--- description: Prinsip enterprise portal Laravel, security, audit, dan requirement wajib alwaysApply: true --- # Enterprise Principles ## Tujuan Platform Enterprise Portal: Laravel, PostgreSQL, LDAP, API Management, audit trail, PWA. ## Prinsip (urutan prioritas) 1. **Security First** — CSRF, LDAP auth, API scope, throttle; target MFA/SSO 2. **Audit First** — setiap aksi CRUD tercatat (user, browser, IP, duration) 3. **API First** — REST API v1 + dokumentasi Swagger 4. **Approval First** — maker-checker untuk aksi sensitif (belum ada, target wajib) 5. **Production Ready Only** — migration, validation, tanpa placeholder/TODO ## Requirement wajib | Fitur | Target | |-------|--------| | Multi Database | SQL Server, PostgreSQL, MySQL, MariaDB | | LDAP | User/group CRUD, password reset + email | | API Auth | Token, LDAP Bearer/JWT, OAuth2 Passport | | Audit Trail | Immutable append-only | | SMTP | Konfig via UI + test send | | PWA | Offline, caching, install, auto-update | | Docker | Compose + healthcheck + deploy script | ## UX wajib - Loading indicator pada proses async; popup sukses/gagal setelah selesai - Theme Light / Dark / System dengan kontras baik - SPA persistent layout (sidebar/header statis, hanya body berubah) - List: search, filter, sort; sticky header; mobile action sheet - Icon kontekstual; helper text di setiap form ## Arsitektur Laravel - Business logic di **Service**, bukan Controller - Query database via Service/Repository, bukan Controller - Secret hanya dari `.env` / `Crypt`, jangan hardcode - Event + Queue untuk proses berat (mail, audit batch, LDAP sync)