21 console areas
116 scaffolded
182 guarded action contracts
21 destructive
not loaded
9 Java exports missing
Admin Console Parity Command Center
Every Java Administrator function stays visible here until it has UI, API/backend behavior, RBAC, audit, tests, and live evidence.
Live Mirth API Inventory
Loaded from the active server's OpenAPI document so our replacement maps to real server endpoints.
The active server did not return OpenAPI metadata.
Risk Buckets
Write, deploy, security, extension, and destructive functions stay locked until their guards exist.
read77
write101
destructive21
deploy26
security20
extension14
Repeatable Parity Review
This is the running audit so we can review the Java console coverage again and again without hand-waving.
Every Java Admin capability has one parity row.
Every parity row gets an action contract before it is considered covered.
Every write/deploy/destructive/security action requires guards before execution.
Every code-editing surface must load live state, support draft editing, validate, diff, export, and plan guarded save.
Every production write remains locked until RBAC, audit, snapshot, diff, deploy note, and rollback are verified.
Java Admin Fixture Round Trips
Export fixtures from the Java Administrator, import or replay them through the web console in the lab, then compare the web/API export back to the Java baseline.
Channel XMLJava Admin channel export compared with web/API round-trip channel export.
Channel GroupsJava Admin channel-group export compared with web/API group export.
AlertsJava Admin alert export compared with web/API alert export.
Code TemplatesJava Admin code-template/library export compared with web/API export.
Global ScriptsJava Admin global-script export compared with web/API global-script export.
Server ConfigJava Admin server configuration backup compared with web/API backup.
MessagesJava Admin message export/detail fixture compared with web/API message export/detail.
AttachmentsJava Admin attachment export compared byte-for-byte with web/API attachment export.
ExtensionsJava Admin installed extension behavior compared with web inventory and evidence files.
| Fixture | Status | Java Export | Web/API Round Trip | Evidence | Detail |
|---|---|---|---|---|---|
| Channel XMLChannel XML | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| Channel GroupsChannel Groups | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| AlertsAlerts | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| Code TemplatesCode Templates | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| Global ScriptsGlobal Scripts | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| Server ConfigServer Config | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| MessagesMessages | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| AttachmentsAttachments | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
| ExtensionsExtensions | missing java fixture | not registered | not registered | manifest | No Java Admin fixture is registered for this required parity category. |
Fixture suite: not found · API report: /api/mirth/parity-fixtures
Full Java Console Capability Matrix
This is the actual build checklist. If it is in the Java console, it gets a row, a route, a guard, and evidence.
Server Profiles, Login, And Session8 rows35%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| AUTH-001AUTH | Connect to a Mirth server by URL | Manage server profiles with API URL, environment, TLS mode, health, and active target | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| AUTH-002AUTH | Manage multiple Administrator launcher connections | Per-user multi-server profile list with quick switching across test/stage/prod/DR | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| AUTH-003AUTH | Login to selected server | Server-side credential/token exchange; no Mirth passwords in browser storage | Not started | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| AUTH-004AUTH | First-login/password-change flows | Secure password setup/change flow where supported by target server | Not started | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| AUTH-005AUTH | Session timeout/logoff | Explicit logout, idle timeout, session expiration handling, upstream 401 shown in-page | Not started | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| AUTH-006AUTH | TLS/certificate handling | Trust policy per server profile; cert warnings surfaced without browser secret leakage | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| AUTH-007AUTH | Permissions and roles | RBAC loaded per active server and enforced on every action | Not started | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| AUTH-008AUTH | Active context | Active server, environment, user, write mode, and connection state visible globally | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
App Shell, Tables, And Operator Ergonomics8 rows9%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| UX-001UX | Left navigation/task panel | Full desktop console shell with monitor, management, edit, settings, and admin areas | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| UX-002UX | Context-sensitive tasks | Page/selection-aware action rail or toolbar matching available operations | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| UX-003UX | Sort/filter/select tables | Sortable, filterable, keyboard-friendly tables with multi-select and preserved selection | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| UX-004UX | Show/hide columns | Column picker and saved user preferences per table | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| UX-005UX | Table copy/export ergonomics | Copy selected cells/rows and export visible/search result data where appropriate | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| UX-006UX | Notifications | Notification center for server/product notices and unread state | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| UX-007UX | User API docs link | Open target server User API/Javadocs or local equivalent | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| UX-008UX | Client/REST API docs link | Open target server REST/API docs or local equivalent | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
