ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
384 Commits 310 Branches 0 Tags 57 MiB
ae0e0a0674
Commit Graph

16 Commits

Author SHA1 Message Date
Ahmed Darrazi
ae0e0a0674 feat(spec-286): neutralize environment-first admin copy
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m21s
Details 
Align chooser, landing, dashboard, shell, and bounded policy helper copy to environment-first terminology for spec 286.

Validation:
- export PATH="/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/homebrew/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.local/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/.vscode/extensions/ms-python.debugpy-2026.6.0-darwin-arm64/bundled/scripts/noConfigScripts" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Localization/EnvironmentContextTerminologyTest.php tests/Feature/Filament/EnvironmentContextSurfaceCopyTest.php tests/Feature/Filament/Localization/PolicyInventoryLocalizationTest.php tests/Feature/Guards/EnvironmentCopyNeutralizationGuardTest.php
- export PATH="/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/homebrew/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.local/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/.vscode/extensions/ms-python.debugpy-2026.6.0-darwin-arm64/bundled/scripts/noConfigScripts" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec286EnvironmentCopyNeutralizationSmokeTest.php
- export PATH="/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/homebrew/bin:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/debugCommand:/Users/ahmeddarrazi/Library/Application Support/Code/User/globalStorage/github.copilot-chat/copilotCli:/Users/ahmeddarrazi/.antigravity/antigravity/bin:/Users/ahmeddarrazi/.local/bin:/Users/ahmeddarrazi/.nvm/versions/node/v24.11.0/bin:/Users/ahmeddarrazi/.config/herd-lite/bin:/Users/ahmeddarrazi/.vscode/extensions/ms-python.debugpy-2026.6.0-darwin-arm64/bundled/scripts/noConfigScripts" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent

Note: the discovered Capture snapshot modal runtime issue remains out-of-scope runtime debt for spec 286 and is recorded in the spec tasks close-out notes.
 2026-05-10 01:28:07 +02:00
ahmido
c7b38606a9 feat: implement spec 285 workspace-first environment access (#344) 
Implements platform feature branch `285-workspace-rbac-environment-access`.

Summary:
- switch managed environment authorization to workspace-first role resolution with explicit environment-scope narrowing
- rewire Filament pages, resources, policies, and user tenant access helpers to the shared access-scope resolver
- add Spec 285 coverage across unit, feature, and browser tests plus full spec artifacts

Validation:
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Unit/Auth/WorkspaceFirstCapabilityResolverTest.php tests/Unit/Auth/ManagedEnvironmentAccessScopeResolverTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Auth/WorkspaceFirstManagedEnvironmentAccessTest.php tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php tests/Feature/Filament/WorkspaceMembershipRoleManagementTest.php tests/Feature/Rbac/GovernanceArtifactsWorkspaceFirstAuthorizationTest.php tests/Feature/Rbac/OperationRunWorkspaceFirstAuthorizationTest.php tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Verification/ProviderExecutionReauthorizationTest.php tests/Feature/ProviderConnections/ProviderConnectionHealthCheckStartSurfaceTest.php tests/Feature/Tenants/TenantProviderBackedActionStartTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Audit/TenantMembershipAuditLogTest.php tests/Feature/Filament/TenantMembersTest.php tests/Feature/TenantRBAC/TenantMembershipCrudTest.php tests/Feature/TenantRBAC/TenantSwitcherScopeTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec285WorkspaceRbacEnvironmentAccessSmokeTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

Target branch: `platform-dev`.

Follow-up integration path after merge:
- `platform-dev` -> `dev`.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #344
 2026-05-09 12:40:50 +00:00
ahmido
360d20e881 feat: complete workspace-first environment routing cutover (#340) 
## Summary
- retire the tenant panel runtime and converge operator routing on the workspace-first admin shell
- update tenant, operations, and required-permissions navigation helpers to use canonical workspace-scoped URLs
- repair the focused feature coverage, add the Spec 280 browser smoke, and record the implementation close-out in the requirements checklist

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/WorkspaceFoundation tests/Feature/Workspaces tests/Feature/ManagedEnvironment tests/Feature/RequiredPermissions tests/Feature/Operations tests/Feature/MonitoringOperationsTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec280WorkspaceTenancyEnvironmentRoutingSmokeTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Note
- `origin/platform` is not present on the remote; `platform-dev` is the clean base branch that limits this PR to the Spec 280 prep commit plus the implementation commit.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #340
 2026-05-07 21:56:14 +00:00
ahmido
210508db9d feat: implement workspace and tenant closure lifecycle (#337) 
## Summary
- add explicit workspace closure and tenant removal lifecycle truth with a bounded `WorkspaceLifecycleService`
- surface closure and removal posture across admin/system pages, chooser recovery, and canonical historical viewers
- block new review-pack and operation starts for closed workspaces or removed tenants while preserving memberships, audit, and history
- add focused Pest coverage plus the Spec 292 artifacts for the implemented slice

