6f8eb28ca2
9 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
| 6f8eb28ca2 |
feat: add tenant backup health signals (#212)
## Summary - add the Spec 180 tenant backup-health resolver and value objects to derive absent, stale, degraded, healthy, and schedule-follow-up posture from existing backup and schedule truth - surface backup posture and reason-driven drillthroughs in the tenant dashboard and preserve continuity on backup-set and backup-schedule destinations - add deterministic local/testing browser-fixture seeding plus a local fixture-login helper for the blocked drillthrough `403` scenario, along with the related spec artifacts and focused regression coverage ## Testing - `vendor/bin/sail artisan test --compact tests/Feature/Auth/BackupHealthBrowserFixtureLoginTest.php tests/Feature/Console/TenantpilotSeedBackupHealthBrowserFixtureCommandTest.php` - `vendor/bin/sail artisan test --compact tests/Unit/Support/BackupHealth/TenantBackupHealthResolverTest.php tests/Feature/Filament/DashboardKpisWidgetTest.php tests/Feature/Filament/NeedsAttentionWidgetTest.php tests/Feature/Filament/TenantDashboardTruthAlignmentTest.php tests/Feature/Filament/TenantDashboardTenantScopeTest.php tests/Feature/Filament/TenantDashboardDbOnlyTest.php tests/Feature/Filament/BackupSetListContinuityTest.php tests/Feature/Filament/BackupSetEnterpriseDetailPageTest.php tests/Feature/BackupScheduling/BackupScheduleLifecycleTest.php tests/Feature/Auth/BackupHealthBrowserFixtureLoginTest.php tests/Feature/Console/TenantpilotSeedBackupHealthBrowserFixtureCommandTest.php` ## Notes - Filament v5 / Livewire v4 compliant; no panel-provider change was needed, so `bootstrap/providers.php` remains unchanged - no new globally searchable resource was introduced, so global-search behavior is unchanged - no new destructive action was added; existing destructive actions and confirmation behavior remain unchanged - no new asset registration was added; the existing deploy-time `php artisan filament:assets` step remains sufficient - the local fixture login helper route is limited to `local` and `testing` environments - the focused and broader Spec 180 packs are green; the full suite was not rerun after these changes Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #212 |
|||
| 1142d283eb |
feat: Spec 178 — Operations Lifecycle Alignment & Cross-Surface Truth Consistency (#209)
## Spec 178 — Operations Lifecycle Alignment & Cross-Surface Truth Consistency Härtet die Run-Lifecycle-Wahrheit und Cross-Surface-Konsistenz über alle zentralen Operator-Flächen hinweg. ### Kern-Änderungen **Lifecycle Truth Alignment** - Einheitliche stale/stuck-Semantik zwischen Tenant-, Workspace-, Admin- und System-Surfaces - `OperationRunFreshnessState` wird konsistent über alle Widgets und Seiten propagiert - Gemeinsame Problem-Klassen-Trennung: `terminal_follow_up` vs. `active_stale_attention` **BulkOperationProgress Freshness** - Overlay zeigt nur noch `healthyActive()` Runs statt alle aktiven Runs - Likely-stale Runs halten das Polling nicht mehr künstlich aktiv - Terminal Runs verschwinden zeitnah aus dem Progress-Overlay **Decision Zone im Run Detail** - Stale/reconciled Attention in der primären Decision-Hierarchie - Klare Antworten: aktiv? stale? reconciled? nächster Schritt? - Artifact-reiche Runs behalten Lifecycle-Truth vor Deep-Diagnostics **Cross-Surface Link-Continuity** - Dashboard → Operations Hub → Run Detail erzählen dieselbe Geschichte - Notifications referenzieren korrekte Problem-Klasse - Workspace/Tenant-Attention verlinken problemklassengerecht **System-Plane Fixes** - `/system/ops/failures` 500-Error behoben (panel-sichere Artifact-URLs) - System-Stuck/Failures zeigen reconciled stale lineage ### Weitere Fixes - Inventory auth guard bereinigt (Gate statt ad-hoc Facades) - Browser-Smoke-Tests stabilisiert (DOM-Assertions statt fragile Klicks) - Test-Assertion-Drift für Verification/Lifecycle-Texte korrigiert ### Test-Ergebnis Full Suite: **3269 passed**, 8 skipped, 0 failed ### Spec-Artefakte - `specs/178-ops-truth-alignment/spec.md` - `specs/178-ops-truth-alignment/plan.md` - `specs/178-ops-truth-alignment/tasks.md` - `specs/178-ops-truth-alignment/research.md` - `specs/178-ops-truth-alignment/data-model.md` - `specs/178-ops-truth-alignment/quickstart.md` - `specs/178-ops-truth-alignment/contracts/operations-truth-alignment.openapi.yaml` Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #209 |
|||
