Skip to content

feat(scope): fill gaps in Scope Management module [VAN-14]#20

Merged
fr4nc1stein merged 3 commits into
mainfrom
feature/van-14-scope-management-gaps
May 26, 2026
Merged

feat(scope): fill gaps in Scope Management module [VAN-14]#20
fr4nc1stein merged 3 commits into
mainfrom
feature/van-14-scope-management-gaps

Conversation

@fr4nc1stein

@fr4nc1stein fr4nc1stein commented May 26, 2026

Copy link
Copy Markdown
Owner

Summary

Implements the missing capabilities in the /admin/scope module tracked in VAN-14.

Changes

Migration

  • 0011_scope_enhancements.sql — adds 5 new columns to scopes table: allowed_vuln_types, severity_restriction, notes, exclusion_paths, deleted_at

Schema

  • lib/db/schema.ts — new fields typed in Drizzle

API

  • GET /api/admin/scopes — filters out soft-deleted records (deleted_at IS NULL)
  • POST /api/admin/scopes — accepts and persists new fields
  • PATCH /api/admin/scopes/[id] — updates new fields
  • DELETE /api/admin/scopes/[id]soft-delete (sets deleted_at) instead of hard delete
  • GET /api/scopes — filters deleted, exposes new fields to the submission form

Admin UI (/admin/scope)

  • New fields in add/edit modal: allowed vuln types (multi-select chips), severity restriction (multi-select chips), notes, exclusion paths
  • Archive dialog replaces the destructive delete dialog

Submission form (/submit)

  • Scope restrictions banner shown when a target with restrictions is selected
  • Vulnerability type dropdown filtered to allowed types only
  • Severity cards filtered to allowed severities only

🤖 Generated with Claude Code

fr4nc1stein and others added 3 commits May 25, 2026 17:48
@fr4nc1stein @claude
feat(scope): fill gaps in Scope Management module
882633e 
- Migration 0011: add allowed_vuln_types, severity_restriction, notes,
  exclusion_paths, deleted_at columns to scopes table
- Schema: new fields typed in Drizzle schema
- GET /api/admin/scopes: filter soft-deleted records
- POST /api/admin/scopes: accept and persist new fields
- PATCH /api/admin/scopes/[id]: update new fields
- DELETE /api/admin/scopes/[id]: soft-delete (sets deleted_at) instead of hard delete
- GET /api/scopes: filter deleted, expose new fields to submission form
- Admin scope page: new fields in add/edit modal (vuln types, severity,
  notes, exclusion paths), archive dialog replaces delete dialog
- Submit page: shows scope restrictions banner and filters vuln type /
  severity options when a target with restrictions is selected

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@fr4nc1stein
Fix scope restrictions and restore flow
60e37d6
@fr4nc1stein
fix: rename migration 0011 to 0012 to avoid conflict with user audit …
fd40df9 
…logs migration
@fr4nc1stein fr4nc1stein force-pushed the feature/van-14-scope-management-gaps branch from c4efe3a to fd40df9 Compare May 26, 2026 00:49
@fr4nc1stein fr4nc1stein merged commit 724cacc into main May 26, 2026
2 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fr4nc1stein