## Testing
- `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/System/Directory/ViewWorkspaceClosureTest.php tests/Feature/System/Ops/ClosedWorkspaceHistoricalAccessTest.php tests/Feature/Filament/Resources/Workspaces/WorkspaceClosureStatusTest.php tests/Feature/Filament/Resources/TenantResource/TenantWorkspaceRemovalTest.php tests/Feature/Filament/Pages/WorkspaceContextClosureRecoveryTest.php`
- `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- manual integrated-browser smoke for admin tenant remove/restore plus chooser recovery and system workspace close/reopen

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #337
 2026-05-07 13:12:17 +00:00
ahmido
e64bae9cfc feat: cut over tenant core to managed environments (#335) 
## Summary
- replace the legacy Tenant and TenantMembership core models with ManagedEnvironment and ManagedEnvironmentMembership
- propagate the managed environment naming and key changes across Filament resources, pages, controllers, jobs, models, and supporting runtime paths
- add feature 279 spec artifacts and focused managed-environment test coverage for model behavior, route binding, panel context, authorization, and legacy guardrails

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentAuthorizationTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentPanelContextTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentRouteBindingTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentContextResolverTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentModelTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Notes
- branch pushed from commit `1123b122`
- browser smoke test file was added but not run in this pass

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #335
 2026-05-07 06:38:14 +00:00
ahmido
7ee4909212 feat: commercial lifecycle overlay for workspace entitlements (#292)
Some checks failed
Main Confidence / confidence (push) Failing after 1m45s
Details 
## Summary
- add the bounded workspace commercial lifecycle overlay from spec 251 on top of the existing entitlement substrate
- expose audited commercial state inspection and mutation on the system workspace detail surface
- gate onboarding activation and review-pack start actions through the shared lifecycle decision while preserving suspended read-only access to existing review, evidence, and generated-pack history
- add focused Pest coverage plus the spec/plan/tasks/data-model/contract artifacts for the feature

## Validation
- targeted Pest unit and feature lanes for lifecycle resolution, system-plane mutation, onboarding gating, review-pack enforcement, download preservation, customer review workspace access, and evidence snapshot access
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- integrated browser smoke on the system workspace detail and the preserved read-only review/evidence/review-pack surfaces

## Notes
- branch: `251-commercial-entitlements-billing-state`
- base: `dev`
- commit: `606e9760`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #292
 2026-04-28 13:39:33 +00:00
ahmido
2752515da5 Spec 235: harden baseline truth and onboarding flows (#271)
Some checks failed
Main Confidence / confidence (push) Failing after 54s
Details 
## Summary
- harden baseline capture truth, compare readiness, and monitoring explanations around latest inventory eligibility, blocked prerequisites, and zero-subject outcomes
- improve onboarding verification and bootstrap recovery handling, including admin-consent callback invalidation and queued execution legitimacy/report behavior
- align workspace findings/workspace overview signals and refresh the related spec, roadmap, and spec-candidate artifacts

## Validation
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/BaselineDriftEngine/BaselineCaptureAuditEventsTest.php tests/Feature/BaselineDriftEngine/BaselineSnapshotNoTenantIdentifiersTest.php tests/Feature/BaselineDriftEngine/CaptureBaselineContentTest.php tests/Feature/BaselineDriftEngine/CaptureBaselineFullContentOnDemandTest.php tests/Feature/BaselineDriftEngine/CaptureBaselineMetaFallbackTest.php tests/Feature/Baselines/BaselineCaptureTest.php tests/Feature/Baselines/BaselineCompareFindingsTest.php tests/Feature/Baselines/BaselineSnapshotBackfillTest.php tests/Feature/Filament/BaselineCaptureResultExplanationSurfaceTest.php tests/Feature/Filament/BaselineCompareLandingStartSurfaceTest.php tests/Feature/Filament/BaselineProfileCaptureStartSurfaceTest.php tests/Feature/Filament/OperationRunBaselineTruthSurfaceTest.php tests/Feature/Monitoring/AuditCoverageGovernanceTest.php tests/Feature/Monitoring/GovernanceOperationRunSummariesTest.php tests/Feature/Notifications/OperationRunNotificationTest.php tests/Feature/Authorization/OperatorExplanationSurfaceAuthorizationTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/AdminConsentCallbackTest.php tests/Feature/Filament/WorkspaceOverviewDbOnlyTest.php tests/Feature/Guards/Spec194GovernanceActionSemanticsGuardTest.php tests/Feature/ManagedTenantOnboardingWizardTest.php tests/Feature/Onboarding/OnboardingVerificationTest.php tests/Feature/Operations/QueuedExecutionAuditTrailTest.php tests/Unit/Operations/QueuedExecutionLegitimacyGateTest.php`

