generated from coulomb/repo-seed
Crossexamination of utility based on the content management interoperability standard
This commit is contained in:
169
workplans/KONT-WP-0012-cmis-profiled-access-points.md
Normal file
169
workplans/KONT-WP-0012-cmis-profiled-access-points.md
Normal file
@@ -0,0 +1,169 @@
|
||||
---
|
||||
id: KONT-WP-0012
|
||||
type: workplan
|
||||
title: "CMIS Profiled Access Points Implementation"
|
||||
domain: markitect
|
||||
repo: kontextual-engine
|
||||
status: active
|
||||
owner: codex
|
||||
topic_slug: markitect
|
||||
planning_priority: high
|
||||
planning_order: 12
|
||||
created: "2026-05-06"
|
||||
updated: "2026-05-06"
|
||||
state_hub_workstream_id: "d538d68f-17a8-401f-9cdc-d526dd734ddc"
|
||||
---
|
||||
|
||||
# KONT-WP-0012: CMIS Profiled Access Points Implementation
|
||||
|
||||
## Purpose
|
||||
|
||||
Implement a CMIS API extension for `kontextual-engine` that can expose multiple
|
||||
CMIS access points. Each access point has a profile that regulates which CMIS
|
||||
capabilities are available, which data is visible, which mutations are allowed,
|
||||
and which data must never be exposed.
|
||||
|
||||
## Requirement
|
||||
|
||||
It must be possible to allow and expose multiple CMIS access points with
|
||||
different profiles that regulate:
|
||||
|
||||
- which subset of CMIS capabilities are provided on the access point,
|
||||
- which engine data is accessible using the access point,
|
||||
- which data must not be exposed through the access point.
|
||||
|
||||
## Dependency
|
||||
|
||||
Implementation must begin after the assessment, examples, and test foundation
|
||||
from `KONT-WP-0011` are sufficient to define the first profile and regression
|
||||
suite.
|
||||
|
||||
## Architecture Constraint
|
||||
|
||||
CMIS routes are adapters over engine services and policy gates. They must not
|
||||
become a second domain model. Every CMIS access point resolves an
|
||||
`OperationContext`, applies profile rules, authorizes exposure/mutation, and
|
||||
emits audit events.
|
||||
|
||||
## D12.1 - Define CMIS profile and access-point model
|
||||
|
||||
```task
|
||||
id: KONT-WP-0012-T001
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "031c3ce5-bb56-41fb-a014-6a496c280d20"
|
||||
```
|
||||
|
||||
Acceptance:
|
||||
|
||||
- Access-point config includes ID, repository ID, profile name, binding,
|
||||
capability flags, visibility scope, deny rules, mutation policy, and actor
|
||||
context requirements.
|
||||
- Profiles support read-only, governed authoring, admin/export, and TCK
|
||||
compatibility variants.
|
||||
- Profile matching is deterministic and auditable.
|
||||
|
||||
## D12.2 - Implement CMIS domain mapper
|
||||
|
||||
```task
|
||||
id: KONT-WP-0012-T002
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "a4c44471-22a9-40d9-9821-4b78e5ba9360"
|
||||
```
|
||||
|
||||
Acceptance:
|
||||
|
||||
- Engine assets map to CMIS documents/items.
|
||||
- Synthetic folders, paths, object IDs, properties, content streams,
|
||||
relationships, versions, allowable actions, and change tokens are mapped.
|
||||
- Unsupported CMIS features are represented by correct capability flags and
|
||||
structured errors.
|
||||
|
||||
## D12.3 - Implement Browser Binding MVP access point
|
||||
|
||||
```task
|
||||
id: KONT-WP-0012-T003
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "b9f5d790-f291-4613-89da-5d47e7887a9e"
|
||||
```
|
||||
|
||||
Acceptance:
|
||||
|
||||
- Browser Binding routes expose repository info, types, navigation, object read,
|
||||
content stream read, query subset, relationships, and change log.
|
||||
- Route behavior is profile-scoped.
|
||||
- Responses match CMIS Browser Binding expectations for the supported subset.
|
||||
|
||||
## D12.4 - Implement governed authoring operations
|
||||
|
||||
```task
|
||||
id: KONT-WP-0012-T004
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "49716ca7-6a10-43ac-8ac5-ffa1c15b048e"
|
||||
```
|
||||
|
||||
Acceptance:
|
||||
|
||||
- Supported create/update/delete/content stream operations delegate through
|
||||
engine services.
|
||||
- Mutations enforce policy, profile rules, version expectations, and audit.
|
||||
- Read-only profiles reject mutations with CMIS-compatible diagnostics.
|
||||
|
||||
## D12.5 - Implement profile-scoped ACL policy and redaction
|
||||
|
||||
```task
|
||||
id: KONT-WP-0012-T005
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "64289d84-d7a2-4c03-8fa6-5f439bc233fe"
|
||||
```
|
||||
|
||||
Acceptance:
|
||||
|
||||
- Access points can hide assets by classification, owner, topic, lifecycle,
|
||||
source system, metadata, actor, or policy decision.
|
||||
- Denied data is omitted rather than partially leaked.
|
||||
- ACL/allowable action projections reflect engine policy and profile rules.
|
||||
|
||||
## D12.6 - Integrate CMIS compliance fixtures and optional OpenCMIS TCK
|
||||
|
||||
```task
|
||||
id: KONT-WP-0012-T006
|
||||
status: todo
|
||||
priority: medium
|
||||
state_hub_task_id: "2f1e9075-395e-4ed0-9abd-ed7c4ecd774d"
|
||||
```
|
||||
|
||||
Acceptance:
|
||||
|
||||
- Internal CMIS tests run for every profile.
|
||||
- Optional OpenCMIS TCK can target a running CMIS access point.
|
||||
- TCK subset results are captured and mapped back to capability gaps.
|
||||
|
||||
## D12.7 - Document deployment and compatibility posture
|
||||
|
||||
```task
|
||||
id: KONT-WP-0012-T007
|
||||
status: todo
|
||||
priority: medium
|
||||
state_hub_task_id: "a1d28453-2ab7-4d18-8757-6f9ece1674b3"
|
||||
```
|
||||
|
||||
Acceptance:
|
||||
|
||||
- CMIS endpoint setup is documented.
|
||||
- Supported/unsupported CMIS capabilities are documented per profile.
|
||||
- Browser Binding MVP, AtomPub/Web Services deferral, OpenCMIS TCK posture, and
|
||||
known client compatibility notes are explicit.
|
||||
|
||||
## Definition Of Done
|
||||
|
||||
- Multiple CMIS access points can be configured and exposed.
|
||||
- Each access point enforces profile-specific capability and data-visibility
|
||||
rules.
|
||||
- Supported CMIS Browser Binding subset passes internal compliance tests.
|
||||
- Optional OpenCMIS TCK harness can be run against a compatibility profile.
|
||||
- `python3 -m pytest` passes.
|
||||
Reference in New Issue
Block a user