MPCoreDeveloper
diff --git a/‎.github/copilot-instructions.md‎
Lines changed: 1 addition & 0 deletions b/‎.github/copilot-instructions.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Examples/Web/Orchardcore/SharpCoreDb.Orchardcore/SharpCoreDb.Orchardcore.csproj‎
Lines changed: 6 additions & 3 deletions b/‎Examples/Web/Orchardcore/SharpCoreDb.Orchardcore/SharpCoreDb.Orchardcore.csproj‎
Lines changed: 6 additions & 3 deletions
diff --git a/‎docs/PROJECT_STATUS.md‎
Lines changed: 8 additions & 0 deletions b/‎docs/PROJECT_STATUS.md‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎src/SharpCoreDB.AppHost/SharpCoreDB.AppHost.csproj‎
Lines changed: 1 addition & 1 deletion b/‎src/SharpCoreDB.AppHost/SharpCoreDB.AppHost.csproj‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/SharpCoreDB.Server.Core/Api/TenantsController.cs‎
Lines changed: 172 additions & 1 deletion b/‎src/SharpCoreDB.Server.Core/Api/TenantsController.cs‎
Lines changed: 172 additions & 1 deletion
@@ -8,6 +8,7 @@
 - Standardize all documentation/version labels to v1.7.0 ("V 1.70").
 - Continue implementation until the scoped roadmap work is finished without pausing for confirmation.
 - When roadmap issues are completed, explicitly mark the corresponding issue draft documents as resolved/completed so the status is visibly updated in the repository.
+- Validate issue status claims against current open issues and actively work through unresolved issues, ensuring they are not considered done prematurely.
 
 ## Testing Policy
 - All test projects in SharpCoreDB must use **xUnit v3** (`xunit.v3` NuGet package, currently 3.2.2+). **Never** use `xunit` v2 (package id `xunit`). The old v2 package is incompatible with .NET 10 / C# 14.
 
@@ -16,12 +16,15 @@
 
   <!-- OrchardCore packages only restored when NOT in CI -->
   <ItemGroup Condition="'$(CI)' != 'true' AND '$(GITHUB_ACTIONS)' != 'true'">
-    <!-- Requires OrchardCore preview feed: https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json -->
-    <PackageReference Include="OrchardCore.Application.Cms.Targets" Version="3.0.0-preview-18884" />
+    <!-- Stable OrchardCore package -->
+    <PackageReference Include="OrchardCore.Application.Cms.Targets" Version="2.2.1" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="HtmlSanitizer" Version="9.1.893-beta" />
+    <PackageReference Include="HtmlSanitizer" Version="9.0.892" />
     <PackageReference Include="MimeKit" Version="4.15.1" />
+    <PackageReference Include="Microsoft.Extensions.Http.Resilience" Version="10.4.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="10.0.5" />
+    <PackageReference Include="AWSSDK.Core" Version="4.0.3.28" />
   </ItemGroup>
 
   <ItemGroup Condition="'$(UseLocalSharpCoreDbSources)' == 'true'">
 
@@ -37,3 +37,11 @@ Detailed findings are documented in:
 
 - Canonical docs entry points: `README.md`, `docs/INDEX.md`, `docs/README.md`
 - Obsolete/superseded phase-planning artifacts are removed during documentation maintenance.
+
+## Roadmap Issue Closure Tracking
+
+- ✅ `#125` Enforce database grants in Connect and session creation — completed and closed.
+- ✅ `#124` Per-database grants model for tenant isolation — completed and closed.
+- ✅ `#123` DatabaseRegistry runtime attach/detach APIs — completed and closed.
+- ✅ `#122` Runtime tenant database provisioning APIs (gRPC + REST) — completed and closed.
+- ✅ `#121` Tenant catalog in master database for SaaS lifecycle metadata — completed and closed.
@@ -15,7 +15,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Aspire.Hosting.AppHost" Version="13.2.1" />
+    <PackageReference Include="Aspire.Hosting.AppHost" Version="13.2.2" />
     <PackageReference Include="KubernetesClient" Version="19.0.2" />
   </ItemGroup>
 
