GeoNetAgent, LDAPWeb, server-audit, server-connection
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

45 lines
1.6 KiB

---
description: Prinsip enterprise portal Laravel, security, audit, dan requirement wajib
alwaysApply: true
---
# Enterprise Principles
## Tujuan
Platform Enterprise Portal: Laravel, PostgreSQL, LDAP, API Management, audit trail, PWA.
## Prinsip (urutan prioritas)
1. **Security First** — CSRF, LDAP auth, API scope, throttle; target MFA/SSO
2. **Audit First** — setiap aksi CRUD tercatat (user, browser, IP, duration)
3. **API First** — REST API v1 + dokumentasi Swagger
4. **Approval First** — maker-checker untuk aksi sensitif (belum ada, target wajib)
5. **Production Ready Only** — migration, validation, tanpa placeholder/TODO
## Requirement wajib
| Fitur | Target |
|-------|--------|
| Multi Database | SQL Server, PostgreSQL, MySQL, MariaDB |
| LDAP | User/group CRUD, password reset + email |
| API Auth | Token, LDAP Bearer/JWT, OAuth2 Passport |
| Audit Trail | Immutable append-only |
| SMTP | Konfig via UI + test send |
| PWA | Offline, caching, install, auto-update |
| Docker | Compose + healthcheck + deploy script |
## UX wajib
- Loading indicator pada proses async; popup sukses/gagal setelah selesai
- Theme Light / Dark / System dengan kontras baik
- SPA persistent layout (sidebar/header statis, hanya body berubah)
- List: search, filter, sort; sticky header; mobile action sheet
- Icon kontekstual; helper text di setiap form
## Arsitektur Laravel
- Business logic di **Service**, bukan Controller
- Query database via Service/Repository, bukan Controller
- Secret hanya dari `.env` / `Crypt`, jangan hardcode
- Event + Queue untuk proses berat (mail, audit batch, LDAP sync)