kawa/Sharepoint-Toolbox
1
0
Fork 0
Code Issues Pull Requests Actions Releases 9 Wiki Activity

docs(18): create phase plan for auto-take-ownership

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Dev
2026-04-09 14:15:15 +02:00
parent 997086cf07
commit dbb59d119b
3 changed files with 631 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

329
.planning/phases/18-auto-take-ownership/18-02-PLAN.md Normal file
View File

@@ -0,0 +1,329 @@
---
phase: 18-auto-take-ownership
plan: 02
type: execute
wave: 2
depends_on: ["18-01"]
files_modified:
- SharepointToolbox/ViewModels/Tabs/PermissionsViewModel.cs
- SharepointToolbox/Views/Tabs/PermissionsView.xaml
- SharepointToolbox/Localization/Strings.resx
- SharepointToolbox/Localization/Strings.fr.resx
- SharepointToolbox.Tests/ViewModels/PermissionsViewModelOwnershipTests.cs
autonomous: true
requirements:
- OWN-02
must_haves:
truths:
- "When toggle OFF, access-denied exceptions propagate normally (no elevation attempt)"
- "When toggle ON and scan hits access denied, app calls ElevateAsync once then retries ScanSiteAsync"
- "Successful scans never call ElevateAsync"
- "Auto-elevated entries have WasAutoElevated=true in the results"
- "Auto-elevated rows are visually distinct in the DataGrid (amber highlight)"
artifacts:
- path: "SharepointToolbox/ViewModels/Tabs/PermissionsViewModel.cs"
provides: "Scan-loop catch/elevate/retry logic"
contains: "ServerUnauthorizedAccessException"
- path: "SharepointToolbox/Views/Tabs/PermissionsView.xaml"
provides: "Visual differentiation for auto-elevated rows"
contains: "WasAutoElevated"
- path: "SharepointToolbox.Tests/ViewModels/PermissionsViewModelOwnershipTests.cs"
provides: "Unit tests for elevation behavior"
contains: "PermissionsViewModelOwnershipTests"
key_links:
- from: "SharepointToolbox/ViewModels/Tabs/PermissionsViewModel.cs"
to: "SharepointToolbox/Services/IOwnershipElevationService.cs"
via: "ElevateAsync call inside catch block"
pattern: "ElevateAsync"
- from: "SharepointToolbox/ViewModels/Tabs/PermissionsViewModel.cs"
to: "SharepointToolbox/Services/SettingsService.cs"
via: "Reading AutoTakeOwnership toggle state"
pattern: "AutoTakeOwnership"
- from: "SharepointToolbox/Views/Tabs/PermissionsView.xaml"
to: "SharepointToolbox/Core/Models/PermissionEntry.cs"
via: "DataTrigger on WasAutoElevated"
pattern: "WasAutoElevated"
---
<objective>
Wire the auto-elevation logic into the permission scan loop: catch ServerUnauthorizedAccessException, call Tenant.SetSiteAdmin via IOwnershipElevationService, retry the scan, and tag returned entries with WasAutoElevated=true. Add visual differentiation in the DataGrid.
Purpose: Complete OWN-02 — scans no longer block on access-denied sites when the toggle is ON.
Output: PermissionsViewModel catches access denied and auto-elevates, DataGrid shows amber highlight for elevated rows.
