nis2-agile

AdminGit2026/nis2-agile

Fork 0

Commit Graph

Author	SHA1	Message	Date
DevEnv nis2-agile	1382530189	[FEAT] Sistema Segnalazioni & Risoluzione AI (feedback) Adattato da alltax.it — il sistema più maturo testato con utenti reali. Backend: - FeedbackController: 6 endpoint (submit, mine, list, show, update, resolve) - FeedbackService: createReport + classifyWithAI + broadcastResolution - AIService::classifyFeedback() — 10s timeout, 500 token, JSON puro - EmailService::sendFeedbackResolved() — broadcast email org - DB migration 014: tabella feedback_reports Frontend: - feedback.js: FAB rosso #EF4444, modal 2 fasi (form → AI → password gate) - Tab "Le mie segnalazioni" con badge status - Auto-init su tutte le pagine autenticate (common.js::checkAuth) - api.js: 6 metodi client; style.css: stili completi Worker: - scripts/feedback-worker.php: cron ogni 30 min → docker exec nis2-agile-devenv + Claude Code CLI → risoluzione autonoma con POST /api/feedback/{id}/resolve Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 08:51:52 +01:00
DevEnv nis2-agile	6933e1d3fb	[INTEG] Provisioning B2B automatico + fix JWT helpers - POST /api/services/provision: onboarding automatico tenant da lg231 - X-Provision-Secret auth (master secret, non org-specific) - Crea org (con tutti i dati lg231: P.IVA, ATECO, sede, PEC, fatturato) - Crea admin user con password temporanea (must_change_password=1) - Genera API Key scope [read:all, write:all, admin:org, sso:login] - Emette JWT 2h per apertura immediata UI - Callback webhook a lg231 con api_key - Idempotent: stessa P.IVA → restituisce org esistente - Audit: org.provisioned severity=critical - config.php: PROVISION_SECRET (env var) - BaseController: base64UrlEncode/Decode da private → protected - Migration 011: colonne provisioning + must_change_password + indexes Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-07 15:02:11 +01:00
Cristiano Benassati	ae78a2f7f4	[CORE] Initial project scaffold - NIS2 Agile Compliance Platform Complete MVP implementation including: - PHP 8.4 backend with Front Controller pattern (80+ API endpoints) - Multi-tenant architecture with organization_id isolation - JWT authentication (HS256, 2h access + 7d refresh tokens) - 14 controllers: Auth, Organization, Assessment, Dashboard, Risk, Incident, Policy, SupplyChain, Training, Asset, Audit, Admin - AI Service integration (Anthropic Claude API) for gap analysis, risk suggestions, policy generation, incident classification - NIS2 gap analysis questionnaire (~80 questions, 10 categories) - MySQL schema (20 tables) with NIS2 Art. 21 compliance controls - NIS2 Art. 23 incident reporting workflow (24h/72h/30d) - Frontend: login, register, dashboard, assessment wizard, org setup - Docker configuration (PHP-FPM + Nginx + MySQL) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-17 17:50:18 +01:00

Author

SHA1

Message

Date

DevEnv nis2-agile

1382530189

[FEAT] Sistema Segnalazioni & Risoluzione AI (feedback)

Adattato da alltax.it — il sistema più maturo testato con utenti reali.

Backend:
- FeedbackController: 6 endpoint (submit, mine, list, show, update, resolve)
- FeedbackService: createReport + classifyWithAI + broadcastResolution
- AIService::classifyFeedback() — 10s timeout, 500 token, JSON puro
- EmailService::sendFeedbackResolved() — broadcast email org
- DB migration 014: tabella feedback_reports

Frontend:
- feedback.js: FAB rosso #EF4444, modal 2 fasi (form → AI → password gate)
- Tab "Le mie segnalazioni" con badge status
- Auto-init su tutte le pagine autenticate (common.js::checkAuth)
- api.js: 6 metodi client; style.css: stili completi

Worker:
- scripts/feedback-worker.php: cron ogni 30 min
  → docker exec nis2-agile-devenv + Claude Code CLI
  → risoluzione autonoma con POST /api/feedback/{id}/resolve

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-10 08:51:52 +01:00

DevEnv nis2-agile

6933e1d3fb

[INTEG] Provisioning B2B automatico + fix JWT helpers

- POST /api/services/provision: onboarding automatico tenant da lg231
  - X-Provision-Secret auth (master secret, non org-specific)
  - Crea org (con tutti i dati lg231: P.IVA, ATECO, sede, PEC, fatturato)
  - Crea admin user con password temporanea (must_change_password=1)
  - Genera API Key scope [read:all, write:all, admin:org, sso:login]
  - Emette JWT 2h per apertura immediata UI
  - Callback webhook a lg231 con api_key
  - Idempotent: stessa P.IVA → restituisce org esistente
  - Audit: org.provisioned severity=critical
- config.php: PROVISION_SECRET (env var)
- BaseController: base64UrlEncode/Decode da private → protected
- Migration 011: colonne provisioning + must_change_password + indexes

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-07 15:02:11 +01:00

Cristiano Benassati

ae78a2f7f4

[CORE] Initial project scaffold - NIS2 Agile Compliance Platform

Complete MVP implementation including:
- PHP 8.4 backend with Front Controller pattern (80+ API endpoints)
- Multi-tenant architecture with organization_id isolation
- JWT authentication (HS256, 2h access + 7d refresh tokens)
- 14 controllers: Auth, Organization, Assessment, Dashboard, Risk,
  Incident, Policy, SupplyChain, Training, Asset, Audit, Admin
- AI Service integration (Anthropic Claude API) for gap analysis,
  risk suggestions, policy generation, incident classification
- NIS2 gap analysis questionnaire (~80 questions, 10 categories)
- MySQL schema (20 tables) with NIS2 Art. 21 compliance controls
- NIS2 Art. 23 incident reporting workflow (24h/72h/30d)
- Frontend: login, register, dashboard, assessment wizard, org setup
- Docker configuration (PHP-FPM + Nginx + MySQL)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-17 17:50:18 +01:00

3 Commits