kawa/Sharepoint-Toolbox
1
0
Fork 0
Code Issues Pull Requests Actions Releases 9 Wiki Activity
Files
9bfdfb77ddcc62c3a744b39ffc4f9c24601edbb9
Sharepoint-Toolbox/.planning/ROADMAP.md
Dev 9bfdfb77dd docs(15-01): complete consolidation data model plan 
- Add 15-01-SUMMARY.md with task commits, decisions, and next phase readiness
- Update STATE.md with decisions and session position
- Update ROADMAP.md phase 15 progress (1/2 plans complete)
- Mark requirement RPT-04 complete in REQUIREMENTS.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-09 11:42:47 +02:00

7.9 KiB
Raw Blame History

Roadmap: SharePoint Toolbox v2

Milestones

  • v1.0 MVP — Phases 1-5 (shipped 2026-04-07) — archive
  • v1.1 Enhanced Reports — Phases 6-9 (shipped 2026-04-08) — archive
  • v2.2 Report Branding & User Directory — Phases 10-14 (shipped 2026-04-09) — archive
  • 🔄 v2.3 Tenant Management & Report Enhancements — Phases 15-19 (in progress)

Phases

v1.0 MVP (Phases 1-5) — SHIPPED 2026-04-07
  • Phase 1: Foundation (8/8 plans) — completed 2026-04-02
  • Phase 2: Permissions (7/7 plans) — completed 2026-04-02
  • Phase 3: Storage and File Operations (8/8 plans) — completed 2026-04-02
  • Phase 4: Bulk Operations and Provisioning (10/10 plans) — completed 2026-04-03
  • Phase 5: Distribution and Hardening (3/3 plans) — completed 2026-04-03
v1.1 Enhanced Reports (Phases 6-9) — SHIPPED 2026-04-08
  • Phase 6: Global Site Selection (5/5 plans) — completed 2026-04-07
  • Phase 7: User Access Audit (10/10 plans) — completed 2026-04-07
  • Phase 8: Simplified Permissions (6/6 plans) — completed 2026-04-07
  • Phase 9: Storage Visualization (4/4 plans) — completed 2026-04-07
v2.2 Report Branding & User Directory (Phases 10-14) — SHIPPED 2026-04-09
  • Phase 10: Branding Data Foundation (3/3 plans) — completed 2026-04-08
  • Phase 11: HTML Export Branding + ViewModel Integration (4/4 plans) — completed 2026-04-08
  • Phase 12: Branding UI Views (3/3 plans) — completed 2026-04-08
  • Phase 13: User Directory ViewModel (2/2 plans) — completed 2026-04-08
  • Phase 14: User Directory View (2/2 plans) — completed 2026-04-09

v2.3 Tenant Management & Report Enhancements (Phases 15-19)

  • Phase 15: Consolidation Data Model (2 plans) — PermissionConsolidator service and merged-row model; zero API calls, pure data shapes
  • Phase 16: Report Consolidation Toggle — Export settings toggle wired to PermissionConsolidator; first user-visible consolidation behavior
  • Phase 17: Group Expansion in HTML Reports — Clickable group expansion in HTML exports with transitive membership resolution
  • Phase 18: Auto-Take Ownership — Global toggle and automatic site collection admin elevation on access denied
  • Phase 19: App Registration & Removal — Automated Entra app registration with guided fallback and clean removal

Phase Details

Phase 15: Consolidation Data Model

Goal: The data shape and merge logic for report consolidation exist and are fully testable in isolation before any UI touches them Depends on: Nothing (no API calls, no UI dependencies) Requirements: RPT-04 Success Criteria (what must be TRUE):

  1. A ConsolidatedPermissionEntry model exists that represents a single user's merged access across multiple locations with identical access levels
  2. A PermissionConsolidator service accepts a flat list of permission rows and returns a consolidated list where duplicate user+level rows are merged
  3. Consolidation logic has unit test coverage — a known 10-row input with 3 duplicate pairs produces the expected 7-row output
  4. Existing HTML export services compile and produce identical output when consolidation is not applied (opt-in, defaults off) Plans: 1/2 plans executed Plans:
  • 15-01-PLAN.md — Models (LocationInfo, ConsolidatedPermissionEntry) + PermissionConsolidator service
  • 15-02-PLAN.md — Unit tests (10 test cases) + full solution build verification

