30 lines
1.7 KiB
Markdown
30 lines
1.7 KiB
Markdown
# ISMS-DB Project Memory
|
|
|
|
## Skill Triggers
|
|
- "aktualisiere unser ISMS", "ISMS aktualisieren", "ISMS updaten" → ALWAYS invoke Skill `isms-update`
|
|
- This skill runs: Fetch-Data.ps1 → edit JSON → Upload-Data.ps1
|
|
- NEVER edit tenant data (Data/default/*.json) without running fetch first
|
|
- NEVER skip upload after editing
|
|
|
|
## Auth Stack
|
|
- Microsoft.Identity.Web 3.x (resolved 3.14.1)
|
|
- Use `AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme).AddMicrosoftIdentityWebApp(...)` — NOT `services.AddMicrosoftIdentityWebApp(...)` (IServiceCollection overload removed in 3.x)
|
|
- `using Microsoft.Identity.Web.UI;` required in Program.cs for `AddMicrosoftIdentityUI()`
|
|
- Use `PostConfigure<OpenIdConnectOptions>` to hook `OnTokenValidated` without clobbering MSIW's own handler
|
|
|
|
## SecurePageModel Pattern
|
|
- Inherits `PageModel`, uses `override` on `OnPageHandlerSelectionAsync` / `OnPageHandlerExecutionAsync`
|
|
- Do NOT declare `IAsyncPageFilter` explicitly — `PageModel` already has virtual methods
|
|
- Resolves `IUserService` + `TenantService` via `ctx.HttpContext.RequestServices`
|
|
|
|
## Audit Result Writing
|
|
- NEVER delegate JSON creation to a Task subagent — too slow (33 calls, 17 min)
|
|
- Build the JSON object in main context, then pipe to `append-audit-result.py`:
|
|
`python3 append-audit-result.py src/IsmsApp/Data/default/ <<'JSONEOF' ... JSONEOF`
|
|
- Script validates: .lock, control exists, Id unique, Iteration unique
|
|
- For the JSON heredoc: use python3 inline to generate UUIDs + timestamps, then echo
|
|
|
|
## Razor Gotcha
|
|
- `RZ1031`: cannot put free-standing `@(expr)` in `<option>` attribute area
|
|
- Fix: use `@if (cond) { <option selected> } else { <option> }` pattern instead
|