Dashboard / Monitor18 rows43%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| MON-001MON | Dashboard channel table | Live deployed-channel table by active server | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-002MON | Channel and connector state | Normalize deployed, started, paused, stopped, undeployed, warning, error, unknown | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-003MON | Current and lifetime statistics | Received, sent, filtered, queued, errored by channel and connector, with current/lifetime mode | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-004MON | Auto refresh | Polling/SSE/WebSocket refresh with stale-state indicator and user interval setting | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-005MON | Manual refresh | Refresh current dashboard/table/log/global-map tabs | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-006MON | Channel/name/tag filtering | Filter dashboard by tag, channel name, partial name, and multi-criteria | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-007MON | Server log tab | View, pause/resume, clear local view, search, and export server log stream | Not started | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MON-008MON | Connection log tab | View, pause/resume, clear local view, search, and export connection log stream | Not started | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MON-009MON | Global maps tab | View global map and per-channel global channel map entries with long-value inspection | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-010MON | Send message task | Send a payload to a selected channel with source/metadata options and audit | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| MON-011MON | View messages task | Open message browser scoped to selected channel | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MON-012MON | Remove all messages | Destructive purge of channel message/attachment data with hard confirmation and audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| MON-013MON | Clear statistics | Reset current/lifetime statistics at channel/connector scope with audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| MON-014MON | Start/resume | Start selected channel(s)/connector(s), honoring dependency workflow | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MON-015MON | Pause | Pause selected channel(s), honoring dependency workflow | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MON-016MON | Stop | Gracefully stop selected channel(s)/connector(s), honoring dependency workflow | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MON-017MON | Halt | Immediate halt behavior with unfinished-message warning and audit | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MON-018MON | Undeploy from dashboard | Undeploy selected deployed channel(s), honoring dependency workflow | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
Message Browser24 rows53%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| MSG-001MSG | Navigate from dashboard/channels | Open message browser scoped to channel/server context | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-002MSG | Search messages | Search by channel, date range, status, connector, message ID, metadata, and content | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-003MSG | Advanced search filters | Boolean/filter builder for content, metadata, connector, status, and case-insensitive operators | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-004MSG | Count and pagination | Count results, page through stable result sets, preserve max message ID behavior | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-005MSG | Refresh search page | Refresh current page without pulling newer messages into the result set unexpectedly | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-006MSG | Metadata table | Message result table with standard metadata columns and custom metadata columns | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-007MSG | Add/remove metadata columns | User-customizable metadata result columns | Scaffolded | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| MSG-008MSG | Content tab | Raw, processed raw, transformed, encoded, sent, response, and response-transformed content tabs | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-009MSG | Content formatting | Pretty print XML/JSON and preserve raw/plain views | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-010MSG | Mappings tab | Show connector/channel/source/response map content for selected message | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-011MSG | Errors tab | Show error details, type/category, exception message, stack/source context where available | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-012MSG | Attachments tab | Attachment table with metadata, size, type, and download/export actions | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-013MSG | Text attachment viewer | Render text attachments safely | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-014MSG | Image attachment viewer | Render image attachments safely | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-015MSG | DICOM attachment viewer | Render/download DICOM attachment with metadata-safe viewer or fallback download | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-016MSG | PDF attachment viewer | Render/download PDF attachment safely | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-017MSG | Import messages | Import messages from file into channel message data with audit and clear non-processing warning | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| MSG-018MSG | Export results | Export all search matches, not just current page, with format/password options where supported | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| MSG-019MSG | Remove results | Destructive remove of selected/search-result messages with hard confirmation and audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| MSG-020MSG | Remove all messages | Destructive channel-wide purge from browser context with hard confirmation and audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| MSG-021MSG | Reprocess results | Reprocess all selected/search-result messages with idempotency and audit | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MSG-022MSG | Reprocess message | Reprocess a single message/connector message with target options | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MSG-023MSG | Export attachment | Export/download selected attachment | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MSG-024MSG | Send message from browser | Send new payload to current channel from message browser | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