## Notes
- browser validation was not re-run in this pass

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #271
 2026-04-24 05:44:54 +00:00
ahmido
12fb5ebb30 feat: add findings hygiene report and control catalog layering (#264)
Some checks failed
Main Confidence / confidence (push) Failing after 1m20s
Details 
## Summary
- add the workspace-scoped findings hygiene report, overview signal, and supporting classification service for broken assignments and stale in-progress work
- add Spec 225 artifacts and focused findings hygiene test coverage alongside the new Filament page and workspace overview wiring
- align product roadmap and spec candidates around the layered canonical control catalog, CIS library, and readiness model
- extend SpecKit constitution and templates with the XCUT-001 shared-pattern reuse guidance

## Notes
- validation commands and implementation close-out notes are documented in `specs/225-assignment-hygiene/plan.md` and `specs/225-assignment-hygiene/quickstart.md`
- this PR targets `dev` from `225-assignment-hygiene`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #264
 2026-04-22 12:26:18 +00:00
ahmido
712576c447 feat: add findings intake queue and stabilize follow-up regressions (#260)
Some checks failed
Main Confidence / confidence (push) Failing after 44s
Details 
## Summary
- add the new admin findings intake queue at `/admin/findings/intake` with fixed `Unassigned` and `Needs triage` views, tenant-safe filtering, claim flow, and continuity into tenant finding detail and `My Findings`
- add Spec 222 artifacts (`spec`, `plan`, `tasks`, `research`, `data model`, `quickstart`, contract, checklist) and register the new admin page
- fix follow-up regressions uncovered during full-suite validation around findings action-surface declarations, findings list default columns, provider-blocked run messaging, operation catalog aliases, and workspace overview query volume

## Validation
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Findings/FindingsIntakeQueueTest.php tests/Feature/Authorization/FindingsIntakeAuthorizationTest.php tests/Feature/Findings/FindingsClaimHandoffTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact`

## Notes
- Filament remains on v5 with Livewire v4-compatible patterns
- provider registration remains unchanged in `apps/platform/bootstrap/providers.php`
- no new assets or schema changes are introduced

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #260
 2026-04-21 22:54:08 +00:00
ahmido
81bb5f42c7 feat: add findings operator inbox (#258)
Some checks failed
Main Confidence / confidence (push) Failing after 55s
Details 
## Summary
- add the canonical admin-plane `My Findings` inbox at `/admin/findings/my-work`
- add the workspace overview `Assigned to me` signal and inbox-to-detail continuity
- add focused Pest coverage plus the full Spec 221 artifact bundle

## Validation
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Findings/MyWorkInboxTest.php tests/Feature/Authorization/MyWorkInboxAuthorizationTest.php tests/Feature/Dashboard/MyFindingsSignalTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/WorkspaceOverviewNavigationTest.php`
- integrated-browser smoke completed against the browser-facing `tenantatlas` runtime, including seeded positive-path and negative-path checks plus fixture cleanup

## Filament v5 Guardrails
- Livewire v4.0+ compliant
- panel provider registration remains in `apps/platform/bootstrap/providers.php`
- global search behavior is unchanged; `FindingResource` already has a View page and the new inbox is a custom page, not a searchable resource
- no destructive actions were introduced on the inbox or overview signal
- no new assets were added; the existing deploy step for `cd apps/platform && php artisan filament:assets` remains unchanged
- coverage includes the new inbox page, authorization boundaries, the workspace overview signal, and the overview CTA regression

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #258
 2026-04-21 09:19:54 +00:00
ahmido
3bdd27f747 feat: finalize global shell context contract (#246)
Some checks failed
Main Confidence / confidence (push) Failing after 43s
Details 
## Summary
- consolidate workspace and tenant shell resolution behind a canonical resolved shell context
- align workspace switching, tenant selection, and tenant clearing with the new recovery and fallback rules
- add focused Pest coverage for shell resolution and update root dev orchestration so platform Vite starts correctly from repo-root commands

## Testing
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Monitoring/HeaderContextBarTest.php
- cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Workspaces/GlobalContextShellContractTest.php
- manual integrated-browser smoke for tenant-bound shell actions and context recovery flows
- validated corepack pnpm build:platform, corepack pnpm dev:platform, corepack pnpm dev:website, and corepack pnpm dev