| 3a2a06e8d7 |
feat: align tenant dashboard truth surfaces (#204)
## Summary - align tenant dashboard KPI, attention, compare, and operations truth so the page does not read calmer than the tenant's actual state - preserve tenant-safe drill-through continuity into findings, baseline compare, and canonical operations, including disabled helper states for permission-limited members - add the Spec 173 artifact set and focused regression coverage for dashboard truth alignment and drill-through behavior ## Validation - `vendor/bin/sail bin pint --dirty --format agent` - `vendor/bin/sail artisan test --compact tests/Feature/Filament/DashboardKpisWidgetTest.php tests/Feature/Filament/TenantDashboardTruthAlignmentTest.php tests/Feature/Monitoring/OperationsDashboardDrillthroughTest.php tests/Feature/Filament/NeedsAttentionWidgetTest.php tests/Feature/Filament/BaselineCompareNowWidgetTest.php tests/Feature/Filament/BaselineCompareSummaryConsistencyTest.php tests/Feature/Findings/FindingsListDefaultsTest.php tests/Feature/Findings/FindingsListFiltersTest.php tests/Feature/Findings/FindingAdminTenantParityTest.php tests/Feature/OpsUx/CanonicalViewRunLinksTest.php tests/Feature/Filament/TenantDashboardTenantScopeTest.php tests/Feature/Filament/TenantDashboardDbOnlyTest.php tests/Feature/Filament/TableStandardsBaselineTest.php tests/Feature/Filament/TableDetailVisibilityTest.php` - integrated browser smoke on the tenant dashboard, including a permission-limited member scenario Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #204 |
|||
| 1b88d28739 |
feat: consolidate operation naming surfaces (#202)
## Summary - align operator-visible OperationRun terminology to canonical `Operations` / `Operation` labels across shared links, notifications, verification/onboarding surfaces, summary widgets, and monitoring/detail pages - add the Spec 171 planning artifacts under `specs/171-operations-naming-consolidation/` - close the remaining tenant dashboard and admin copy drift found during browser smoke validation ## Validation - `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && vendor/bin/sail artisan test --compact tests/Unit/Support/RelatedNavigationResolverTest.php tests/Unit/Support/References/RelatedContextReferenceAdapterTest.php tests/Feature/OpsUx/NotificationViewRunLinkTest.php tests/Feature/Guards/ActionSurfaceContractTest.php tests/Feature/Operations/TenantlessOperationRunViewerTest.php tests/Feature/Filament/BackupSetResolvedReferencePresentationTest.php tests/Feature/Filament/TenantVerificationReportWidgetTest.php tests/Feature/Onboarding/OnboardingVerificationTest.php tests/Feature/Onboarding/OnboardingVerificationClustersTest.php tests/Feature/Onboarding/OnboardingVerificationV1_5UxTest.php tests/Feature/Filament/BaselineCompareSummaryConsistencyTest.php tests/Feature/Filament/WorkspaceOverviewContentTest.php tests/Feature/Filament/RecentOperationsSummaryWidgetTest.php tests/Feature/Monitoring/OperationLifecycleAggregateVisibilityTest.php tests/Feature/System/Spec114/OpsTriageActionsTest.php tests/Feature/System/Spec114/OpsFailuresViewTest.php tests/Feature/System/Spec114/OpsStuckViewTest.php` - `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && vendor/bin/sail artisan test --compact tests/Browser/OnboardingDraftRefreshTest.php` - `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && vendor/bin/sail bin pint --dirty --format agent` ## Notes - no schema or route renames - Filament / Livewire surface behavior stays within the existing admin and tenant panels - OperationRunResource remains excluded from global search Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #202 |
|||
| 0c709df54e |
Spec 129: add workspace admin home overview (#157)