Alerts11 rows46%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| ALT-001ALT | Alerts table | View enabled state, alert name/ID, and trigger/action counters | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| ALT-002ALT | Refresh alerts | Manual and auto-refresh alert state | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| ALT-003ALT | New/edit/delete alert | Full alert CRUD with guarded destructive delete | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| ALT-004ALT | Import/export alerts | Import one alert, export selected/all alerts as XML | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| ALT-005ALT | Enable/disable alert | Guarded alert activation/deactivation with audit | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| ALT-006ALT | Error trigger config | Configure error types, categories, regex, and channel scope | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| ALT-007ALT | Enabled channels | Select all/specific channels the alert applies to | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| ALT-008ALT | Alert actions | Configure channel dispatch, email, user, and role actions where supported | Scaffolded | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| ALT-009ALT | Alert templates/variables | Subject/body/template editor with supported variables and validation | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| ALT-010ALT | Save/export from edit view | Save current alert and export current alert XML | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| ALT-011ALT | Advanced alerting extension | Metric/escalation/schedule/throttle panels when extension exists | Extension-dependent | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
Events And Audit6 rows53%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| EVT-001EVT | Events table | View user/system events for active server | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| EVT-002EVT | Event metadata/attributes | Show event metadata and attribute details | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| EVT-003EVT | PHI event visibility | Permission-aware PHI event display and redaction | Scaffolded | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| EVT-004EVT | Event search | Search by date, user, type, outcome, metadata, and advanced filters | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| EVT-005EVT | Export all events | Export event history with audit/reporting controls | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| EVT-006EVT | Web console audit trail | Store this app's own read/write/deploy/approval actions in a database-backed immutable audit ledger with operator/server identity, references, reporting, and exports | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
Channels And Groups23 rows33%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| CH-001CH | Channel table | List channels with ID, name, revision, deployed/enabled state, group, tags, invalid state | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CH-002CH | Channel groups display | Show/hide groups, default group, group rows, group membership | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CH-003CH | Tag display and filtering | Filter and display channels by name/tag with same semantics across monitor/channels | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CH-004CH | Drag/drop channel grouping | Assign channels to groups using UI actions and accessible fallback | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-005CH | Drag/drop XML import | Import channel/group XML files, including multi-file import | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-006CH | Get channel name/ID | Copy channel name/ID quickly | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CH-007CH | Refresh channels | Refresh channel table | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CH-008CH | Redeploy all | Undeploy all then deploy enabled channels with dependency and audit workflow | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| CH-009CH | Deploy channel/group | Deploy selected channels or group with diff, snapshot, note, dependency handling | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| CH-010CH | Debug channel | Deploy selected channel in debug mode for selected scripts | Scaffolded | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| CH-011CH | New channel | Create draft channel before saving to server | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-012CH | Import channel | Import channel XML, handle name collisions, optionally include code template libraries | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-013CH | Export selected/all channels | Export channel XML with optional linked code template libraries | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CH-014CH | Delete channel | Destructive delete with message/attachment deletion warning, snapshot, confirmation, audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| CH-015CH | Clone channel | Clone selected channel into unsaved draft with unique-name prompt | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-016CH | Edit channel | Open channel Studio for selected channel | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-017CH | Enable/disable channel | Toggle deploy eligibility without confusing current deployed state | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| CH-018CH | View channel messages | Open message browser for selected channel | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CH-019CH | View channel history | Show installed channel history/version extension when available | Extension-dependent | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| CH-020CH | Save group changes | Persist group reorder/membership/detail changes | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-021CH | Assign to group | Move selected channels to group | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CH-022CH | New/edit/delete group | Channel group CRUD with default-group behavior | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| CH-023CH | Import/export groups | Import/export selected/all channel group XML, with code-template option | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
