From d967a8bb65f6ea62a6961340788192f6251d8034 Mon Sep 17 00:00:00 2001 From: Dev Date: Thu, 9 Apr 2026 11:11:25 +0200 Subject: [PATCH] docs: define milestone v2.3 requirements (12 requirements) Co-Authored-By: Claude Opus 4.6 (1M context) --- .planning/REQUIREMENTS.md | 71 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 .planning/REQUIREMENTS.md diff --git a/.planning/REQUIREMENTS.md b/.planning/REQUIREMENTS.md new file mode 100644 index 0000000..bb2581c --- /dev/null +++ b/.planning/REQUIREMENTS.md @@ -0,0 +1,71 @@ +# Requirements: SharePoint Toolbox v2.3 + +**Defined:** 2026-04-09 +**Core Value:** Administrators can audit and manage SharePoint/Teams permissions and storage across multiple client tenants from a single, reliable desktop application. + +## v2.3 Requirements + +Requirements for v2.3 Tenant Management & Report Enhancements. Each maps to roadmap phases. + +### App Registration + +- [ ] **APPREG-01**: User can register the app on a target tenant from the profile create/edit dialog +- [ ] **APPREG-02**: App auto-detects if user has Global Admin permissions before attempting registration +- [ ] **APPREG-03**: App creates Azure AD application + service principal + grants required permissions atomically (with rollback on failure) +- [ ] **APPREG-04**: User sees guided fallback instructions when auto-registration is not possible (insufficient permissions) +- [ ] **APPREG-05**: User can remove the app registration from a target tenant +- [ ] **APPREG-06**: App clears cached tokens and sessions when app registration is removed + +### Site Ownership + +- [ ] **OWN-01**: User can enable/disable auto-take-ownership in application settings (global toggle, OFF by default) +- [ ] **OWN-02**: App automatically takes site collection admin ownership when encountering access denied during scans (when toggle is ON) + +### Report Enhancements + +- [ ] **RPT-01**: User can expand SharePoint groups in HTML reports to see group members +- [ ] **RPT-02**: Group member resolution uses transitive membership to include nested group members +- [ ] **RPT-03**: User can enable/disable entry consolidation per export (toggle in export settings) +- [ ] **RPT-04**: Consolidated reports merge rows for the same user with identical access levels across multiple locations into a single row + +## Future Requirements + +### Site Ownership (deferred) + +- **OWN-03**: Persistent cleanup-pending list tracking sites where ownership was elevated +- **OWN-04**: Startup warning when stale ownership entries exist from previous sessions + +## Out of Scope + +| Feature | Reason | +|---------|--------| +| Auto-revoke permissions | Liability risk — read-only auditing tool, not remediation | +| Real-time ownership monitoring | Requires background service, beyond scope of desktop tool | +| Group expansion in CSV reports | CSV format doesn't support expandable sections; consolidation covers the dedup need | +| Custom permission scope selection for app registration | Fixed scope set covers all Toolbox features; custom scopes add complexity without value | + +## Traceability + +| Requirement | Phase | Status | +|-------------|-------|--------| +| APPREG-01 | — | Pending | +| APPREG-02 | — | Pending | +| APPREG-03 | — | Pending | +| APPREG-04 | — | Pending | +| APPREG-05 | — | Pending | +| APPREG-06 | — | Pending | +| OWN-01 | — | Pending | +| OWN-02 | — | Pending | +| RPT-01 | — | Pending | +| RPT-02 | — | Pending | +| RPT-03 | — | Pending | +| RPT-04 | — | Pending | + +**Coverage:** +- v2.3 requirements: 12 total +- Mapped to phases: 0 +- Unmapped: 12 + +--- +*Requirements defined: 2026-04-09* +*Last updated: 2026-04-09 after initial definition*