kawa/Sharepoint-Toolbox
1
0
Fork 0
Code Issues Pull Requests Actions Releases 9 Wiki Activity
Files
809ac8613bd9bd3b13a5f95d080e242516a2f0c6
Sharepoint-Toolbox/.planning/ROADMAP.md
Dev 69c9d77be3 docs(19-01): complete AppRegistrationService plan execution 
- 19-01-SUMMARY.md: service layer implementation with rollback pattern
- STATE.md: progress 98%, decisions added, session updated
- ROADMAP.md: phase 19 in-progress (1/2 plans)
- REQUIREMENTS.md: APPREG-02, APPREG-03, APPREG-06 marked complete
2026-04-09 15:15:16 +02:00

9.0 KiB
Raw Blame History

Roadmap: SharePoint Toolbox v2

Milestones

  • v1.0 MVP — Phases 1-5 (shipped 2026-04-07) — archive
  • v1.1 Enhanced Reports — Phases 6-9 (shipped 2026-04-08) — archive
  • v2.2 Report Branding & User Directory — Phases 10-14 (shipped 2026-04-09) — archive
  • 🔄 v2.3 Tenant Management & Report Enhancements — Phases 15-19 (in progress)

Phases

v1.0 MVP (Phases 1-5) — SHIPPED 2026-04-07
  • Phase 1: Foundation (8/8 plans) — completed 2026-04-02
  • Phase 2: Permissions (7/7 plans) — completed 2026-04-02
  • Phase 3: Storage and File Operations (8/8 plans) — completed 2026-04-02
  • Phase 4: Bulk Operations and Provisioning (10/10 plans) — completed 2026-04-03
  • Phase 5: Distribution and Hardening (3/3 plans) — completed 2026-04-03
v1.1 Enhanced Reports (Phases 6-9) — SHIPPED 2026-04-08
  • Phase 6: Global Site Selection (5/5 plans) — completed 2026-04-07
  • Phase 7: User Access Audit (10/10 plans) — completed 2026-04-07
  • Phase 8: Simplified Permissions (6/6 plans) — completed 2026-04-07
  • Phase 9: Storage Visualization (4/4 plans) — completed 2026-04-07
v2.2 Report Branding & User Directory (Phases 10-14) — SHIPPED 2026-04-09
  • Phase 10: Branding Data Foundation (3/3 plans) — completed 2026-04-08
  • Phase 11: HTML Export Branding + ViewModel Integration (4/4 plans) — completed 2026-04-08
  • Phase 12: Branding UI Views (3/3 plans) — completed 2026-04-08
  • Phase 13: User Directory ViewModel (2/2 plans) — completed 2026-04-08
  • Phase 14: User Directory View (2/2 plans) — completed 2026-04-09

v2.3 Tenant Management & Report Enhancements (Phases 15-19)

  • Phase 15: Consolidation Data Model (2 plans) — PermissionConsolidator service and merged-row model; zero API calls, pure data shapes (completed 2026-04-09)
  • Phase 16: Report Consolidation Toggle (2 plans) — Export settings toggle wired to PermissionConsolidator; first user-visible consolidation behavior (completed 2026-04-09)
  • Phase 17: Group Expansion in HTML Reports (2 plans) — Clickable group expansion in HTML exports with transitive membership resolution (completed 2026-04-09)
  • Phase 18: Auto-Take Ownership (2 plans) — Global toggle and automatic site collection admin elevation on access denied (completed 2026-04-09)
  • Phase 19: App Registration & Removal (2 plans) — Automated Entra app registration with guided fallback and clean removal

Phase Details

Phase 15: Consolidation Data Model

Goal: The data shape and merge logic for report consolidation exist and are fully testable in isolation before any UI touches them Depends on: Nothing (no API calls, no UI dependencies) Requirements: RPT-04 Success Criteria (what must be TRUE):

  1. A ConsolidatedPermissionEntry model exists that represents a single user's merged access across multiple locations with identical access levels
  2. A PermissionConsolidator service accepts a flat list of permission rows and returns a consolidated list where duplicate user+level rows are merged
  3. Consolidation logic has unit test coverage — a known 10-row input with 3 duplicate pairs produces the expected 7-row output
  4. Existing HTML export services compile and produce identical output when consolidation is not applied (opt-in, defaults off) Plans: 2/2 plans complete Plans:
  • 15-01-PLAN.md — Models (LocationInfo, ConsolidatedPermissionEntry) + PermissionConsolidator service
  • 15-02-PLAN.md — Unit tests (10 test cases) + full solution build verification

Phase 16: Report Consolidation Toggle

Goal: Users can choose to merge duplicate permission entries per export through a toggle in the export settings dialog Depends on: Phase 15 Requirements: RPT-03 Success Criteria (what must be TRUE):

