OTSSigns/OTSSignsOrchestrator
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Implement provisioning pipelines for subscription management

Browse Source 
- Add ReactivatePipeline to handle subscription reactivation, including scaling Docker services, health verification, status updates, audit logging, and broadcasting status changes.
- Introduce RotateCredentialsPipeline for OAuth2 credential rotation, managing the deletion of old apps, creation of new ones, credential storage, access verification, and audit logging.
- Create StepRunner to manage job step execution, including lifecycle management and progress broadcasting via SignalR.
- Implement SuspendPipeline for subscription suspension, scaling down services, updating statuses, logging audits, and broadcasting changes.
- Add UpdateScreenLimitPipeline to update Xibo CMS screen limits and record snapshots.
- Introduce XiboFeatureManifests for hardcoded feature ACLs per role.
- Add docker-compose.dev.yml for local development with PostgreSQL setup.
This commit is contained in:
Matt Batchelder
2026-03-18 10:27:26 -04:00
parent c2e03de8bb
commit c6d46098dd
77 changed files with 9412 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

139
OTSSignsOrchestrator.Server/Workers/XiboFeatureManifests.cs Normal file
View File

@@ -0,0 +1,139 @@
namespace OTSSignsOrchestrator.Server.Workers;
/// <summary>
/// Hardcoded Xibo feature ACL manifests per role.
/// Used by Phase2Pipeline step "assign-group-acl" when calling
/// <c>POST /api/group/{id}/acl</c>.
///
/// ObjectId is the feature key, PermissionsId is the permission level ("view", "edit", "delete").
/// </summary>
public static class XiboFeatureManifests
{
/// <summary>Viewer role: read-only access to layouts, displays, media.</summary>
public static readonly string[] ViewerObjectIds =
[
"layout.view",
"media.view",
"display.view",
"schedule.view",
"report.view",
];
public static readonly string[] ViewerPermissionIds =
[
"view",
"view",
"view",
"view",
"view",
];
/// <summary>Editor role: view + edit for layouts, media, schedules.</summary>
public static readonly string[] EditorObjectIds =
[
"layout.view",
"layout.edit",
"media.view",
"media.edit",
"display.view",
"schedule.view",
"schedule.edit",
"report.view",
];
public static readonly string[] EditorPermissionIds =
[
"view",
"edit",
"view",
"edit",
"view",
"view",
"edit",
"view",
];
/// <summary>Admin role: full access to all features.</summary>
public static readonly string[] AdminObjectIds =
[
"layout.view",
"layout.edit",
"layout.delete",
"media.view",
"media.edit",
"media.delete",
"display.view",
"display.edit",
"display.delete",
"schedule.view",
"schedule.edit",
"schedule.delete",
"report.view",
"user.view",
"user.edit",
];
public static readonly string[] AdminPermissionIds =
[
"view",
"edit",
"delete",
"view",
"edit",
"delete",
"view",
"edit",
"delete",
"view",
"edit",
"delete",
"view",
"view",
"edit",
];
/// <summary>OTS IT group: full super-admin access (all features + user management).</summary>
public static readonly string[] OtsItObjectIds =
[
"layout.view",
"layout.edit",
"layout.delete",
"media.view",
"media.edit",
"media.delete",
"display.view",
"display.edit",
"display.delete",
"schedule.view",
"schedule.edit",
"schedule.delete",
"report.view",
"user.view",
"user.edit",
"user.delete",
"application.view",
"application.edit",
];
public static readonly string[] OtsItPermissionIds =
[
"view",
"edit",
"delete",
"view",
"edit",
"delete",
"view",
"edit",
"delete",
"view",
"edit",
"delete",
"view",
"view",
"edit",
"delete",
"view",
"edit",
];
}