DevEnv nis2-agile
|
75a678f60e
|
[FEAT] CertiSource atti-service.php integration: structured data, PAT auth, ATECO fix
- VisuraService::fetchFromCertiSource: new atti-service.php API (POST richiesta → polling stato → GET dati)
- Structured data mapping: sedi/ateco_codes/cariche/addetti → formato interno
- mapAtecoToNis2Sector: allineato ENUM DB (digital_infra, water, waste, public_admin, ecc.)
- config.php: CERTISOURCE_API_URL, CERTISOURCE_API_KEY, CERTISOURCE_POLL_MAX/SEC
- PHP 8.4: curl_close → unset, usato in logAiInteraction
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-17 13:24:03 +01:00 |
|
DevEnv nis2-agile
|
1382530189
|
[FEAT] Sistema Segnalazioni & Risoluzione AI (feedback)
Adattato da alltax.it — il sistema più maturo testato con utenti reali.
Backend:
- FeedbackController: 6 endpoint (submit, mine, list, show, update, resolve)
- FeedbackService: createReport + classifyWithAI + broadcastResolution
- AIService::classifyFeedback() — 10s timeout, 500 token, JSON puro
- EmailService::sendFeedbackResolved() — broadcast email org
- DB migration 014: tabella feedback_reports
Frontend:
- feedback.js: FAB rosso #EF4444, modal 2 fasi (form → AI → password gate)
- Tab "Le mie segnalazioni" con badge status
- Auto-init su tutte le pagine autenticate (common.js::checkAuth)
- api.js: 6 metodi client; style.css: stili completi
Worker:
- scripts/feedback-worker.php: cron ogni 30 min
→ docker exec nis2-agile-devenv + Claude Code CLI
→ risoluzione autonoma con POST /api/feedback/{id}/resolve
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-10 08:51:52 +01:00 |
|
DevEnv nis2-agile
|
6933e1d3fb
|
[INTEG] Provisioning B2B automatico + fix JWT helpers
- POST /api/services/provision: onboarding automatico tenant da lg231
- X-Provision-Secret auth (master secret, non org-specific)
- Crea org (con tutti i dati lg231: P.IVA, ATECO, sede, PEC, fatturato)
- Crea admin user con password temporanea (must_change_password=1)
- Genera API Key scope [read:all, write:all, admin:org, sso:login]
- Emette JWT 2h per apertura immediata UI
- Callback webhook a lg231 con api_key
- Idempotent: stessa P.IVA → restituisce org esistente
- Audit: org.provisioned severity=critical
- config.php: PROVISION_SECRET (env var)
- BaseController: base64UrlEncode/Decode da private → protected
- Migration 011: colonne provisioning + must_change_password + indexes
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-07 15:02:11 +01:00 |
|
|
|
ae78a2f7f4
|
[CORE] Initial project scaffold - NIS2 Agile Compliance Platform
Complete MVP implementation including:
- PHP 8.4 backend with Front Controller pattern (80+ API endpoints)
- Multi-tenant architecture with organization_id isolation
- JWT authentication (HS256, 2h access + 7d refresh tokens)
- 14 controllers: Auth, Organization, Assessment, Dashboard, Risk,
Incident, Policy, SupplyChain, Training, Asset, Audit, Admin
- AI Service integration (Anthropic Claude API) for gap analysis,
risk suggestions, policy generation, incident classification
- NIS2 gap analysis questionnaire (~80 questions, 10 categories)
- MySQL schema (20 tables) with NIS2 Art. 21 compliance controls
- NIS2 Art. 23 incident reporting workflow (24h/72h/30d)
- Frontend: login, register, dashboard, assessment wizard, org setup
- Docker configuration (PHP-FPM + Nginx + MySQL)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
2026-02-17 17:50:18 +01:00 |
|