Phase 16: Report Consolidation Toggle

Goal: Users can choose to merge duplicate permission entries per export through a toggle in the export settings dialog Depends on: Phase 15 Requirements: RPT-03 Success Criteria (what must be TRUE):

  1. A consolidation toggle is visible in the export settings dialog (or export options panel) and defaults to OFF
  2. When the toggle is OFF, the exported HTML report is byte-for-byte identical to the pre-v2.3 output
  3. When the toggle is ON, the exported HTML report merges rows for the same user with identical access levels into a single row showing all affected locations
  4. The toggle state is remembered for the session (does not reset between exports within the same session) Plans: TBD

Phase 17: Group Expansion in HTML Reports

Goal: Users can expand SharePoint group entries in HTML reports to see the group's members, including members of nested groups Depends on: Phase 16 Requirements: RPT-01, RPT-02 Success Criteria (what must be TRUE):

  1. SharePoint group rows in the HTML report render as expandable — clicking a group name reveals its member list inline
  2. Member resolution includes transitive membership: nested groups are recursively resolved so every leaf user is shown
  3. Group expansion is triggered at export time via Graph API — the permission scan itself is unchanged
  4. When Graph cannot resolve a group's members (throttled or insufficient scope), the report shows the group row with a "members unavailable" label rather than failing the export Plans: TBD

Phase 18: Auto-Take Ownership

Goal: Users can enable automatic site collection admin elevation so that access-denied sites during scans no longer block audit progress Depends on: Phase 15 Requirements: OWN-01, OWN-02 Success Criteria (what must be TRUE):

  1. A global "Auto-take ownership on access denied" toggle exists in application settings and defaults to OFF
  2. When the toggle is OFF, access-denied sites produce the same error behavior as before v2.3 (no regression)
  3. When the toggle is ON and a scan hits access denied on a site, the app automatically calls Tenant.SetSiteAdmin to elevate ownership and retries the site without interrupting the scan
  4. The scan result for an auto-elevated site is visually distinguishable from a normally-scanned site (e.g., a flag or icon in the results) Plans: TBD

Phase 19: App Registration & Removal

Goal: Users can register and remove the Toolbox's Azure AD application on a target tenant directly from the profile dialog, with a guided fallback when permissions are insufficient Depends on: Phase 18 Requirements: APPREG-01, APPREG-02, APPREG-03, APPREG-04, APPREG-05, APPREG-06 Success Criteria (what must be TRUE):

  1. A "Register App" action is available in the profile create/edit dialog and is the recommended path for new tenant onboarding
  2. Before attempting registration, the app checks for Global Admin role and surfaces a clear message if the signed-in user lacks the required permissions, then presents step-by-step manual registration instructions as a fallback
  3. Registration creates the Azure AD application, service principal, and grants all required API permissions in a single atomic operation — if any step fails, all partial changes are rolled back and the user sees a specific error explaining what failed and why
  4. A "Remove App" action in the profile dialog removes the Azure AD application registration from the target tenant
  5. After removal, all cached MSAL tokens and session state for that tenant are cleared, and subsequent operations require re-authentication Plans: 15-01 (Models + Consolidator), 15-02 (Tests + Build Verification)

Progress

Phase Milestone Plans Status Completed
1-5 v1.0 36/36 Shipped 2026-04-07
6-9 v1.1 25/25 Shipped 2026-04-08
10-14 v2.2 14/14 Shipped 2026-04-09
15. Consolidation Data Model 1/2 In Progress
16. Report Consolidation Toggle v2.3 0/? Not started
17. Group Expansion in HTML Reports v2.3 0/? Not started
18. Auto-Take Ownership v2.3 0/? Not started
19. App Registration & Removal v2.3 0/? Not started
Reference in New Issue View Git Blame Copy Permalink