generated from coulomb/repo-seed
CMIS compliance/test foundation
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
|
||||
Date: 2026-05-06
|
||||
|
||||
Status: planned test foundation for CMIS access-point work.
|
||||
Status: initial test foundation established for CMIS access-point work.
|
||||
|
||||
## Purpose
|
||||
|
||||
@@ -17,9 +17,9 @@ harness.
|
||||
|
||||
Planned harness shape:
|
||||
|
||||
- `tests/cmis/examples/` contains deterministic fixture descriptions grouped by
|
||||
CMIS service capability.
|
||||
- `tests/cmis/test_cmis_contract_examples.py` validates mapper and profile
|
||||
- `examples/cmis/` contains deterministic fixture descriptions grouped by CMIS
|
||||
service capability.
|
||||
- `tests/cmis/test_cmis_contract_examples.py` validates fixture and profile
|
||||
behavior without external Java dependencies.
|
||||
- `tests/cmis/opencmis-tck/` contains optional harness config, Maven
|
||||
invocation notes, and selected TCK group mapping.
|
||||
@@ -188,3 +188,10 @@ Validates:
|
||||
No current OASIS certification service was identified during planning. The
|
||||
practical reusable foundation is OpenCMIS TCK/Workbench, plus our own
|
||||
capability-profile contract tests.
|
||||
|
||||
## Established Artifacts
|
||||
|
||||
- `examples/cmis/capability-fixtures.json`
|
||||
- `tests/cmis/test_cmis_contract_examples.py`
|
||||
- `tests/cmis/opencmis-tck/README.md`
|
||||
- `docs/cmis-readiness-gate.md`
|
||||
|
||||
48
docs/cmis-profiled-access-points-implementation.md
Normal file
48
docs/cmis-profiled-access-points-implementation.md
Normal file
@@ -0,0 +1,48 @@
|
||||
# CMIS Profiled Access Points Implementation
|
||||
|
||||
Date: 2026-05-06
|
||||
|
||||
Status: first implementation slice started.
|
||||
|
||||
## Implemented Slice
|
||||
|
||||
`src/kontextual_engine/core/cmis.py` defines the CMIS profile and access-point
|
||||
boundary used by the future API adapter:
|
||||
|
||||
- `CMISBinding`
|
||||
- `CMISCapability`
|
||||
- `CMISAction`
|
||||
- `CMISAccessProfile`
|
||||
- `CMISAccessPoint`
|
||||
|
||||
The layer is intentionally small. It decides whether a CMIS action is allowed
|
||||
for a profile and whether an engine asset may be exposed through an access
|
||||
point. It does not implement CMIS routes and does not duplicate asset storage,
|
||||
metadata, relationship, policy, or audit services.
|
||||
|
||||
## Built-In Profiles
|
||||
|
||||
- `readonly-browser`: Browser Binding read profile over public/internal assets.
|
||||
- `governed-authoring`: Browser Binding profile with selected create/update
|
||||
and content stream mutations.
|
||||
- `admin-export`: service-account-only export profile with broad visibility.
|
||||
- `compat-tck`: Browser Binding profile intended for selected OpenCMIS TCK
|
||||
compatibility tests.
|
||||
|
||||
## Enforcement Boundary
|
||||
|
||||
Profiles can restrict exposure by:
|
||||
|
||||
- CMIS capability,
|
||||
- mutation allowance,
|
||||
- actor type,
|
||||
- sensitivity,
|
||||
- asset type,
|
||||
- topic,
|
||||
- source system,
|
||||
- metadata deny rules.
|
||||
|
||||
Decisions return existing `PolicyDecision` objects so later CMIS routes can
|
||||
emit compatible diagnostics and audit records without inventing another policy
|
||||
model.
|
||||
|
||||
37
docs/cmis-readiness-gate.md
Normal file
37
docs/cmis-readiness-gate.md
Normal file
@@ -0,0 +1,37 @@
|
||||
# CMIS Implementation Readiness Gate
|
||||
|
||||
Date: 2026-05-06
|
||||
|
||||
Status: ready for `KONT-WP-0012` implementation planning.
|
||||
|
||||
## Required Before Implementation
|
||||
|
||||
- CMIS target version is fixed at OASIS CMIS 1.1.
|
||||
- Browser Binding is the first implementation target.
|
||||
- AtomPub and Web Services bindings are explicitly deferred.
|
||||
- Capability examples are grouped in `examples/cmis/capability-fixtures.json`.
|
||||
- Internal fixture contract tests validate profile expectations.
|
||||
- OpenCMIS TCK is documented as an optional external harness.
|
||||
- The first implementation profile is constrained to profile-scoped Browser
|
||||
Binding behavior rather than full CMIS certification claims.
|
||||
|
||||
## First Implementation Slice
|
||||
|
||||
Implement the profile and mapper layer before routes:
|
||||
|
||||
1. Profile model and access-point configuration.
|
||||
2. CMIS object/type/capability projection over existing engine services.
|
||||
3. Profile-scoped visibility denial and mutation policy.
|
||||
4. Browser Binding read routes.
|
||||
5. Governed mutation routes.
|
||||
6. Optional OpenCMIS TCK compatibility profile.
|
||||
|
||||
## Non-Goals For The First Slice
|
||||
|
||||
- Full AtomPub support.
|
||||
- Full SOAP/Web Services support.
|
||||
- Full CMIS SQL grammar.
|
||||
- Full private-working-copy versioning semantics.
|
||||
- Legal hold or retention mutation semantics.
|
||||
- General-purpose CMIS certification claim.
|
||||
|
||||
Reference in New Issue
Block a user