claude-meta/memory/projects/ISMS-DB/MEMORY.md

1.7 KiB

ISMS-DB Project Memory

Skill Triggers

  • "aktualisiere unser ISMS", "ISMS aktualisieren", "ISMS updaten" → ALWAYS invoke Skill isms-update
  • This skill runs: Fetch-Data.ps1 → edit JSON → Upload-Data.ps1
  • NEVER edit tenant data (Data/default/*.json) without running fetch first
  • NEVER skip upload after editing

Auth Stack

  • Microsoft.Identity.Web 3.x (resolved 3.14.1)
  • Use AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme).AddMicrosoftIdentityWebApp(...) — NOT services.AddMicrosoftIdentityWebApp(...) (IServiceCollection overload removed in 3.x)
  • using Microsoft.Identity.Web.UI; required in Program.cs for AddMicrosoftIdentityUI()
  • Use PostConfigure<OpenIdConnectOptions> to hook OnTokenValidated without clobbering MSIW's own handler

SecurePageModel Pattern

  • Inherits PageModel, uses override on OnPageHandlerSelectionAsync / OnPageHandlerExecutionAsync
  • Do NOT declare IAsyncPageFilter explicitly — PageModel already has virtual methods
  • Resolves IUserService + TenantService via ctx.HttpContext.RequestServices

Audit Result Writing

  • NEVER delegate JSON creation to a Task subagent — too slow (33 calls, 17 min)
  • Build the JSON object in main context, then pipe to append-audit-result.py: python3 append-audit-result.py src/IsmsApp/Data/default/ <<'JSONEOF' ... JSONEOF
  • Script validates: .lock, control exists, Id unique, Iteration unique
  • For the JSON heredoc: use python3 inline to generate UUIDs + timestamps, then echo

Razor Gotcha

  • RZ1031: cannot put free-standing @(expr) in <option> attribute area
  • Fix: use @if (cond) { <option selected> } else { <option> } pattern instead