 
@@ -7,6 +7,7 @@
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
 using SharpCoreDB.Server.Core.Tenancy;
+using SharpCoreDB.Server.Core.Security;
 using System.Text.Json;
 
 namespace SharpCoreDB.Server.Core.Api;
@@ -27,6 +28,7 @@ public sealed class TenantsController(
     TenantBackupRestoreService backupRestoreService,
     TenantMigrationPlanningService migrationPlanningService,
     TenantCatalogRepository catalogRepository,
+    DatabaseGrantsRepository databaseGrantsRepository,
     ILogger<TenantsController> logger) : ControllerBase
 {
     /// <summary>
@@ -92,6 +94,22 @@ public async Task<ActionResult<CreateTenantApiResponse>> CreateTenant(
         }
     }
 
+    /// <summary>
+    /// Creates a tenant database at runtime.
+    /// POST /api/v1/tenants/databases
+    /// </summary>
+    [HttpPost("databases")]
+    [ProducesResponseType(201)]
+    [ProducesResponseType(400)]
+    [ProducesResponseType(409)]
+    [ProducesResponseType(500)]
+    public Task<ActionResult<CreateTenantApiResponse>> CreateTenantDatabase(
+        [FromBody] CreateTenantApiRequest request,
+        CancellationToken cancellationToken = default)
+    {
+        return CreateTenant(request, cancellationToken);
+    }
+
     /// <summary>
     /// Rotates a tenant database encryption key reference.
     /// POST /api/v1/tenants/{tenantId}/databases/{databaseName}/encryption/rotate
@@ -338,6 +356,21 @@ public async Task<ActionResult<DeleteTenantApiResponse>> DeleteTenant(
         }
     }
 
+    /// <summary>
+    /// Deletes a tenant database at runtime.
+    /// DELETE /api/v1/tenants/databases/{tenantId}
+    /// </summary>
+    [HttpDelete("databases/{tenantId}")]
+    [ProducesResponseType(202)]
+    [ProducesResponseType(404)]
+    public Task<ActionResult<DeleteTenantApiResponse>> DeleteTenantDatabase(
+        string tenantId,
+        [FromHeader(Name = "Idempotency-Key")] string? idempotencyKey = null,
+        CancellationToken cancellationToken = default)
+    {
+        return DeleteTenant(tenantId, idempotencyKey, cancellationToken);
+    }
+
     /// <summary>
     /// Gets provisioning operation status.
     /// GET /api/v1/tenants/operations/{operationId}
@@ -378,6 +411,18 @@ public ActionResult<GetOperationStatusApiResponse> GetOperationStatus(string ope
         }
     }
 
+    /// <summary>
+    /// Gets tenant provisioning status.
+    /// GET /api/v1/tenants/provisioning/{operationId}
+    /// </summary>
+    [HttpGet("provisioning/{operationId}")]
+    [ProducesResponseType(200)]
+    [ProducesResponseType(404)]
+    public ActionResult<GetOperationStatusApiResponse> GetTenantProvisioningStatus(string operationId)
+    {
+        return GetOperationStatus(operationId);
+    }
+
     /// <summary>
     /// Gets effective quota policy for a tenant.
     /// GET /api/v1/tenants/{tenantId}/quotas
@@ -609,11 +654,137 @@ public async Task<ActionResult<TenantMigrationPlanApiResponse>> CreateTenantMigr
         });
     }
 