Channel Studio / Edit Channel23 rows37%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| EDIT-001EDIT | Summary tab | Edit channel name, ID, revision, enabled flag, tags, description | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-002EDIT | Data type window | Set inbound/outbound data types and properties with bulk edit mode | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-003EDIT | Dependencies window | Link code template libraries, library resources, deploy/start dependencies, stop/pause/undeploy behavior | Scaffolded | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| EDIT-004EDIT | Attachment handlers | Configure entire-message, regex, DICOM, JavaScript, custom handlers, extraction/reattachment/MIME rules | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-005EDIT | Message storage settings | Complete message-storage slider/options and encryption/persistence settings | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-006EDIT | Message pruning settings | Channel-level pruning/retention settings | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-007EDIT | Custom metadata columns | Add/edit/remove metadata columns and search integration | Scaffolded | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| EDIT-008EDIT | Source tab | Choose source connector and edit source connector settings | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-009EDIT | Listener settings | Listener binding/port/protocol settings where applicable | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-010EDIT | Polling settings | Interval, time, cron, and advanced polling settings | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-011EDIT | Source HTTP auth | None/basic/digest/JavaScript/custom class/OAuth token verification where supported | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-012EDIT | Source connector properties | Dynamic source connector property renderer | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-013EDIT | Destinations tab | Destination table with status, name, ID, type, chain, order | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-014EDIT | Destination CRUD/order | New/delete/clone/enable/disable/move destinations | Scaffolded | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| EDIT-015EDIT | Destination queue settings | Queue mode, retry count/interval, rotation, regeneration, include filter/transformer, threads, assignment, buffer | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-016EDIT | Destination response handling | Response validation and attachment reattachment settings | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-017EDIT | Destination mappings panel | Drag/drop standard variables, mapper variables, and templates into connector fields | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-018EDIT | Destination response transformer | Edit response transformer for selected destination | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-019EDIT | Channel scripts | Deploy, undeploy, preprocessor, postprocessor channel scripts | Scaffolded | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| EDIT-020EDIT | Save changes | Save new channel revision only when changed | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-021EDIT | Validate connector | Validate current connector properties and script syntax | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-022EDIT | Import/export connector | Import/export source or destination connector XML including filter/transformer | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| EDIT-023EDIT | Export/deploy/debug from editor | Export current channel, deploy current channel, debug current channel | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
Data Types10 rows35%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| DT-001DT | Delimited text data type | Inbound/outbound property editor and batch options | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-002DT | DICOM data type | Inbound/outbound property editor and attachment considerations | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-003DT | EDI/X12 data type | Inbound/outbound property editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-004DT | HL7 v2.x data type | Parser/serializer/batch property editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-005DT | HL7 v3.x data type | Parser/serializer property editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-006DT | JSON data type | Parser/serializer property editor and formatting support | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-007DT | NCPDP data type | Parser/serializer property editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-008DT | Raw data type | Raw inbound/outbound property editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-009DT | XML data type | XML parser/serializer property editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DT-010DT | Batch processing | Batch settings and JavaScript batch script editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
Built-In Source Connector Types10 rows34%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| SRC-001SRC | Channel Reader | Full property editor and source map variable support | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-002SRC | DICOM Listener | Full property editor and DICOM listener-specific validation | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-003SRC | Database Reader | SQL/driver/resource editor, poll schedule, driver management hooks | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-004SRC | File Reader | File/FTP/SFTP/SMB/S3 editor, post-processing, polling, encoding | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-005SRC | HTTP Listener | Listener endpoint, response, auth, header/body handling | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SRC-006SRC | JMS Listener | JMS connection/template editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-007SRC | JavaScript Reader | JavaScript reader editor and return-value handling | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-008SRC | TCP Listener | Basic/MLLP transmission mode editor, byte settings, source map variables | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-009SRC | Web Service Listener | SOAP/web-service listener property editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SRC-010SRC | Extension source connectors | Dynamic schemas for installed source connector extensions | Extension-dependent | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
