AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e4f9e9179e
nis2-agile/public
History
DevEnv nis2-agile e4f9e9179e [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 
Implementazione completa del progetto allineamento alla suite Evix (TRPG/lg231),
basato sul doc canonico docs/GAP_TRPG_NIS2_ALIGNMENT.md (5 fasi, 18 gap).

Version 1.0.0 → 1.5.0

Fase 1 — SSO Federation (v1.1.0)
- Migration 015_sso_columns: users.sso_identity_id + password_version
- application/services/SsoHelper.php (client SSO dual-mode, cURL nativo, zero deps)
- AuthController::login() + changePassword() conditional SSO (SSO_MODE=local default)

Fase 2 — Multi-device Sessions (v1.2.0)
- Migration 016_active_sessions: tabella + refresh_tokens.session_jti
- BaseController::requireAuth() verifica jti + last_activity throttle + parseDeviceLabel
- login() genera jti, logout/changePassword revoca selettiva
- GET/DELETE /auth/sessions[/{id}]
- UI settings.html tab Sicurezza con lista device + revoca

Fase 3 — Password Reset + Tenant Switcher (v1.3.0)
- Migration 017_password_reset_tokens (TTL 30min, single-use)
- POST /auth/forgot-password (risposta opaca) + reset-password
- Pagine forgot-password.html + reset-password.html (con strength bar)
- EmailService::sendPasswordReset
- POST /auth/switchContext con rotazione JWT + organization_id claim
- Dropdown tenant in sidebar esposto a tutti gli utenti con ≥2 org

Fase 4 — Impersonate + Preferences + Versioning UI (v1.4.0)
- POST /auth/impersonate (super_admin o consulente stesso firm, TTL 1h, audit)
- Migration 018_user_preferences: users.theme/timezone/notif_email/notif_inapp
- GET/PUT /auth/preferences
- Sidebar footer mostra versione + changelog modal su click

Fase 5 — Branding white-label + Auth-gate (v1.5.0)
- Migration 019_firm_branding (logo/colori/brand_name per consulting firm)
- BrandingController GET /branding/current (auth opzionale) + PUT
- common.js auto-applica CSS variables al boot
- public/js/auth-gate.js (gate password client-side per docs riservati, da TRPG)

Skip motivati:
- G15 demo login: simulator esistenti coprono
- G18 refactor controllers: rinviato (~5gg, valore tecnico solo)

Cron sync SSO: AgileHub Ticket #220 aperto a team AGILEHUB per estendere
sso-password-sync.sh al DB nis2_agile_db. Prerequisito per switch SSO_MODE=dual.