</objective>
<execution_context>
@C:/Users/SebastienQUEROL/.claude/get-shit-done/workflows/execute-plan.md
@C:/Users/SebastienQUEROL/.claude/get-shit-done/templates/summary.md
</execution_context>
<context>
@.planning/ROADMAP.md
@.planning/STATE.md
@.planning/phases/18-auto-take-ownership/18-RESEARCH.md
@.planning/phases/18-auto-take-ownership/18-01-SUMMARY.md
<interfaces>
<!-- From Plan 01 outputs -->
From SharepointToolbox/Services/IOwnershipElevationService.cs:
```csharp
public interface IOwnershipElevationService
{
Task ElevateAsync(ClientContext tenantAdminCtx, string siteUrl, string loginName, CancellationToken ct);
}
```
From SharepointToolbox/Core/Models/PermissionEntry.cs (after Plan 01):
```csharp
public record PermissionEntry(
string ObjectType, string Title, string Url,
bool HasUniquePermissions, string Users, string UserLogins,
string PermissionLevels, string GrantedThrough, string PrincipalType,
bool WasAutoElevated = false
);
```
From SharepointToolbox/Core/Models/AppSettings.cs (after Plan 01):
```csharp
public class AppSettings
{
public string DataFolder { get; set; } = string.Empty;
public string Lang { get; set; } = "en";
public bool AutoTakeOwnership { get; set; } = false;
}
```
From SharepointToolbox/ViewModels/Tabs/PermissionsViewModel.cs (existing scan loop):
```csharp
// Lines 202-237: RunOperationAsync — foreach (var url in nonEmpty)
// Creates TenantProfile per URL, gets ctx via _sessionManager.GetOrCreateContextAsync
// Calls _permissionsService.ScanSiteAsync(ctx, scanOptions, progress, ct)
// Adds entries to allEntries
// Constructor (production): IPermissionsService, ISiteListService, ISessionManager,
// CsvExportService, HtmlExportService, IBrandingService, ILogger, ISharePointGroupResolver?
// Constructor (test): IPermissionsService, ISiteListService, ISessionManager, ILogger, IBrandingService?
```
From SharepointToolbox/App.xaml.cs (DI):
```csharp
// Line 119-124: PermissionsViewModel registered as AddTransient
// IOwnershipElevationService registered by Plan 01
```
</interfaces>
</context>
<tasks>
<task type="auto" tdd="true">
<name>Task 1: Scan-loop elevation logic + PermissionsViewModel wiring + tests</name>
<files>
SharepointToolbox/ViewModels/Tabs/PermissionsViewModel.cs,
SharepointToolbox/App.xaml.cs,
SharepointToolbox.Tests/ViewModels/PermissionsViewModelOwnershipTests.cs
</files>
<behavior>
- Test: When AutoTakeOwnership=false and ScanSiteAsync throws ServerUnauthorizedAccessException, the exception propagates (not caught)
- Test: When AutoTakeOwnership=true and ScanSiteAsync throws ServerUnauthorizedAccessException, ElevateAsync is called once with correct args, then ScanSiteAsync retried
- Test: When ScanSiteAsync succeeds on first try, ElevateAsync is never called
- Test: After successful elevation+retry, returned PermissionEntry items have WasAutoElevated=true
- Test: If elevation itself throws, the exception propagates (no infinite retry)
</behavior>
<action>
1. Add `IOwnershipElevationService? _ownershipService` and `SettingsService _settingsService` fields to `PermissionsViewModel`. Inject `IOwnershipElevationService?` as an optional last parameter in the production constructor (matching the `ISharePointGroupResolver?` pattern). Inject `SettingsService` as a required parameter.
2. Update both constructors:
- Production constructor: add `SettingsService settingsService` (required) and `IOwnershipElevationService? ownershipService = null` (optional, last).
- Test constructor: add `SettingsService? settingsService = null` and `IOwnershipElevationService? ownershipService = null` as optional params.
3. Update DI registration in `App.xaml.cs` — no change needed if using optional injection (DI resolves registered services automatically). But verify the constructor parameter order matches DI expectations. If needed, add explicit resolution.
