TenantAtlas

Author SHA1 Message Date

Author	SHA1	Message	Date
ahmido	440e63edff	feat: implement tenant action taxonomy lifecycle visibility (#174 ) ## Summary Implements Spec 145 for tenant action taxonomy and lifecycle-safe visibility. This PR: - adds a central tenant action policy surface and supporting value objects - aligns tenant list, detail, edit, onboarding, and widget surfaces around lifecycle-safe actions - standardizes operator-facing lifecycle wording around View, Resume onboarding, Archive, Restore, and Complete onboarding - tightens onboarding and tenant lifecycle authorization semantics, including honest 404 vs 403 behavior - updates related regression coverage and spec artifacts for Spec 145 - fixes follow-on full-suite regressions uncovered during validation, including onboarding browser flows, provider consent fixtures, workspace redirect DI expectations, and critical table/action/UI expectation drift ## Validation Executed and passed: - vendor/bin/sail bin pint --dirty --format agent - vendor/bin/sail artisan test --compact Result: - 2581 passed - 8 skipped - 13534 assertions ## Notes - Base branch: dev - Feature branch commit: `a33a41b` - Filament v5 / Livewire v4 compliance preserved - No panel provider registration changes; Laravel 12 provider registration remains in bootstrap/providers.php - No new globally searchable resource behavior added in this slice - Destructive lifecycle actions remain confirmation-gated and authorization-protected Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #174	2026-03-16 00:57:17 +00:00
ahmido	3490fb9e2c	feat: RBAC troubleshooting & tenant UI bugfix pack (spec 067) (#84 ) Summary Implements Spec 067 “RBAC Troubleshooting & Tenant UI Bugfix Pack v1” for the tenant admin plane (/admin) with strict RBAC UX semantics: Non-member tenant scope ⇒ 404 (deny-as-not-found) Member lacking capability ⇒ 403 server-side, while the UI stays visible-but-disabled with standardized tooltips What changed Tenant view header actions now use centralized UI enforcement (no “normal click → error page” for readonly members). Archived tenants remain resolvable in tenant-scoped routes for entitled members; an “Archived” banner is shown. Adds tenant-scoped diagnostics page (/admin/t/{tenant}/diagnostics) with safe repair actions (confirmation + authorization + audit log). Adds/updates targeted Pest tests to lock the 404 vs 403 semantics and action UX. Implementation notes Livewire v4.0+ compliance: Uses Filament v5 + Livewire v4 conventions; widget Blade views render a single root element. Provider registration: Laravel 11+ providers stay in providers.php (no changes required). Global search: No global search behavior/resources changed in this PR. Destructive actions: Tenant archive/restore/force delete and diagnostics repairs execute via ->action(...) and include ->requiresConfirmation(). Server-side authorization is enforced (non-members 404, insufficient capability 403). Assets: No new assets. No change to php artisan filament:assets expectations. Tests Ran: vendor/bin/sail bin pint --dirty vendor/bin/sail artisan test --compact (focused files for Spec 067) Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box> Reviewed-on: #84	2026-01-31 20:09:25 +00:00

ahmido

440e63edff

feat: implement tenant action taxonomy lifecycle visibility (#174 )

## Summary

Implements Spec 145 for tenant action taxonomy and lifecycle-safe visibility.

This PR:
- adds a central tenant action policy surface and supporting value objects
- aligns tenant list, detail, edit, onboarding, and widget surfaces around lifecycle-safe actions
- standardizes operator-facing lifecycle wording around View, Resume onboarding, Archive, Restore, and Complete onboarding
- tightens onboarding and tenant lifecycle authorization semantics, including honest 404 vs 403 behavior
- updates related regression coverage and spec artifacts for Spec 145
- fixes follow-on full-suite regressions uncovered during validation, including onboarding browser flows, provider consent fixtures, workspace redirect DI expectations, and critical table/action/UI expectation drift

## Validation

Executed and passed:
- vendor/bin/sail bin pint --dirty --format agent
- vendor/bin/sail artisan test --compact

Result:
- 2581 passed
- 8 skipped
- 13534 assertions

## Notes

- Base branch: dev
- Feature branch commit: a33a41b
- Filament v5 / Livewire v4 compliance preserved
- No panel provider registration changes; Laravel 12 provider registration remains in bootstrap/providers.php
- No new globally searchable resource behavior added in this slice
- Destructive lifecycle actions remain confirmation-gated and authorization-protected

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #174

2026-03-16 00:57:17 +00:00

ahmido

3490fb9e2c

feat: RBAC troubleshooting & tenant UI bugfix pack (spec 067) (#84 )

Summary
Implements Spec 067 “RBAC Troubleshooting & Tenant UI Bugfix Pack v1” for the tenant admin plane (/admin) with strict RBAC UX semantics:

Non-member tenant scope ⇒ 404 (deny-as-not-found)
Member lacking capability ⇒ 403 server-side, while the UI stays visible-but-disabled with standardized tooltips
What changed
Tenant view header actions now use centralized UI enforcement (no “normal click → error page” for readonly members).
Archived tenants remain resolvable in tenant-scoped routes for entitled members; an “Archived” banner is shown.
Adds tenant-scoped diagnostics page (/admin/t/{tenant}/diagnostics) with safe repair actions (confirmation + authorization + audit log).
Adds/updates targeted Pest tests to lock the 404 vs 403 semantics and action UX.
Implementation notes
Livewire v4.0+ compliance: Uses Filament v5 + Livewire v4 conventions; widget Blade views render a single root element.
Provider registration: Laravel 11+ providers stay in providers.php (no changes required).
Global search: No global search behavior/resources changed in this PR.
Destructive actions:
Tenant archive/restore/force delete and diagnostics repairs execute via ->action(...) and include ->requiresConfirmation().
Server-side authorization is enforced (non-members 404, insufficient capability 403).
Assets: No new assets. No change to php artisan filament:assets expectations.
Tests
Ran:

vendor/bin/sail bin pint --dirty
vendor/bin/sail artisan test --compact (focused files for Spec 067)

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #84

2026-01-31 20:09:25 +00:00

2 Commits