2.7 KiB
id, type, title, domain, repo, status, owner, topic_slug, planning_priority, planning_order, created, updated, depends_on, state_hub_workstream_id
| id | type | title | domain | repo | status | owner | topic_slug | planning_priority | planning_order | created | updated | depends_on | state_hub_workstream_id | ||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| USER-WP-0005 | workplan | User Engine Integrated Test Scenarios | netkingdom | user-engine | active | codex | netkingdom | high | 5 | 2026-05-22 | 2026-05-22 |
|
06face5b-6984-4acc-8128-f82d61abdc75 |
USER-WP-0005 - User Engine Integrated Test Scenarios
Goal
Prove the architecture boundaries with realistic standalone, platform, multi-tenant, multi-application, projection, audit, event, and performance test scenarios.
Tasks
id: USER-WP-0005-T1
status: todo
priority: high
state_hub_task_id: "f0408602-4ec9-4d01-9a62-2daa3fa7373e"
Define the canonical scenario matrix for standalone, denied access, tenant admin, platform operator, cross-tenant denial, two applications, sensitive redaction, and audit/event replay.
id: USER-WP-0005-T2
status: todo
priority: high
state_hub_task_id: "78dad786-f69d-4e84-884b-0e2a32338c3e"
Add identity fixtures for human, service, agent, delegated agent, tenant admin, platform operator, break-glass, local issuer, invalid, expired, and missing-tenant actors.
id: USER-WP-0005-T3
status: todo
priority: high
state_hub_task_id: "87cac8eb-2182-4b17-aa29-60109cf6f2c4"
Add an authorization harness for allow, deny, obligation, tenant-boundary, assurance, and bulk decision scenarios.
id: USER-WP-0005-T4
status: todo
priority: high
state_hub_task_id: "5fc6e120-0c94-4fb0-bc7f-2d8713a40011"
Test full flows from actor claims through authorization, mutation, profile resolution, projection, audit write, and outbox event creation.
id: USER-WP-0005-T5
status: todo
priority: medium
state_hub_task_id: "609a3579-268c-4ed9-b5b7-2e01dc8e7049"
Add tests or benchmarks for effective-profile resolution, projection rendering, authorization batching, memoization, and cache invalidation.
id: USER-WP-0005-T6
status: todo
priority: high
state_hub_task_id: "c346a142-3e7a-48ee-bf71-553cdcf4861d"
Add security and privacy negative tests for local issuer rejection, sensitive leakage, cross-tenant access, admin overreach, catalog downgrade, namespace hijack, stale membership facts, and missing audit correlation.
id: USER-WP-0005-T7
status: todo
priority: medium
state_hub_task_id: "ac92965e-778d-48ec-a674-32b1c333bb0d"
Add CI/readiness commands for unit, integration, scenario, and conformance-style test suites.
Acceptance Criteria
- Scenario tests prove standalone, tenant, multi-app, authorization, profile, projection, audit, and event behavior.
- Negative tests cover the architecture review risks.
- CI/readiness commands are documented and deterministic.