Jason Woltje
004f7828fb
Add CapabilityGuard infrastructure to enforce capability-based authorization on federation endpoints. Implements fail-closed security model. Security properties: - Deny by default (no capability = deny) - Only explicit true values grant access - Connection must exist and be ACTIVE - All denials logged for audit trail Implementation: - Created CapabilityGuard with fail-closed authorization logic - Added @RequireCapability decorator for marking endpoints - Added getConnectionById() to ConnectionService - Added logCapabilityDenied() to AuditService - 12 comprehensive tests covering all security scenarios Quality gates: - ✅ Tests: 12/12 passing - ✅ Lint: 0 new errors (33 pre-existing) - ✅ TypeScript: 0 new errors (8 pre-existing) Refs #273 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Mosaic Stack Documentation
Complete documentation for Mosaic Stack, organized in Bookstack-compatible shelf/book/chapter/page structure.
📚 Books
1. Getting Started
Essential guides to get Mosaic Stack installed and configured.
- Quick Start — Get up and running in 5 minutes
- Installation
- Configuration
2. Development
Developer guides for contributing to Mosaic Stack.
- Workflow
- Database
- Schema, migrations, and Prisma guides (to be added)
- Type Sharing
3. Architecture
Technical architecture and design decisions.
- Overview — System design (to be added)
- Authentication — BetterAuth and OIDC (to be added)
- Design Principles
4. API Reference
Complete API endpoint documentation.
📝 Scratchpads
Development notes and implementation details for specific issues:
- Issue #1: Project Scaffold
- Issue #2: PostgreSQL Schema
- Issue #3: Prisma ORM Setup
- Issue #4: Authentik OIDC Integration
🔍 Quick Links
For New Users
For Developers
For Architects
- PDA-Friendly Design
- Authentication Flow (to be added)
- System Overview (to be added)
For API Consumers
📋 Documentation Standards
File Organization
docs/
├── {N}-{book-name}/ # Book (numbered)
│ ├── README.md # Book overview
│ ├── {N}-{chapter-name}/ # Chapter (numbered)
│ │ ├── {N}-{page-name}.md # Page (numbered)
│ │ └── ...
│ └── ...
└── scratchpads/ # Development notes (unnumbered)
Numbering Convention
- Books:
1-getting-started,2-development,3-architecture,4-api - Chapters:
1-quick-start,2-installation,3-configuration - Pages:
1-overview.md,2-local-setup.md,3-docker-setup.md
Numbers maintain order in file systems and Bookstack.
Writing Style
- Concise — No unnecessary verbosity
- Action-oriented — Use imperative mood ("Run the command", not "You should run")
- Example-heavy — Show, don't just tell
- Code blocks — Always include working examples
- Links — Cross-reference related topics
- PDA-friendly — Follow design principles
Code Examples
Always include:
- Language identifier for syntax highlighting
- Complete, runnable examples
- Expected output when relevant
- Error cases and troubleshooting
🛠️ Contributing to Docs
Adding New Pages
- Identify the appropriate book/chapter
- Create numbered markdown file
- Add to chapter's parent README
- Link from related pages
- Test all links and code examples
Updating Existing Pages
- Keep formatting consistent
- Update last-modified date
- Test all examples
- Check cross-references
Creating New Books
- Number sequentially (
5-{new-book}) - Create
README.mdoverview - Add chapter directories
- Update this index
📊 Documentation Status
| Book | Completion |
|---|---|
| Getting Started | 🟢 Complete |
| Development | 🟡 Partial |
| Architecture | 🟡 Partial |
| API Reference | 🟡 Partial |
Legend:
- 🟢 Complete
- 🟡 Partial
- 🔵 Planned
- ⚪ Not started
🔗 External Resources
- Project Repository: https://git.mosaicstack.dev/mosaic/stack
- Issue Tracker: https://git.mosaicstack.dev/mosaic/stack/issues
- Google Style Guides: https://github.com/google/styleguide
- BetterAuth Docs: https://www.better-auth.com
- Prisma Docs: https://www.prisma.io/docs
- NestJS Docs: https://docs.nestjs.com
📧 Support
- Issues: Create an issue
- Discussions: Project discussions
Last Updated: 2026-01-28 Version: 0.0.1 (Pre-MVP)