  1. A consolidation toggle is visible in the export settings dialog (or export options panel) and defaults to OFF
  2. When the toggle is OFF, the exported HTML report is byte-for-byte identical to the pre-v2.3 output
  3. When the toggle is ON, the exported HTML report merges rows for the same user with identical access levels into a single row showing all affected locations
  4. The toggle state is remembered for the session (does not reset between exports within the same session) Plans: 2/2 plans complete Plans:
  • 16-01-PLAN.md — ViewModel properties + XAML Export Options GroupBox + localization + CSV consolidation
  • 16-02-PLAN.md — HTML consolidated rendering with expandable location sub-lists + full test verification

Phase 17: Group Expansion in HTML Reports

Goal: Users can expand SharePoint group entries in HTML reports to see the group's members, including members of nested groups Depends on: Phase 16 Requirements: RPT-01, RPT-02 Success Criteria (what must be TRUE):

  1. SharePoint group rows in the HTML report render as expandable — clicking a group name reveals its member list inline
  2. Member resolution includes transitive membership: nested groups are recursively resolved so every leaf user is shown
  3. Group expansion is triggered at export time via Graph API — the permission scan itself is unchanged
  4. When Graph cannot resolve a group's members (throttled or insufficient scope), the report shows the group row with a "members unavailable" label rather than failing the export Plans: 2/2 plans complete Plans:
  • 17-01-PLAN.md — ResolvedMember model + ISharePointGroupResolver service (CSOM + Graph transitive resolution) + DI registration
  • 17-02-PLAN.md — HtmlExportService expandable group pills + toggleGroup JS + PermissionsViewModel wiring

Phase 18: Auto-Take Ownership

Goal: Users can enable automatic site collection admin elevation so that access-denied sites during scans no longer block audit progress Depends on: Phase 15 Requirements: OWN-01, OWN-02 Success Criteria (what must be TRUE):

  1. A global "Auto-take ownership on access denied" toggle exists in application settings and defaults to OFF
  2. When the toggle is OFF, access-denied sites produce the same error behavior as before v2.3 (no regression)
  3. When the toggle is ON and a scan hits access denied on a site, the app automatically calls Tenant.SetSiteAdmin to elevate ownership and retries the site without interrupting the scan
  4. The scan result for an auto-elevated site is visually distinguishable from a normally-scanned site (e.g., a flag or icon in the results) Plans: 2/2 plans complete Plans:
  • 18-01-PLAN.md — Settings toggle + OwnershipElevationService + PermissionEntry.WasAutoElevated flag
  • 18-02-PLAN.md — Scan-loop elevation logic + DataGrid visual differentiation

Phase 19: App Registration & Removal

Goal: Users can register and remove the Toolbox's Azure AD application on a target tenant directly from the profile dialog, with a guided fallback when permissions are insufficient Depends on: Phase 18 Requirements: APPREG-01, APPREG-02, APPREG-03, APPREG-04, APPREG-05, APPREG-06 Success Criteria (what must be TRUE):

  1. A "Register App" action is available in the profile create/edit dialog and is the recommended path for new tenant onboarding
  2. Before attempting registration, the app checks for Global Admin role and surfaces a clear message if the signed-in user lacks the required permissions, then presents step-by-step manual registration instructions as a fallback
  3. Registration creates the Azure AD application, service principal, and grants all required API permissions in a single atomic operation — if any step fails, all partial changes are rolled back and the user sees a specific error explaining what failed and why
  4. A "Remove App" action in the profile dialog removes the Azure AD application registration from the target tenant
  5. After removal, all cached MSAL tokens and session state for that tenant are cleared, and subsequent operations require re-authentication Plans: 1/2 plans executed Plans:
  • 19-01-PLAN.md — IAppRegistrationService + AppRegistrationResult model + TenantProfile.AppId + service implementation + unit tests
  • 19-02-PLAN.md — ViewModel RegisterApp/RemoveApp commands + XAML dialog UI + fallback panel + localization + VM tests

Progress

Phase Milestone Plans Status Completed
1-5 v1.0 36/36 Shipped 2026-04-07
6-9 v1.1 25/25 Shipped 2026-04-08
10-14 v2.2 14/14 Shipped 2026-04-09
15. Consolidation Data Model v2.3 2/2 Complete 2026-04-09
16. Report Consolidation Toggle v2.3 2/2 Complete 2026-04-09
17. Group Expansion in HTML Reports 2/2 Complete 2026-04-09
18. Auto-Take Ownership 2/2 Complete 2026-04-09
19. App Registration & Removal 1/2 In Progress
Reference in New Issue View Git Blame Copy Permalink