancements,
role management improvements, signin page redesign, Tailwind/globals
polish, SystemSettings SMTP section, anonymization support.

Tests: new router tests (anonymization, chargeability, effort-rule,
entitlement, estimate, experience-multiplier, notification, resource,
staffing, vacation).

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-14 23:29:07 +01:00
Hartmut ad0855902b refactor: complete v2 refactoring plan (Phases 1-5) 
Phase 1 — Quick Wins: centralize formatMoney/formatCents, extract
findUniqueOrThrow helper (19 routers), shared Prisma select constants,
useInvalidatePlanningViews hook, status badge consolidation, composite
DB indexes.

Phase 2 — Timeline Split: extract TimelineContext, TimelineResourcePanel,
TimelineProjectPanel; split 28-dep useMemo into 3 focused memos.
TimelineView.tsx reduced from 1,903 to 538 lines.

Phase 3 — Query Performance: server-side filtering for getEntriesView,
remove availability from timeline resource select, SSE event debouncing
(50ms batch window).

Phase 4 — Estimate Workspace: extract 7 tab components and 3 editor
components. EstimateWorkspaceClient 1,298→306 lines,
EstimateWorkspaceDraftEditor 1,205→581 lines.

Phase 5 — Package Cleanup: split commit-dispo-import-batch (1,112→573
lines), extract shared pagination helper with 11 tests.

All tests pass: 209 API, 254 engine, 67 application.

Co-Authored-By: claude-flow <ruv@ruv.net>
 2026-03-14 23:03:42 +01:00
Hartmut dd55d0e78b chore(repo): initialize planarchy workspace 2026-03-14 14:31:09 +01:00