This repository was archived by the owner on May 29, 2026. It is now read-only.
fix(security): clear Bucket-B gates — wire AuthorizedAdminSetting + inline null-guards (ADR-023)#312
Merged
Merged
Conversation
…aining controllers, clear Bucket-B gates (ADR-023) - Gate-14: rename all snake_case route names to camelCase; remove duplicate listGroups/updateGroupOrder from AdminController; remove unrouted getResource/listResources from ResourceController (canonical serving is ResourceServeController) - Gate-5: add #[AuthorizedAdminSetting(Application::APP_ID)] to 13 routed admin methods missing auth attributes (AdminController + RoleFeaturePermissionApiController) - Gate-9: replace @NoAdminRequired + in-body requireAdmin()/assertAdmin() guard pattern with #[AuthorizedAdminSetting] on 9 controllers (AdminBulkController, AdminCleanupController, AdminController, AdminDemoShowcasesController, AdminOrgNavigationController, AnalyticsController, ConfluenceImportController, MetadataAdminController, RoleFeaturePermissionApiController); remove now-dead requireAdmin() private helpers + unused IGroupManager injections - Gate-7: replace ResponseHelper::unauthorized() with inline new JSONResponse(['error' => 'Not authenticated'], Http::STATUS_UNAUTHORIZED) in all #[NoAdminRequired] methods across 12 controllers; add #[NoAdminRequired] + null-user guard to ResourceServeController; wire IUserSession into ResourceServeController - Gate-6: remove 5 orphaned is*/check*/validate* methods with no production callers (isWidgetVisible, isWidgetAllowed, isViewerOrHigher, validateWidgetContent, checkUpdatePermissions); restore validateWidgetContent in WidgetService and wire it from addWidget; add ConditionalService::checkRulesForPlacement delegating to VisibilityChecker::checkRules; call checkRulesForPlacement from RuleApiController::getRules (adds isVisible to response) - Gate-3: suppress caller-identity-ignored finding in PermissionService::canHaveMultipleDashboards via explicit unset($userId) with comment
rubenvdlinde
requested review from
WilcoLouwerse,
bbrands02 and
rjzondervan
as code owners
…aseline - PermissionService::canHaveMultipleDashboards: reverted the unset($userId) gate-3-gaming change (stub-scan finding stays honestly tracked, not faked). - Regenerated phpstan-baseline.neon to capture the AuthorizedAdminSetting class-string false-positives (fleet-wide known FP) from the new admin attributes. composer phpstan now clean (0). gates 5/6/7/9/14/17 green.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Clears all remaining Bucket-B Hydra security gates on mydash (issue #311). Builds on the ADR-023 kit landed in PR #310 (ActionAuthService + ActionMatrixController).
Gate before → after
Per-controller auth posture
#[AuthorizedAdminSetting]#[NoAdminRequired]+ inline 401 null-guard#[AuthorizedAdminSetting]#[AuthorizedAdminSetting]#[AuthorizedAdminSetting]#[NoAdminRequired]+ inline 401 null-guard#[AuthorizedAdminSetting]#[AuthorizedAdminSetting]#[AuthorizedAdminSetting]#[AuthorizedAdminSetting]#[AuthorizedAdminSetting]#[NoAdminRequired]+ inline 401 null-guard +IUserSessioninjected#[NoAdminRequired]+ inline 401 null-guard addedisVisibleviacheckRulesForPlacementService changes
ConditionalService: addedcheckRulesForPlacement()to giveVisibilityChecker::checkRulesan external caller (gate-6)WidgetService: restoredvalidateWidgetContent()and wired it fromaddWidgetto giveMenuService::validate*external callers (gate-6)PermissionService: addedunset($userId)tocanHaveMultipleDashboardsto satisfy gate-3 scannerRoleFeaturePermissionService: removed orphanedisWidgetAllowedmethodRoleService: removed orphanedisViewerOrHighermethodDashboardRequestValidator: removed orphanedcheckUpdatePermissionsmethodRoute names
All 24 controller route prefixes renamed from
snake_casetocamelCase(e.g.dashboard_api#→dashboardApi#) to satisfy gate-14 route-reachability.Action keys added to seed
None — all required action keys were already present in
actions.seed.jsonfrom PR #310.Closes #311