docs: define milestone v2.3 requirements (12 requirements)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dev
71
.planning/REQUIREMENTS.md
Normal file
71
.planning/REQUIREMENTS.md
Normal file
@@ -0,0 +1,71 @@
|
||||
# Requirements: SharePoint Toolbox v2.3
|
||||
|
||||
**Defined:** 2026-04-09
|
||||
**Core Value:** Administrators can audit and manage SharePoint/Teams permissions and storage across multiple client tenants from a single, reliable desktop application.
|
||||
|
||||
## v2.3 Requirements
|
||||
|
||||
Requirements for v2.3 Tenant Management & Report Enhancements. Each maps to roadmap phases.
|
||||
|
||||
### App Registration
|
||||
|
||||
- [ ] **APPREG-01**: User can register the app on a target tenant from the profile create/edit dialog
|
||||
- [ ] **APPREG-02**: App auto-detects if user has Global Admin permissions before attempting registration
|
||||
- [ ] **APPREG-03**: App creates Azure AD application + service principal + grants required permissions atomically (with rollback on failure)
|
||||
- [ ] **APPREG-04**: User sees guided fallback instructions when auto-registration is not possible (insufficient permissions)
|
||||
- [ ] **APPREG-05**: User can remove the app registration from a target tenant
|
||||
- [ ] **APPREG-06**: App clears cached tokens and sessions when app registration is removed
|
||||
|
||||
### Site Ownership
|
||||
|
||||
- [ ] **OWN-01**: User can enable/disable auto-take-ownership in application settings (global toggle, OFF by default)
|
||||
- [ ] **OWN-02**: App automatically takes site collection admin ownership when encountering access denied during scans (when toggle is ON)
|
||||
|
||||
### Report Enhancements
|
||||
|
||||
- [ ] **RPT-01**: User can expand SharePoint groups in HTML reports to see group members
|
||||
- [ ] **RPT-02**: Group member resolution uses transitive membership to include nested group members
|
||||
- [ ] **RPT-03**: User can enable/disable entry consolidation per export (toggle in export settings)
|
||||
- [ ] **RPT-04**: Consolidated reports merge rows for the same user with identical access levels across multiple locations into a single row
|
||||
|
||||
## Future Requirements
|
||||
|
||||
### Site Ownership (deferred)
|
||||
|
||||
- **OWN-03**: Persistent cleanup-pending list tracking sites where ownership was elevated
|
||||
- **OWN-04**: Startup warning when stale ownership entries exist from previous sessions
|
||||
|
||||
## Out of Scope
|
||||
|
||||
| Feature | Reason |
|
||||
|---------|--------|
|
||||
| Auto-revoke permissions | Liability risk — read-only auditing tool, not remediation |
|
||||
| Real-time ownership monitoring | Requires background service, beyond scope of desktop tool |
|
||||
| Group expansion in CSV reports | CSV format doesn't support expandable sections; consolidation covers the dedup need |
|
||||
| Custom permission scope selection for app registration | Fixed scope set covers all Toolbox features; custom scopes add complexity without value |
|
||||
|
||||
## Traceability
|
||||
|
||||
| Requirement | Phase | Status |
|
||||
|-------------|-------|--------|
|
||||
| APPREG-01 | — | Pending |
|
||||
| APPREG-02 | — | Pending |
|
||||
| APPREG-03 | — | Pending |
|
||||
| APPREG-04 | — | Pending |
|
||||
| APPREG-05 | — | Pending |
|
||||
| APPREG-06 | — | Pending |
|
||||
| OWN-01 | — | Pending |
|
||||
| OWN-02 | — | Pending |
|
||||
| RPT-01 | — | Pending |
|
||||
| RPT-02 | — | Pending |
|
||||
| RPT-03 | — | Pending |
|
||||
| RPT-04 | — | Pending |
|
||||
|
||||
**Coverage:**
|
||||
- v2.3 requirements: 12 total
|
||||
- Mapped to phases: 0
|
||||
- Unmapped: 12
|
||||
|
||||
---
|
||||
*Requirements defined: 2026-04-09*
|
||||
*Last updated: 2026-04-09 after initial definition*
|
||||
Reference in New Issue
Block a user