Backup files: tutti i file modificati hanno .bak.pre-{fase}-{ts} sia in DEV
sia in /var/www/nis2-agile/.backups/ su Hetzner (rollback ready).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-29 13:18:35 +02:00
..
admin [DEPLOY] Migrazione a subdomain nis2.certisource.it 2026-02-19 14:05:18 +01:00
css [UX] FAB feedback: pill cyan con label, animazione pulse, stile lg231 2026-03-10 11:27:19 +01:00
docs [DOCS] Pagina documentazione Testing & Simulazione 2026-03-10 09:40:27 +01:00
integrations [MIGRATE] Migrazione a nis2.agile.software 2026-03-07 14:07:10 +01:00
js [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 2026-05-29 13:18:35 +02:00
.htaccess [FIX] Deploy fixes - Auth header passthrough, dashboard query, landing page 2026-02-17 18:08:43 +01:00
api-status.php [CORE] Initial project scaffold - NIS2 Agile Compliance Platform 2026-02-17 17:50:18 +01:00
architecture.html [FEAT] i18n IT/EN, Help Online contestuale, pagina Architettura 2026-02-18 08:34:37 +01:00
assessment.html [SEC+UX] Hardening sicurezza + miglioramenti UX pre-audit 2026-02-20 12:01:33 +01:00
assets.html [FIX] i18n funzionante + bug audit.html + help system 2026-02-20 11:17:04 +01:00
companies.html [FEAT] Ruolo Consulente + Wizard Registrazione v2 2026-02-20 08:53:30 +01:00
cross-analysis.html [FEAT] L4 AI Cross-Analysis — analisi aggregata multi-org per consulenti 2026-03-09 08:17:53 +01:00
dashboard.html [SEC+UX] Hardening sicurezza + miglioramenti UX pre-audit 2026-02-20 12:01:33 +01:00
forgot-password.html [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 2026-05-29 13:18:35 +02:00
incidents.html [UX+SEC] Eccellenza pre-audit: idle timeout, loading states, i18n, UX polish 2026-02-20 12:25:52 +01:00
index.html [FEAT] Standardizzazione lead form — allineamento a TRPG Agile 2026-03-09 12:14:42 +01:00
index.php [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 2026-05-29 13:18:35 +02:00
integrazioniext.html [CONTEXT+MKTG] Contesto sessione + HTML migliorati per comunicazione terze parti 2026-03-07 16:37:14 +01:00
licenseExt.html [FEAT] licenseExt: sezione dati destinatario pre-compila form + link pronto + modale con recipient data 2026-03-10 12:00:26 +01:00
login.html [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 2026-05-29 13:18:35 +02:00
mktg-api-doc.html [CONTEXT+MKTG] Contesto sessione + HTML migliorati per comunicazione terze parti 2026-03-07 16:37:14 +01:00
nis2-license-api.postman.json [MKTG-API] Fix: Postman collection in public root 2026-03-07 16:05:49 +01:00
normative.html [FEAT] Services API, Webhook, Whistleblowing, Normative + integrazioni 2026-03-07 13:20:24 +01:00
onboarding.html [UX] Standardizzazione login/register/onboarding + Test Runner v2 2026-03-07 17:11:25 +01:00
policies.html [UX+SEC] Eccellenza pre-audit: idle timeout, loading states, i18n, UX polish 2026-02-20 12:25:52 +01:00
presentation.html [FEAT] Presentazione NIS2 Agile nel repo (presentation.html) 2026-03-09 15:31:07 +01:00
register.html [FEAT] Simulatore B2B licenze + registrazione ridotta 2026-03-10 15:26:23 +01:00
reports.html [FIX] i18n funzionante + bug audit.html + help system 2026-02-20 11:17:04 +01:00
reset-password.html [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 2026-05-29 13:18:35 +02:00
risks.html [UX+SEC] Eccellenza pre-audit: idle timeout, loading states, i18n, UX polish 2026-02-20 12:25:52 +01:00
settings.html [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 2026-05-29 13:18:35 +02:00
setup-org.html [FIX] Fix annual_turnover field name in setup-org.html 2026-02-17 19:49:57 +01:00
simulate-b2b.html [FEAT] Simulatore B2B licenze + registrazione ridotta 2026-03-10 15:26:23 +01:00
simulate-nis2-big.php [FEAT] Services API: full-snapshot endpoint + BigSim SSE wrapper 2026-03-17 15:16:00 +01:00
simulate-nis2.php [FIX] simulate wrapper: PHP_BINARY→php-cli corretto (FPM≠CLI) 2026-03-10 10:51:48 +01:00
simulate.html [FIX] simulate.html: card BIG + training user_ids array fix 2026-03-17 15:32:02 +01:00
supply-chain.html [FIX] i18n funzionante + bug audit.html + help system 2026-02-20 11:17:04 +01:00
test-runner.php [FIX] test-runner: aggiorna email/password ai valori del simulatore 2026-03-09 10:03:14 +01:00
training.html [FIX] i18n funzionante + bug audit.html + help system 2026-02-20 11:17:04 +01:00
version.json [FEAT] Allineamento NIS2 ↔ TRPG (Fasi 1-5): SSO + Sessions + Reset + Impersonate + Branding 2026-05-29 13:18:35 +02:00
whistleblowing.html [FEAT] Services API, Webhook, Whistleblowing, Normative + integrazioni 2026-03-07 13:20:24 +01:00
workflow.html [FEAT] Compliance Journey — workflow visivo 6 fasi NIS2 2026-03-09 07:54:15 +01:00