Built-In Destination Connector Types12 rows34%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| DEST-001DEST | Channel Writer | Full property editor and target channel validation | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-002DEST | DICOM Sender | DICOM send property editor and response handling | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-003DEST | Database Writer | SQL/resource/driver editor with safe secret handling | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-004DEST | Document Writer | Document template/output editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-005DEST | File Writer | File/FTP/SFTP/SMB/S3 output editor and templates | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-006DEST | HTTP Sender | Method/URL/headers/body/auth/response editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-007DEST | JMS Sender | JMS connection/template editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-008DEST | JavaScript Writer | JavaScript writer editor and return-value handling | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-009DEST | SMTP Sender | SMTP/email editor with server settings integration | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-010DEST | TCP Sender | Basic/MLLP transmission editor and response options | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-011DEST | Web Service Sender | SOAP/web-service sender editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| DEST-012DEST | Extension destination connectors | Dynamic schemas for installed destination connector extensions | Extension-dependent | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
Filters, Transformers, And Response Transformers16 rows35%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| FT-001FT | Message templates tab | Inbound/outbound templates, data type editing, template specification | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| FT-002FT | Message trees tab | Parse message/template trees, filter nodes, expand/collapse, drag/drop values | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| FT-003FT | Reference tab | Variables, helper methods, code templates, drag/drop into editor | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| FT-004FT | Create rule/step from tree | Create rule builder, mapper, message builder steps from selected node | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| FT-005FT | Filter rule table | Add/delete/reorder rules with enabled/disabled state and selection | Scaffolded | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| FT-006FT | Rule types | Rule builder, JavaScript, external script, iterator | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| FT-007FT | Transformer step table | Add/delete/reorder steps with enabled/disabled state and selection | Scaffolded | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| FT-008FT | Step types | Mapper, message builder, JavaScript, external script, XSLT, destination set filter, iterator | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| FT-009FT | Iterators | Assign/remove nested rules/steps to/from iterators | Scaffolded | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| FT-010FT | Generated script view | View generated script for rules/steps/iterators without editing it | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| FT-011FT | Import/export filters | Import append/replace and export filter XML | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| FT-012FT | Import/export transformers | Import append/replace and export transformer XML | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| FT-013FT | Validate filter/rule | Validate full filter and selected rule | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| FT-014FT | Validate transformer/step | Validate full transformer and selected step | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| FT-015FT | Move rule/step up/down | Preserve iterator semantics while reordering | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| FT-016FT | Response transformer scenarios | Modify destination response and common response-handling patterns | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
Script IDE, JavaScript Tooling, And Debugger9 rows19%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| JS-001JS | JavaScript editor | Syntax highlighting, line numbers, folding, selection, search/find/replace | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| JS-002JS | Context menu | Editor context menu actions matching common Java client operations | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| JS-003JS | Auto-completion | Mirth variables, map APIs, built-in templates, JSDoc templates, user templates | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| JS-004JS | Shortcut remapping/preferences | User-specific editor shortcut and editor behavior preferences | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| JS-005JS | Variable maps reference | connectorMap, channelMap, sourceMap, responseMap, globalChannelMap, globalMap, configurationMap lookup help | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| JS-006JS | Attachment functions reference | Attachment helper functions/classes and examples in reference panel | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| JS-007JS | User API/Javadocs reference | Open/inline target server user API docs | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| JS-008JS | Debugger | Script debugger window/workflow: deploy in debug mode, break/step/inspect where supported | Scaffolded | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| JS-009JS | Debugger menus/actions | File/edit/debug/window actions or web equivalents | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
Global Scripts7 rows70%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| GS-001GS | Edit global deploy script | Global deploy script editor with validation | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| GS-002GS | Edit global undeploy script | Global undeploy script editor with validation | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| GS-003GS | Edit global preprocessor | Global preprocessor editor and precedence explanation | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| GS-004GS | Edit global postprocessor | Global postprocessor editor and response handling | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| GS-005GS | Save scripts | Save all global scripts with audit and snapshot | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| GS-006GS | Validate script | Validate current global script | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| GS-007GS | Import/export scripts | Import/export all global scripts XML | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