## Summary - make `/admin` the canonical workspace-level home instead of implicitly forcing tenant context - add a new Filament workspace overview page with bounded workspace-safe widgets, quick actions, and empty states - align panel routing, middleware, redirect helpers, and tests with the new workspace-home semantics - add Spec 129 design artifacts, contracts, and focused Pest coverage for landing, navigation, content, operations, and authorization ## Validation - `vendor/bin/sail artisan test --compact tests/Feature/Filament/AdminHomeRedirectsToChooseTenantWhenWorkspaceSelectedTest.php tests/Feature/Filament/LoginRedirectsToChooseWorkspaceWhenMultipleWorkspacesTest.php tests/Feature/Filament/WorkspaceOverviewLandingTest.php tests/Feature/Filament/WorkspaceOverviewNavigationTest.php tests/Feature/Filament/WorkspaceOverviewContentTest.php tests/Feature/Filament/WorkspaceOverviewEmptyStatesTest.php tests/Feature/Filament/WorkspaceOverviewOperationsTest.php tests/Feature/Filament/WorkspaceOverviewAuthorizationTest.php tests/Feature/Filament/WorkspaceOverviewPermissionVisibilityTest.php tests/Feature/Filament/ChooseTenantRequiresWorkspaceTest.php tests/Feature/Guards/AdminWorkspaceRoutesGuardTest.php` - `vendor/bin/sail bin pint --dirty --format agent` ## Notes - Livewire v4.0+ compliance is preserved through Filament v5 usage. - Panel provider registration remains in `bootstrap/providers.php` for Laravel 12. - This feature adds a workspace overview page for the admin panel home; it does not introduce destructive actions. - No new Filament assets were added, so there is no additional `filament:assets` deployment requirement for this branch. - Manual browser QA for the quickstart scenarios was not completed in this session because the local browser opened at the Microsoft login flow without an authenticated test session. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #157 |
|||
| d6e7de597a |
feat(spec-087): remove legacy runs (#106)
Implements Spec 087: Legacy Runs Removal (rigorous). ### What changed - Canonicalized run history: **`operation_runs` is the only run system** for inventory sync, Entra group sync, backup schedule execution/retention/purge. - Removed legacy UI surfaces (Filament Resources / relation managers) for legacy run models. - Legacy run URLs now return **404** (no redirects), with RBAC semantics preserved (404 vs 403 as specified). - Canonicalized affected `operation_runs.type` values (dotted → underscore) via migration. - Drift + inventory references now point to canonical operation runs; includes backfills and then drops legacy FK columns. - Drops legacy run tables after cutover. - Added regression guards to prevent reintroducing legacy run tokens or “backfilling” canonical runs from legacy tables. ### Migrations - `2026_02_12_000001..000006_*` canonicalize types, add/backfill operation_run_id references, drop legacy columns, and drop legacy run tables. ### Tests Focused pack for this spec passed: - `tests/Feature/Guards/NoLegacyRunsTest.php` - `tests/Feature/Guards/NoLegacyRunBackfillTest.php` - `tests/Feature/Operations/LegacyRunRoutesNotFoundTest.php` - `tests/Feature/Monitoring/MonitoringOperationsTest.php` - `tests/Feature/Jobs/RunInventorySyncJobTest.php` ### Notes / impact - Destructive cleanup is handled via migrations (drops legacy tables) after code cutover; deploy should run migrations in the same release. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #106 |
|||
| fb1046c97a |
Spec 077: Workspace Global Mode + context bar redundancy cleanup (#94)
Implements Spec 077 refinements: workspace Global Mode and navigation/context-bar redundancy cleanup.
Summary
- Global Mode: `/admin/workspaces` is workspace-optional (lists only member workspaces); explicit allowlist in `EnsureWorkspaceSelected`.
- Navigation cleanup: workspace switching is topbar-only; no sidebar “Switch workspace”; removes redundant “Manage workspaces” entry from context-bar.
- Context bar: when no workspace selected, tenant picker is disabled with guidance; on tenant-scoped routes `/admin/t/{tenant}/…` the tenant indicator is read-only (Filament tenant menu remains primary).
- Authorization: workspace creation is policy-driven (`WorkspacePolicy::create()`), enforced in `ChooseWorkspace` via Gate.
Safety / Compliance
- Livewire v4.0+ compliant (Filament v5).
- Panel provider registration remains in `bootstrap/providers.php` (no changes required).