## Notes
- Livewire v4 / Filament v5 remain unchanged and provider registration stays in bootstrap/providers.php
- no new globally searchable resources or destructive Filament actions were introduced

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #246
 2026-04-18 14:00:49 +00:00
ahmido
2f45ff5a84 feat: add portfolio triage review state tracking (#220) 
## Summary
- add tenant triage review-state persistence, fingerprinting, resolver logic, service layer, and migration for current affected-set tracking
- surface review-state and affected-set progress across tenant registry, tenant dashboard arrival continuity, and workspace overview
- extend RBAC, audit/badge support, specs, and test coverage for portfolio triage review-state workflows
- suppress expected hidden-page background transport failures in the global unhandled rejection logger while keeping visible-page failures logged

## Validation
- targeted Pest coverage added for tenant registry, workspace overview, arrival context, RBAC authorization, badges, fingerprinting, resolver behavior, and logger asset behavior
- code formatted with `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Notes
- full suite was not re-run in this final step
- branch includes the spec artifacts under `specs/189-portfolio-triage-review-state/`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #220
 2026-04-10 21:35:17 +00:00
ahmido
28e62bd22c feat: preserve portfolio triage arrival context (#218) 
## Summary
- preserve portfolio triage arrival context from workspace overview and tenant registry drill-throughs
- add a tenant dashboard continuity widget plus bounded arrival token and resolver support
- add focused Pest coverage for arrival routing, return flow, RBAC degradation, and request-local performance
- include the Spec 187 spec, plan, research, data model, quickstart, contract, and tasks artifacts

## Validation
- integrated browser smoke: workspace overview -> tenant dashboard arrival -> backup sets CTA
- integrated browser smoke: tenant registry triage -> tenant dashboard arrival -> return to tenant triage
- branch includes focused automated test coverage for the new arrival-context surfaces

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #218
 2026-04-09 21:38:31 +00:00
ahmido
9fbd3e5ec7 Spec 186: implement tenant registry recovery triage (#217) 
## Summary
- turn the tenant registry into a workspace-scoped recovery triage surface with backup posture and recovery evidence columns
- preserve workspace overview backup and recovery drilldown intent by routing multi-tenant cases into filtered tenant registry slices
- add the Spec 186 planning artifacts, focused regression coverage, and shared triage presentation helpers

## Testing
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/TenantRegistryRecoveryTriageTest.php tests/Feature/Filament/WorkspaceOverviewSummaryMetricsTest.php tests/Feature/Filament/WorkspaceOverviewDrilldownContinuityTest.php tests/Feature/Filament/TenantResourceIndexIsWorkspaceScopedTest.php tests/Feature/Filament/WorkspaceOverviewAuthorizationTest.php tests/Feature/Guards/ActionSurfaceContractTest.php tests/Feature/Guards/FilamentTableStandardsGuardTest.php`

## Notes
- no schema change
- no new persisted recovery truth
- branch includes the full Spec 186 spec, plan, research, data model, contract, quickstart, and tasks artifacts

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #217
 2026-04-09 19:20:48 +00:00
ahmido
53e799fea7 Spec 185: workspace recovery posture visibility (#216) 
## Summary
- add Spec 185 workspace recovery posture visibility artifacts under `specs/185-workspace-recovery-posture-visibility`
- promote tenant backup health and recovery evidence onto the workspace overview with separate metrics, attention ordering, calmness coverage, and tenant-dashboard drill-throughs
- batch visible-tenant backup/recovery derivation to keep the workspace overview query-bounded
- align follow-up fixes from the authoritative suite rerun, including dashboard truth-alignment fixtures, canonical backup schedule tenant context, guard-path cleanup, smoke-fixture credential removal, and robust theme asset manifest handling

## Testing
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Unit/Filament/PanelThemeAssetTest.php tests/Feature/Guards/DerivedStateConsumerAdoptionGuardTest.php`
- focused regression pack for the previously failing cases passed
- full suite JUnit run passed: `3401` tests, `18849` assertions, `0` failures, `0` errors, `8` skips

## Notes
- no new schema or persisted workspace recovery model
- no provider-registration changes; Filament/Livewire stack remains on Filament v5 and Livewire v4
- no new destructive actions or global search changes

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #216
 2026-04-09 12:57:19 +00:00
ahmido
ce0615a9c1 Spec 182: relocate Laravel platform to apps/platform (#213) 
## Summary
- move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling
- update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location
- add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation`
- integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404`

## Remaining Rollout Checks
- validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout
- confirm web, queue, and scheduler processes all start from the expected working directory in staging/production
- verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #213
 2026-04-08 08:40:47 +00:00