-    // ...existing code...
+    /// <summary>
+    /// Grants permissions for a principal on a tenant database.
+    /// POST /api/v1/tenants/{tenantId}/databases/{databaseName}/grants
+    /// </summary>
+    [HttpPost("{tenantId}/databases/{databaseName}/grants")]
+    [ProducesResponseType(200)]
+    [ProducesResponseType(400)]
+    [ProducesResponseType(404)]
+    public async Task<ActionResult<DatabaseGrantApiResponse>> GrantDatabaseAccess(
+        string tenantId,
+        string databaseName,
+        [FromBody] GrantDatabaseAccessApiRequest request,
+        CancellationToken cancellationToken = default)
+    {
+        if (string.IsNullOrWhiteSpace(request.Principal) || string.IsNullOrWhiteSpace(request.Permission))
+        {
+            return BadRequest(new ErrorResponse { Message = "Principal and Permission are required" });
+        }
+
+        var tenant = await catalogRepository.GetTenantByIdAsync(tenantId, cancellationToken);
+        if (tenant is null)
+        {
+            return NotFound(new ErrorResponse { Message = "Tenant not found" });
+        }
+
+        if (!Enum.TryParse<DatabasePermission>(request.Permission, ignoreCase: true, out var permission))
+        {
+            return BadRequest(new ErrorResponse { Message = "Invalid database permission" });
+        }
+
+        var grant = await databaseGrantsRepository.GrantPermissionAsync(
+            tenantId,
+            databaseName,
+            request.Principal,
+            permission,
+            request.IsGrantable,
+            cancellationToken);
+
+        return Ok(new DatabaseGrantApiResponse
+        {
+            GrantId = grant.GrantId,
+            TenantId = grant.TenantId,
+            DatabaseName = grant.DatabaseName,
+            Principal = grant.Principal,
+            Permission = grant.Permission.ToString(),
+            IsGrantable = grant.IsGrantable,
+            CreatedAt = grant.CreatedAt,
+            ExpiresAt = grant.ExpiresAt,
+        });
+    }
+
+    /// <summary>
+    /// Revokes a database grant.
+    /// DELETE /api/v1/tenants/grants/{grantId}
+    /// </summary>
+    [HttpDelete("grants/{grantId}")]
+    [ProducesResponseType(204)]
+    [ProducesResponseType(400)]
+    public async Task<IActionResult> RevokeDatabaseGrant(
+        string grantId,
+        CancellationToken cancellationToken = default)
+    {
+        if (string.IsNullOrWhiteSpace(grantId))
+        {
+            return BadRequest(new ErrorResponse { Message = "GrantId is required" });
+        }
+
+        await databaseGrantsRepository.RevokeGrantAsync(grantId, cancellationToken);
+        return NoContent();
+    }
+
+    /// <summary>
+    /// Lists active database grants for a principal.
+    /// GET /api/v1/tenants/grants?principal={principal}
+    /// </summary>
+    [HttpGet("grants")]
+    [ProducesResponseType(200)]
+    [ProducesResponseType(400)]
+    public async Task<ActionResult<List<DatabaseGrantApiResponse>>> ListDatabaseGrants(
+        [FromQuery] string principal,
+        CancellationToken cancellationToken = default)
+    {
+        if (string.IsNullOrWhiteSpace(principal))
+        {
+            return BadRequest(new ErrorResponse { Message = "Principal is required" });
+        }
+
+        var grants = await databaseGrantsRepository.GetPrincipalGrantsAsync(principal, cancellationToken);
+        var response = grants.Select(static grant => new DatabaseGrantApiResponse
+        {
+            GrantId = grant.GrantId,
+            TenantId = grant.TenantId,
+            DatabaseName = grant.DatabaseName,
+            Principal = grant.Principal,
+            Permission = grant.Permission.ToString(),
+            IsGrantable = grant.IsGrantable,
+            CreatedAt = grant.CreatedAt,
+            ExpiresAt = grant.ExpiresAt,
+        }).ToList();
+
+        return Ok(response);
+    }
 }
 
 // API Request/Response DTOs
 
+/// <summary>
+/// Request to grant principal access to a database.
+/// </summary>
+public sealed class GrantDatabaseAccessApiRequest
+{
+    public required string Principal { get; init; }
+    public required string Permission { get; init; }
+    public bool IsGrantable { get; init; }
+}
+
+/// <summary>
+/// Response model representing a database grant.
+/// </summary>
+public sealed class DatabaseGrantApiResponse
+{
+    public required string GrantId { get; init; }
+    public required string TenantId { get; init; }
+    public required string DatabaseName { get; init; }
+    public required string Principal { get; init; }
+    public required string Permission { get; init; }
+    public required bool IsGrantable { get; init; }
+    public required DateTime CreatedAt { get; init; }
+    public required DateTime ExpiresAt { get; init; }
+}
+
 /// <summary>
 /// Request to create a new tenant.
 /// </summary>