Code Templates8 rows48%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| CT-001CT | Library table | Create/edit/delete libraries, revisions, descriptions | Scaffolded | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| CT-002CT | Link libraries to channels | Channel/library linking with impact graph | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CT-003CT | Template editor | Function/snippet/template editor with revision tracking | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CT-004CT | Template contexts | Context selector for where template is available | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CT-005CT | JSDoc support | JSDoc parsing/update and autocomplete integration | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| CT-006CT | Refresh/save changes | Refresh with unsaved-change prompt, save templates/libraries with revision increment | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CT-007CT | Import/export libraries/templates | Import/export code templates and libraries XML | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| CT-008CT | Usage search | Show channels/scripts that reference template/library | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
Users, Roles, And Access7 rows41%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| USER-001USER | Users table | View username, name, email, phone, org, role/business fields, last login, description | Scaffolded | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| USER-002USER | Refresh users | Refresh users table | Scaffolded | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| USER-003USER | New/edit user | User create/edit form with validation and audit | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| USER-004USER | Delete user | Destructive user removal with confirmation and audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| USER-005USER | Roles/permissions | Role-based operation restrictions where supported/installed | Scaffolded | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| USER-006USER | External auth/LDAP | LDAP authorization panels where extension exists | Extension-dependent | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| USER-007USER | MFA | MFA enrollment/admin panels where extension exists | Extension-dependent | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
Settings27 rows62%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| SET-001SET | Server settings/general | Server-level environment/general settings editor | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-002SET | Server channel settings | Default channel behavior/settings editor | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-003SET | Server email/SMTP settings | SMTP settings editor with auth modes supported by target server | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-004SET | Server notification settings | Notification/news settings editor | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-005SET | Backup config | Export server configuration snapshot with exclusions clearly shown | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-006SET | Restore config | Destructive restore workflow with snapshot, diff, confirmation, and audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| SET-007SET | Clear all statistics | Server-wide statistics reset with confirmation and audit | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| SET-008SET | Administrator system preferences | Web equivalent for system preferences | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-009SET | Administrator user preferences | Per-user UI/export/import preferences | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-010SET | Code editor preferences | Editor settings, shortcuts, autocomplete behavior | Scaffolded | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-011SET | Restore default preferences | Reset local/user web preferences | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-012SET | Tags table | Add/remove tags and view channel assignment state | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| SET-013SET | Tag assignment | Assign tags to channels, including partial/indeterminate state | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-014SET | Configuration map | Add/edit/remove key/value config map entries | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| SET-015SET | Import/export config map | Import/export map properties with overwrite warning | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-016SET | Database tasks | List database cleanup/optimization tasks and affected channels | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-017SET | Run database task | Run selected DB task with risk warning, audit, and progress | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-018SET | Resources table | Resource list with type, context, and status | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-019SET | Add/remove resource | Resource CRUD with dependency checks | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| SET-020SET | Reload resource | Reload resource on server with status/audit | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| SET-021SET | Directory resource | Directory/classpath resource editor | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-022SET | Resource usage | Link resources to channels/connectors and show impact graph | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-023SET | Data pruner status | Show current pruner state and last/next run | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-024SET | Data pruner schedule | Enable/disable recurring pruning and configure schedule | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SET-025SET | Prune settings | Event/message/content pruning settings | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SET-026SET | Archive settings | Archive file/folder/zip/password/pattern settings | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| SET-027SET | Prune now/stop pruner | Manual prune and stop workflow with confirmation and audit | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