4. Add a `DeriveAdminUrl` internal static helper method in `PermissionsViewModel`:
```csharp
internal static string DeriveAdminUrl(string tenantUrl)
{
var uri = new Uri(tenantUrl.TrimEnd('/'));
var host = uri.Host;
if (host.Contains("-admin.sharepoint.com", StringComparison.OrdinalIgnoreCase))
return tenantUrl;
var adminHost = host.Replace(".sharepoint.com", "-admin.sharepoint.com",
StringComparison.OrdinalIgnoreCase);
return $"{uri.Scheme}://{adminHost}";
}
```
5. Modify `RunOperationAsync` scan loop (lines 221-237). Replace the direct `ScanSiteAsync` call with a try/catch pattern. Catch BOTH `ServerUnauthorizedAccessException` and `WebException` with 403 status (see Pitfall 4 in RESEARCH.md). Use `when` filter to check toggle state:
```csharp
foreach (var url in nonEmpty)
{
ct.ThrowIfCancellationRequested();
progress.Report(new OperationProgress(i, nonEmpty.Count, $"Scanning {url}..."));
var profile = new TenantProfile
{
TenantUrl = url,
ClientId = _currentProfile?.ClientId ?? string.Empty,
Name = _currentProfile?.Name ?? string.Empty
};
bool wasElevated = false;
IReadOnlyList<PermissionEntry> siteEntries;
try
{
var ctx = await _sessionManager.GetOrCreateContextAsync(profile, ct);
siteEntries = await _permissionsService.ScanSiteAsync(ctx, scanOptions, progress, ct);
}
catch (Exception ex) when (IsAccessDenied(ex) && _ownershipService != null && await IsAutoTakeOwnershipEnabled())
{
_logger.LogWarning("Access denied on {Url}, auto-elevating ownership...", url);
var adminUrl = DeriveAdminUrl(_currentProfile?.TenantUrl ?? url);
var adminProfile = new TenantProfile
{
TenantUrl = adminUrl,
ClientId = _currentProfile?.ClientId ?? string.Empty,
Name = _currentProfile?.Name ?? string.Empty
};
var adminCtx = await _sessionManager.GetOrCreateContextAsync(adminProfile, ct);
// Get current user login from the site context
var siteProfile = profile;
var siteCtx = await _sessionManager.GetOrCreateContextAsync(siteProfile, ct);
siteCtx.Load(siteCtx.Web, w => w.CurrentUser);
await siteCtx.ExecuteQueryAsync();
var loginName = siteCtx.Web.CurrentUser.LoginName;
await _ownershipService.ElevateAsync(adminCtx, url, loginName, ct);
// Retry scan with fresh context
var retryCtx = await _sessionManager.GetOrCreateContextAsync(profile, ct);
siteEntries = await _permissionsService.ScanSiteAsync(retryCtx, scanOptions, progress, ct);
wasElevated = true;
}
if (wasElevated)
allEntries.AddRange(siteEntries.Select(e => e with { WasAutoElevated = true }));
else
allEntries.AddRange(siteEntries);
i++;
}
```
6. Add the `IsAccessDenied` helper (private static):
```csharp
private static bool IsAccessDenied(Exception ex)
{
if (ex is Microsoft.SharePoint.Client.ServerUnauthorizedAccessException) return true;
if (ex is System.Net.WebException webEx && webEx.Response is System.Net.HttpWebResponse resp
&& resp.StatusCode == System.Net.HttpStatusCode.Forbidden) return true;
return false;
}
```
7. Add the `IsAutoTakeOwnershipEnabled` helper (private async):
```csharp
private async Task<bool> IsAutoTakeOwnershipEnabled()
{
if (_settingsService == null) return false;
var settings = await _settingsService.GetSettingsAsync();
return settings.AutoTakeOwnership;
}
```
8. Create `PermissionsViewModelOwnershipTests.cs` with mock IPermissionsService, ISessionManager, IOwnershipElevationService, and SettingsService. Test all 5 behaviors listed above. Use the internal test constructor. For the "throws ServerUnauthorizedAccessException" test, configure mock ScanSiteAsync to throw on first call then return entries on second call.
IMPORTANT: The `when` clause with `await` requires C# 8+ async exception filters. If the compiler rejects `await` in `when`, refactor to check settings BEFORE the try block: `var autoOwn = await IsAutoTakeOwnershipEnabled();` then use `when (IsAccessDenied(ex) && _ownershipService != null && autoOwn)`.