- Global search: no new globally searchable resources added; no behavior changes introduced.
- Destructive actions: none added/changed.
- Assets: no new assets registered; deploy process unchanged (if assets are registered elsewhere, ensure `php artisan filament:assets` runs in deploy as usual).
Tests
- `vendor/bin/sail bin pint --dirty`
- `vendor/bin/sail artisan test --compact tests/Feature/Workspaces tests/Feature/Monitoring tests/Feature/OpsUx tests/Feature/Filament/WorkspaceContextTopbarAndTenantSelectionTest.php`
Spec artifacts
- `specs/077-workspace-nav-monitoring-hub/{spec,plan,tasks}.md`
- `specs/077-workspace-nav-monitoring-hub/contracts/routes.md`
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #94
|
|||
| e1ed7ae232 |
058-tenant-ui-polish (#70)
Kurzbeschreibung Filament-native UI-Polish für das Tenant-Dashboard und zugehörige Inventory/Operations-Ansichten; entfernt alte custom Blade‑Panel-Wrapper (die die dicken Rahmen erzeugten) und ersetzt sie durch Filament‑Widgets (StatsOverview / TableWidget). Keine DB-Migrationen. Änderungen (Kurz) Dashboard: KPI‑Kacheln als StatsOverviewWidget (4 Tiles). Needs‑Attention: sinnvolle Leerstaat‑UI (3 Health‑Checks + Links) und begrenzte, badge‑gestützte Issue‑Liste. Recent Drift Findings & Recent Operations: Filament TableWidget (10 Zeilen), badge‑Spalten für Severity/Status/Outcome, kurze copyable IDs, freundliche Subject‑Labels statt roher UUIDs. Entfernen der alten Blade-Wrapper, die ring- / shadow Klassen erzeugten. Tests aktualisiert/ergänzt, um Tenant‑Scope und DB‑only Garantien zu prüfen. Kleinigkeiten / UI‑Polish in Inventory/Operations-Listen und Panel‑Provider. Wichtige Dateien (Auswahl) DashboardKpis.php NeedsAttention.php RecentDriftFindings.php RecentOperations.php needs-attention.blade.php Tests: TenantDashboardTenantScopeTest.php, inventory/operations test updates Testing / Verifikation Lokale Tests (empfohlen, vor Merge ausführen): Formatter: Filament assets (falls panel assets geändert wurden): Review‑Hinweise (Was prüfen) UI: Dashboard sieht visuell wie Filament‑Demo‑Widgets aus (keine dicken ring- Rahmen mehr). Tables: Primary text zeigt freundliche Labels, nicht UUIDs; IDs sind copyable und kurz dargestellt. Needs‑Attention: Leerstaat zeigt die 3 Health‑Checks + korrekte Links; bei Issues sind Badges und Farben korrekt. Tenant‑Scope: Keine Daten von anderen Tenants leakieren (prüfe die aktualisierten TenantScope‑Tests). Polling: Widgets poll nur wenn nötig (z.B. aktive Runs existieren). Keine externen HTTP‑Calls oder ungeprüfte Jobs während Dashboard‑Rendering. Deployment / Migrations Keine Datenbankmigrationen. Empfohlen: nach Merge ./vendor/bin/sail artisan filament:assets in Deployment‑Pipeline prüfen, falls neue panel assets registriert wurden. Zusammenfassung für den Reviewer Zweck: Entfernen der alten, handgebauten Panel‑Wrappers und Vereinheitlichung der Dashboard‑UX mit Filament‑nativen Komponenten; kleinere UI‑Polish in Inventory/Operations. Tests: Unit/Feature tests für Tenant‑Scope und DB‑only Verhalten wurden aktualisiert; bitte laufen lassen. Merge: Branch 058-tenant-ui-polish → dev (protected) via Pull Request in Gitea. Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local> Reviewed-on: #70 |
|||
| abda751296 |
feat(058): tenant dashboard + active-runs gating (#68)
Adds a tenant-scoped dashboard page (KPIs, Needs Attention, Recent Drift Findings, Recent Operations) with polling only while active runs exist. Guardrails: DB-only render (no outbound HTTP) + tenant isolation. Tests: ActiveRunsTest, TenantDashboardDbOnlyTest, TenantDashboardTenantScopeTest. Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local> Reviewed-on: #68 |
