- Home
- Skills
- Iurygdeoliveira
- Labsis Kit
- Validate Project Rules
validate-project-rules_skill
- PHP
31
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill iurygdeoliveira/labsis-kit --skill validate-project-rules- SKILL.md2.6 KB
Overview
This skill validates the labSIS-KIT business rules for a Laravel + Filament SaaS starter kit. It focuses on enforcing tenant isolation, dynamic role bindings per tenant, and controlled destructive actions. The goal is to ensure the kit remains a reliable educational reference for secure SaaS architecture.
How this skill works
The validator runs automated checks and integration tests against the application to confirm expected behaviors. It inspects global scopes, policies, and pivot role assignments, simulates cross-tenant access attempts, and verifies installer script behavior. It reports failures with clear status codes and actionable guidance for remediation.
When to use it
- Before merging major tenant or permission changes
- During CI to prevent regressions in isolation or RBAC
- After implementing or updating the install script
- Before releases that affect destructive actions or administrative flows
- When auditing the kit for security or educational correctness
Best practices
- Enforce tenant isolation at ORM/global scope level rather than relying on controllers
- Store roles on the tenant-user relationship (pivot) so permissions vary by context
- Restrict tenant deletion to a global Super Admin role and test that Owners cannot delete their tenant
- Automate validation in CI with tests that assert 403/404 on cross-tenant access
- Provide a one-command installer that runs migrations and seeds for reproducible demos
Example use cases
- Run checks to confirm a user with Owner role in Tenant A cannot view Tenant B resources
- Validate that the same user can hold different roles across two tenants and has appropriate permissions in each
- Execute the install script in a fresh environment and verify the application is functional without manual steps
- Attempt tenant deletion as an Owner and assert the action is blocked or absent
- Include the validator in CI to catch regressions to isolation or RBAC logic
FAQ
The validator marks the build as failed and provides the failing request and expected response codes (403/404) so you can trace the offending scope or policy.
How do I verify the one-click installer works in CI?
Run php install.php in a clean container or ephemeral environment during CI and assert migrations run, essential seeds exist, and the app bootstraps without manual input.