</action>
<verify>
<automated>dotnet build SharepointToolbox.sln && dotnet test SharepointToolbox.Tests --no-build --filter "FullyQualifiedName~PermissionsViewModelOwnership"</automated>
</verify>
<done>PermissionsViewModel catches access-denied during scans, auto-elevates via IOwnershipElevationService when toggle is ON, retries the scan, and tags entries with WasAutoElevated=true. Toggle OFF = no change in behavior. All 5 test scenarios pass.</done>
</task>
<task type="auto">
<name>Task 2: DataGrid visual differentiation + localization for elevated rows</name>
<files>
SharepointToolbox/Views/Tabs/PermissionsView.xaml,
SharepointToolbox/Localization/Strings.resx,
SharepointToolbox/Localization/Strings.fr.resx
</files>
<action>
1. In `PermissionsView.xaml`, add a DataTrigger for `WasAutoElevated` inside the `DataGrid.RowStyle` (after the existing RiskLevel triggers, around line 234):
```xml
<DataTrigger Binding="{Binding WasAutoElevated}" Value="True">
<Setter Property="Background" Value="#FFF9E6" />
<Setter Property="ToolTip" Value="{Binding Source={x:Static loc:TranslationSource.Instance}, Path=[permissions.elevated.tooltip]}" />
</DataTrigger>
```
Note: WasAutoElevated is on `PermissionEntry` (raw mode). When simplified mode is active, `SimplifiedPermissionEntry` wraps `PermissionEntry` — check whether `SimplifiedPermissionEntry.WrapAll` preserves the `WasAutoElevated` flag. If `SimplifiedPermissionEntry` does not expose it, the trigger only applies in raw mode (acceptable for v2.3).
2. Add a small indicator column in the DataGrid columns (before "Object Type"), showing a lock icon for elevated rows:
```xml
<DataGridTemplateColumn Header="" Width="24" IsReadOnly="True">
<DataGridTemplateColumn.CellTemplate>
<DataTemplate>
<TextBlock Text="&#x1F513;" FontSize="12" HorizontalAlignment="Center"
Visibility="{Binding WasAutoElevated, Converter={StaticResource BoolToVisibilityConverter}}" />
</DataTemplate>
</DataGridTemplateColumn.CellTemplate>
</DataGridTemplateColumn>
```
If `BoolToVisibilityConverter` is not registered, use a DataTrigger style instead:
```xml
<DataGridTemplateColumn Header="" Width="24" IsReadOnly="True">
<DataGridTemplateColumn.CellTemplate>
<DataTemplate>
<TextBlock Text="&#x26A0;" FontSize="12" HorizontalAlignment="Center">
<TextBlock.Style>
<Style TargetType="TextBlock">
<Setter Property="Visibility" Value="Collapsed" />
<Style.Triggers>
<DataTrigger Binding="{Binding WasAutoElevated}" Value="True">
<Setter Property="Visibility" Value="Visible" />
</DataTrigger>
</Style.Triggers>
</Style>
</TextBlock.Style>
</TextBlock>
</DataTemplate>
</DataGridTemplateColumn.CellTemplate>
</DataGridTemplateColumn>
```
3. Add localization keys to `Strings.resx`:
- `permissions.elevated.tooltip` = "This site was automatically elevated — ownership was taken to complete the scan"
4. Add French translation to `Strings.fr.resx`:
- `permissions.elevated.tooltip` = "Ce site a ete eleve automatiquement — la propriete a ete prise pour completer le scan"
</action>
<verify>
<automated>dotnet build SharepointToolbox.sln && dotnet test SharepointToolbox.Tests --filter "FullyQualifiedName~LocaleCompleteness" --no-build</automated>
</verify>
<done>DataGrid rows with WasAutoElevated=true show amber background + warning icon column. Tooltip explains the elevation. EN + FR localization keys present. LocaleCompletenessTests pass.</done>
</task>
</tasks>
<verification>
1. `dotnet build SharepointToolbox.sln` — zero errors
2. `dotnet test SharepointToolbox.Tests --no-build` — full suite green
3. `dotnet test SharepointToolbox.Tests --filter "FullyQualifiedName~PermissionsViewModelOwnership" --no-build` — elevation tests pass
4. `dotnet test SharepointToolbox.Tests --filter "FullyQualifiedName~LocaleCompleteness" --no-build` — locale keys complete
</verification>
<success_criteria>
- Access-denied during scan with toggle ON triggers auto-elevation + retry
- Access-denied during scan with toggle OFF propagates normally
- Successful scans never attempt elevation
- Elevated entries tagged with WasAutoElevated=true
- Elevated rows visually distinct in DataGrid (amber + icon)
- Full test suite green with no regressions
</success_criteria>
<output>
After completion, create `.planning/phases/18-auto-take-ownership/18-02-SUMMARY.md`
</output>