Extensions And Plugins8 rows59%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| EXT-001EXT | Installed connector table | View connector extensions, status, author, URL, version | API wired | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| EXT-002EXT | Installed plugin table | View plugin extensions, status, author, URL, version | API wired | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| EXT-003EXT | Install extension | Upload/install extension ZIP with restart warning | API wired | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| EXT-004EXT | Enable/disable extension | Guarded enable/disable with restart requirement and dependency impact | API wired | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| EXT-005EXT | Show properties | Extension property/details modal | API wired | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| EXT-006EXT | Uninstall extension | Destructive uninstall with restart requirement and dependency impact | API wired | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| EXT-007EXT | Extension-specific views | Plugin architecture for installed extension panels | Scaffolded | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
| EXT-008EXT | Commercial/optional connectors | FHIR, email reader, serial, ASTM, SSL manager, clustering, advanced alerting, CDR, and other extension panels when installed | Extension-dependent | extension | RBAC permission check · audit log entry · active server context · operator confirmation · extension installed check · restart/dependency impact warning |
Import / Export / Backup Safety8 rows44%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| IO-001IO | Channel XML import/export | Round-trip channel XML without semantic drift | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| IO-002IO | Group XML import/export | Round-trip channel group XML without semantic drift | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| IO-003IO | Alert XML import/export | Round-trip alert XML without semantic drift | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| IO-004IO | Global script XML import/export | Round-trip script XML without semantic drift | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| IO-005IO | Code template XML import/export | Round-trip code template/library XML without semantic drift | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| IO-006IO | Connector XML import/export | Round-trip connector XML including filters/transformers | Not started | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| IO-007IO | Server config backup/restore | Backup/restore server config with documented exclusions | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| IO-008IO | Export diff evidence | Compare exported XML before/after web edits against Java Admin output | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
Multi-Server, Promotion, And Safer-Than-Java Enhancements7 rows50%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| MS-001MS | Single-server Java session | Multi-server switcher for existing Mirth, BridgeLink, test, stage, prod, DR | Scaffolded | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MS-002MS | No built-in promotion flow | Original dev-to-stage-to-prod promotion workflow with diffs and approval | Not started | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| MS-003MS | Java save/deploy flow | Draft workspace so editing does not touch live Mirth until approved | Scaffolded | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MS-004MS | Manual safety habits | Required export snapshot before deploy/delete/restore | API wired | destructive | RBAC permission check · audit log entry · active server context · operator confirmation · live export/backup snapshot · hard confirmation phrase · rollback or irreversibility note |
| MS-005MS | Manual review | Human-readable diff plus raw XML diff before deploy | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MS-006MS | Manual rollback | Rollback pointer and restore workflow for channel/template/script changes | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
| MS-007MS | Scattered audit | Database-backed immutable audit with operator/server identity, before/after/diff/rollback refs, hash chain, and JSON/CSV reporting | API wired | deploy | RBAC permission check · audit log entry · active server context · operator confirmation · live XML export · draft-to-live diff · deploy note · rollback snapshot |
Security Hardening9 rows70%
| ID | Capability | Web Requirement | Status | Risk | Guard Requirements |
|---|---|---|---|---|---|
| SEC-001SEC | Admin launcher TLS trust | Per-profile TLS trust rules; production/DR cannot disable verification without explicit override | API wired | write | RBAC permission check · audit log entry · active server context · operator confirmation · validation result · rollback or restore plan where applicable |
| SEC-002SEC | Desktop app boundary | Same-origin CSRF cookie/header enforcement on every mutating web API | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SEC-003SEC | Local credential storage | Stored server credentials encrypted with an operator-supplied key and `0600` profile files | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| SEC-004SEC | PHI-aware message reads | Message content/maps/errors/attachment previews redacted unless PHI view permission is enabled | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| SEC-005SEC | PHI export guard | Attachment export/download blocked unless PHI export permission is enabled | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |
| SEC-006SEC | Abuse throttling | In-memory read/write API rate limits with `429` and `Retry-After` | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SEC-007SEC | Input validation | JSON body size/type checks, bounded strings, safe identifiers, bounded query limits | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SEC-008SEC | Safe logging/audit | Secrets and sensitive tokens redacted before audit/log storage | API wired | read | RBAC permission check · audit log entry for PHI/sensitive reads where needed |
| SEC-009SEC | Browser security headers | CSP, frame-deny, nosniff, referrer, permissions-policy, COOP/CORP on app/API responses | API wired | security | RBAC permission check · audit log entry · active server context · operator confirmation · session re-check · least-privilege role mapping · sensitive-field redaction |