Skip to content

cloudbun/floatbox

Repository files navigation

Floatbox — User Access Review Tool

A browser-based User Access Review (UAR) tool that matches employee records from an HR Source of Truth against satellite system exports (Okta, AWS IAM, SAP, etc.) to surface risk: terminated employees with active accounts, orphan accounts, and other access anomalies.

All processing happens client-side via WebAssembly (Go) and Web Workers — no data leaves the browser.

Quick Start

Docker Compose (build + run)

Builds the Go WASM engine and the Vite frontend inside the image, then serves the static bundle on port 8443:

docker compose up --build      # build image and start
docker compose up -d            # start in background
docker compose down             # stop and remove

Open http://localhost:8443.

The compose service runs read-only, drops all Linux capabilities, and is capped at 128 MB / 0.5 CPU — see docker-compose.yml.

Docker (pull from GHCR)

docker run -p 8443:8080 ghcr.io/cloudbun/floatbox:latest

Local Development

Requires Go 1.23+ and Node 22+.

npm install
make dev

Build

make build       # Go WASM + Vite build → dist/

How It Works

  1. Upload — Drop a Source of Truth CSV (HR system export) and one or more satellite CSVs (Okta, AWS, SAP, etc.)
  2. Map Columns — Auto-detected or manually mapped to canonical fields (employee ID, name, email, status)
  3. Process — A Go WASM engine indexes the SoT, then Web Workers join each satellite file in parallel
  4. Review — Interactive report with risk scoring, filtering, bulk actions, and per-row review decisions
  5. Export — Download the completed review as CSV, XLSX, or a standalone HTML compliance report

Exports

The Export panel at the end of the review offers three outputs:

  • CSV — raw records only, generated natively (no dependencies).
  • XLSX — multi-sheet workbook, lazy-loads SheetJS on first use.
  • Compliance Report — a self-contained HTML report with every record, risk scores, per-row review decisions, and the full audit log. Generated by src/ts/utils/report-generator.ts and triggered from the "Compliance Report" button in ExportPanel.

Project Structure

src/go/          Go WASM engine (join, conflict detection, risk scoring)
src/ts/          React frontend (Vite + Tailwind)
tests/           Playwright E2E and Vitest unit tests
public/          Static assets and compiled WASM binary
uar_sample_data/ Sample CSVs for testing

Sample Data

Drop the files from uar_sample_data/ into the app to exercise the full pipeline. See uar_sample_data/README.txt for built-in test scenarios (terminated employees, orphan accounts, fuzzy matches, etc.)

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors