From 48b558db93abddfcb91a5b9ead91a5a2870eec99 Mon Sep 17 00:00:00 2001
From: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Date: Fri, 16 Jan 2026 19:06:30 +0100
Subject: [PATCH 1/4] docs: unified operations runs specs and plan (054)

---
 GEMINI.md                                     |   8 +
 .../checklists/requirements.md                |  30 ++++
 .../contracts/admin-pages.openapi.yaml        |  55 +++++++
 .../contracts/routes.md                       |  18 +++
 .../contracts/service_interface.md            |  48 ++++++
 specs/054-unify-runs-suitewide/data-model.md  |  52 ++++++
 specs/054-unify-runs-suitewide/plan.md        |  76 +++++++++
 specs/054-unify-runs-suitewide/quickstart.md  |  49 ++++++
 specs/054-unify-runs-suitewide/research.md    |  65 ++++++++
 specs/054-unify-runs-suitewide/spec.md        | 148 ++++++++++++++++++
 specs/054-unify-runs-suitewide/tasks.md       |  64 ++++++++
 11 files changed, 613 insertions(+)
 create mode 100644 specs/054-unify-runs-suitewide/checklists/requirements.md
 create mode 100644 specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml
 create mode 100644 specs/054-unify-runs-suitewide/contracts/routes.md
 create mode 100644 specs/054-unify-runs-suitewide/contracts/service_interface.md
 create mode 100644 specs/054-unify-runs-suitewide/data-model.md
 create mode 100644 specs/054-unify-runs-suitewide/plan.md
 create mode 100644 specs/054-unify-runs-suitewide/quickstart.md
 create mode 100644 specs/054-unify-runs-suitewide/research.md
 create mode 100644 specs/054-unify-runs-suitewide/spec.md
 create mode 100644 specs/054-unify-runs-suitewide/tasks.md

diff --git a/GEMINI.md b/GEMINI.md
index d9e766e..220d86e 100644
--- a/GEMINI.md
+++ b/GEMINI.md
@@ -669,3 +669,11 @@ ### Replaced Utilities
 | decoration-slice | box-decoration-slice |
 | decoration-clone | box-decoration-clone |
 </laravel-boost-guidelines>
+
+## Recent Changes
+- 054-unify-runs-suitewide: Added PHP 8.4 + Filament v4, Laravel v12, Livewire v3
+- 054-unify-runs-suitewide: Added [if applicable, e.g., PostgreSQL, CoreData, files or N/A]
+- 054-unify-runs-suitewide: Added PHP 8.4 + Filament v4, Laravel v12, Livewire v3
+
+## Active Technologies
+- PostgreSQL (`operation_runs` table + JSONB) (054-unify-runs-suitewide)
diff --git a/specs/054-unify-runs-suitewide/checklists/requirements.md b/specs/054-unify-runs-suitewide/checklists/requirements.md
new file mode 100644
index 0000000..2886bac
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/checklists/requirements.md
@@ -0,0 +1,30 @@
+# Requirements Checklist: Unified Operations Runs
+
+## Phase 1 Adoption Set
+- [x] `inventory.sync` (Inventory “Sync now”) covered in spec
+- [x] `policy.sync` (Policies “Sync now”) covered in spec
+- [x] `directory_groups.sync` (Directory → Groups “Sync groups”) covered in spec
+- [x] `drift.generate` (Drift “Generate drift now”) covered in spec
+- [x] `backup_set.add_policies` (Backup Sets “Add selected”) covered in spec
+- [x] `restore.execute` (adapter mode) covered in spec
+
+## Critical Clarifications (Pinned)
+- [x] Retention policy defined (90 days default)
+- [x] Transition strategy defined (Parallel write: Canonical + Legacy)
+- [x] Concurrency enforcement defined (Partial unique index on active runs)
+- [x] Initiator model defined (Nullable FK + Name Snapshot)
+- [x] Restore integration defined (Physical adapter row pointing to Restore Domain record)
+
+## Functional Requirements (Spec Coverage)
+- [x] FR-001 Canonical Operation Run schema defined (see `data-model.md`)
+- [x] FR-004 Monitoring List UI specified (filters/sort defined in Spec FR-004)
+- [x] FR-005 Monitoring Detail UI specified (content defined in Spec FR-005)
+- [x] FR-007 Start surfaces behavior specified (Spec FR-007)
+- [x] FR-009 Idempotency (Partial Unique Index) strategy defined (Spec FR-009, Plan)
+- [x] FR-015 Notifications for queued/terminal states specified (Spec FR-015)
+- [x] FR-016 Tenant isolation rules specified (Spec FR-016)
+
+## Non-Functional (Spec Coverage)
+- [x] SC-002 Start confirmation < 2s target defined (Spec SC-002)
+- [x] SC-003 Deduplication rate > 99% strategy defined (Spec SC-003)
+- [x] SC-004 No secrets in failure logs rule defined (Spec SC-004)
diff --git a/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml b/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml
new file mode 100644
index 0000000..c3d5238
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml
@@ -0,0 +1,55 @@
+openapi: 3.0.3
+info:
+  title: TenantPilot Admin Operations Contracts (Feature 054)
+  version: 0.1.0
+  description: |
+    Minimal page-render contracts for the Monitoring/Operations hub.
+
+    These pages must render from the database only (no external tenant calls)
+    and display only sanitized failure detail (no secrets/tokens/raw payload dumps).
+
+servers:
+  - url: /
+
+paths:
+  /admin/t/{tenantExternalId}/bulk-operation-runs:
+    get:
+      operationId: monitoringOperationsIndex
+      summary: Monitoring → Operations (tenant-scoped)
+      parameters:
+        - name: tenantExternalId
+          in: path
+          required: true
+          schema:
+            type: string
+      responses:
+        '200':
+          description: Page renders successfully.
+        '302':
+          description: Redirect to login when unauthenticated.
+
+  /admin/t/{tenantExternalId}/bulk-operation-runs/{bulkOperationRunId}:
+    get:
+      operationId: monitoringOperationsView
+      summary: Operation run detail (tenant-scoped)
+      parameters:
+        - name: tenantExternalId
+          in: path
+          required: true
+          schema:
+            type: string
+        - name: bulkOperationRunId
+          in: path
+          required: true
+          schema:
+            type: integer
+      responses:
+        '200':
+          description: Page renders successfully.
+        '302':
+          description: Redirect to login when unauthenticated.
+        '403':
+          description: Forbidden when attempting cross-tenant access.
+
+components: {}
+
diff --git a/specs/054-unify-runs-suitewide/contracts/routes.md b/specs/054-unify-runs-suitewide/contracts/routes.md
new file mode 100644
index 0000000..f139181
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/contracts/routes.md
@@ -0,0 +1,18 @@
+# Routes & URLs
+
+## Monitoring UI
+
+### List Operations
+- **Route**: `tenant.monitoring.operations.index`
+- **URL**: `/tenants/{tenant}/monitoring/operations`
+- **Controller**: Livewire Component (`App\Livewire\Monitoring\OperationsList`)
+
+### View Operation
+- **Route**: `tenant.monitoring.operations.show`
+- **URL**: `/tenants/{tenant}/monitoring/operations/{run}`
+- **Controller**: Livewire Component (`App\Livewire\Monitoring\OperationsDetail`)
+
+## Deep Links
+- **Drift**: `/tenants/{tenant}/drift/history/{id}`
+- **Inventory**: `/tenants/{tenant}/inventory` (General, or specific timestamp if supported)
+- **Restore**: `/tenants/{tenant}/restore/{id}`
\ No newline at end of file
diff --git a/specs/054-unify-runs-suitewide/contracts/service_interface.md b/specs/054-unify-runs-suitewide/contracts/service_interface.md
new file mode 100644
index 0000000..b3db982
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/contracts/service_interface.md
@@ -0,0 +1,48 @@
+# Service Interface: Operation Runs
+
+## `App\Services\OperationRunService`
+
+### `ensureRun`
+Idempotently creates or retrieves an active run.
+
+```php
+public function ensureRun(
+    Tenant $tenant,
+    string $type,
+    array $inputs,
+    ?User $initiator = null
+): OperationRun
+```
+
+- **Logic**:
+  1. Compute `hash = sha256(tenant_id + type + sorted_json(inputs))`.
+  2. Try finding active run (`queued` or `running`) with this hash.
+  3. If found, return it.
+  4. If not found, create new `queued` run.
+  5. Return run.
+
+### `updateRun`
+Updates the status/outcome of a run.
+
+```php
+public function updateRun(
+    OperationRun $run,
+    string $status,
+    ?string $outcome = null,
+    array $summaryCounts = [],
+    array $failures = []
+): OperationRun
+```
+
+### `failRun`
+Helper to fail a run immediately.
+
+```php
+public function failRun(OperationRun $run, Throwable $e): OperationRun
+```
+
+## `App\Jobs\Middleware\TrackOperationRun`
+Middleware for Jobs to automatically handle `running` -> `completed`/`failed` transitions if bound to a run.
+
+## `App\Listeners\SyncRestoreRunToOperation`
+Listener for `RestoreRun` events to update the shadow `OperationRun`.
\ No newline at end of file
diff --git a/specs/054-unify-runs-suitewide/data-model.md b/specs/054-unify-runs-suitewide/data-model.md
new file mode 100644
index 0000000..589e6ac
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/data-model.md
@@ -0,0 +1,52 @@
+# Data Model: Unified Operations Runs
+
+## Entities
+
+### `OperationRun`
+Canonical record for all long-running tenant operations.
+
+| Field | Type | Required | Description |
+|-------|------|----------|-------------|
+| `id` | BigInt | Yes | Primary Key |
+| `tenant_id` | BigInt | Yes | FK to Tenants |
+| `user_id` | BigInt | No | FK to Users (Initiator). Null for system/scheduler. |
+| `initiator_name` | String | Yes | Snapshot of user name or "System". |
+| `type` | String | Yes | stable taxonomy e.g., `inventory.sync`. |
+| `status` | String | Yes | Lifecycle state: `queued`, `running`, `completed`. |
+| `outcome` | String | Yes | Result bucket: `pending`, `succeeded`, `partially_succeeded`, `failed`, `cancelled`. |
+| `run_identity_hash` | String | Yes | Deterministic hash for idempotency. |
+| `summary_counts` | JSONB | No | `{ "total": 10, "success": 8, "failed": 2, "skipped": 0 }` |
+| `failure_summary` | JSONB | No | List of sanitized errors: `[{ "code": "GraphError", "message": "Throttled", "count": 1 }]` |
+| `context` | JSONB | No | Run-specific metadata. e.g., `{ "restore_run_id": 123, "selection": [...] }` |
+| `started_at` | Timestamp | No | When execution began. |
+| `completed_at` | Timestamp | No | When execution finished. |
+| `created_at` | Timestamp | Yes | |
+| `updated_at` | Timestamp | Yes | |
+
+**Indexes**:
+- `(tenant_id, run_identity_hash)` UNIQUE WHERE status IN ('queued', 'running')
+- `(tenant_id, type, created_at)` for filtering/sorting
+- `(tenant_id, created_at)` for default sort
+
+### `RestoreRun` (Existing)
+Remains the domain source of truth for Restore.
+- Linked via `OperationRun.context['restore_run_id']`.
+- `OperationRun` mirrors `RestoreRun` status/outcome.
+
+## Enums
+
+### `OperationRunStatus`
+- `queued`
+- `running`
+- `completed`
+
+### `OperationRunOutcome`
+- `pending` (default when running/queued)
+- `succeeded`
+- `partially_succeeded`
+- `failed`
+- `cancelled`
+
+## Relationships
+- `OperationRun` belongs to `Tenant`.
+- `OperationRun` belongs to `User` (optional).
diff --git a/specs/054-unify-runs-suitewide/plan.md b/specs/054-unify-runs-suitewide/plan.md
new file mode 100644
index 0000000..0a09e67
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/plan.md
@@ -0,0 +1,76 @@
+# Implementation Plan: Unified Operations Runs Suitewide
+
+**Branch**: `feat/054-unify-operations-runs-suitewide` | **Date**: 2026-01-16 | **Spec**: [Spec Link](spec.md)
+**Input**: Feature specification from `specs/054-unify-runs-suitewide/spec.md`
+
+## Summary
+
+This feature unifies long-running tenant operations (e.g., Inventory Sync, Drift Generation) into a single canonical `operation_runs` table. This enables a consistent "Monitoring -> Operations" view for all tenant activities. Legacy run tables will be maintained in parallel for now (Parallel Write Transition). `RestoreRun` remains a domain-specific record but will be mirrored into `operation_runs` via an adapter pattern.
+
+## Technical Context
+
+**Language/Version**: PHP 8.4
+**Primary Dependencies**: Filament v4, Laravel v12, Livewire v3
+**Storage**: PostgreSQL (`operation_runs` table + JSONB)
+**Testing**: Pest v4 (Feature tests for Service, Livewire tests for UI)
+**Target Platform**: Linux server (Docker/Dokploy)
+**Project Type**: Web Application (Laravel Monolith)
+**Performance Goals**: Start operation < 2s. List runs < 200ms.
+**Constraints**: Tenant isolation is paramount. No cross-tenant data leakage.
+**Scale/Scope**: ~50-100 runs/day per tenant. Retention 90 days.
+
+## Constitution Check
+
+*GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.*
+
+- [x] Inventory-first: N/A (this is about tracking operations, not inventory state itself)
+- [x] Read/write separation: Monitoring is read-only. Starts are explicit writes.
+- [x] Graph contract path: N/A (this feature tracks runs, doesn't call Graph directly)
+- [x] Deterministic capabilities: N/A
+- [x] Tenant isolation: `operation_runs` has `tenant_id`. Policies ensure scope.
+- [x] Automation: Idempotency enforced via DB index.
+- [x] Data minimization: No secrets in `failure_summary`.
+
+## Project Structure
+
+### Documentation (this feature)
+
+```text
+specs/054-unify-runs-suitewide/
+├── plan.md              # This file
+├── research.md          # Research findings
+├── data-model.md        # Database schema
+├── quickstart.md        # Dev guide
+├── contracts/           # Service interfaces & routes
+└── tasks.md             # Task breakdown
+```
+
+### Source Code (repository root)
+
+```text
+app/
+├── Models/
+│   └── OperationRun.php
+├── Services/
+│   └── OperationRunService.php
+├── Livewire/
+│   └── Monitoring/
+│       ├── OperationsList.php
+│       └── OperationsDetail.php
+├── Jobs/
+│   └── Middleware/
+│       └── TrackOperationRun.php
+└── Listeners/
+    └── SyncRestoreRunToOperation.php
+
+database/migrations/
+└── YYYY_MM_DD_create_operation_runs_table.php
+```
+
+**Structure Decision**: Standard Laravel Service/Model/Livewire pattern.
+
+## Complexity Tracking
+
+| Violation | Why Needed | Simpler Alternative Rejected Because |
+|-----------|------------|-------------------------------------|
+| None | | |
\ No newline at end of file
diff --git a/specs/054-unify-runs-suitewide/quickstart.md b/specs/054-unify-runs-suitewide/quickstart.md
new file mode 100644
index 0000000..9a99384
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/quickstart.md
@@ -0,0 +1,49 @@
+# Quickstart: Adding a New Operation
+
+## 1. Register Run Type
+Add your new type constant to `App\Enums\OperationRunType` (if using Enums) or just use the string convention `resource.action`.
+
+## 2. Implement Idempotency Inputs
+Define what makes a run "unique" for your feature.
+- Example: `['scope' => 'full']` vs `['scope' => 'policy', 'policy_id' => 1]`.
+
+## 3. Use `OperationRunService`
+In your Start Action (Controller/Livewire):
+
+```php
+// 1. Ensure Run
+$run = $service->ensureRun($tenant, 'my_resource.action', $inputs, auth()->user());
+
+// 2. Dispatch Job (if new)
+if ($run->wasRecentlyCreated) {
+    MyJob::dispatch($run, $inputs);
+}
+
+// 3. Return View Link
+return redirect()->route('tenant.monitoring.operations.show', [$tenant, $run]);
+```
+
+## 4. Instrument Job
+In your Job:
+
+```php
+public function handle()
+{
+    // Update to Running
+    $this->run->updateStatus(status: 'running');
+
+    try {
+        // ... do work ...
+        
+        // Success
+        $this->run->updateStatus(
+            status: 'completed', 
+            outcome: 'succeeded', 
+            summary: ['processed' => 100]
+        );
+    } catch (\Throwable $e) {
+        // Failure
+        $this->run->fail($e);
+    }
+}
+```
diff --git a/specs/054-unify-runs-suitewide/research.md b/specs/054-unify-runs-suitewide/research.md
new file mode 100644
index 0000000..679092c
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/research.md
@@ -0,0 +1,65 @@
+# Research: Unified Operations Runs Suitewide
+
+## 1. Technical Context & Unknowns
+
+**Unknowns Resolved**:
+- **Transition Strategy**: Parallel write. We will maintain existing legacy tables (e.g., `inventory_sync_runs`, `restore_runs`) for now but strictly use `operation_runs` for the Monitoring UI.
+- **Restore Adapter**: `RestoreRun` remains the domain source of truth. An `OperationRun` record will be created as a "shadow" or "adapter" record. This requires hooking into `RestoreRun` lifecycle events or the service layer to keep them in sync.
+- **Run Logic Location**: Existing jobs like `RunInventorySyncJob` will be updated to manage the `OperationRun` state.
+- **Concurrency**: Enforced by partial unique index on `(tenant_id, run_identity_hash)` where status is active (`queued`, `running`).
+
+## 2. Technology Choices
+
+| Area | Decision | Rationale | Alternatives |
+|------|----------|-----------|--------------|
+| **Schema** | `operation_runs` table | Centralized table allows simple, performant Monitoring queries without complex UNIONs across disparate legacy tables. | Virtual UNION view (Complex, harder to paginate/sort efficiently). |
+| **Restore Integration** | Physical Adapter Row | Decouples Monitoring from Restore domain specifics. Allows uniform "list all runs" queries. The `context` JSON column will store `{ "restore_run_id": ... }`. | Polymorphic relation (Overhead for a single exception). |
+| **Idempotency** | DB Partial Unique Index | Hard guarantee against race conditions. Simpler than distributed locks (Redis) which can expire or fail. | Redis Lock (Soft guarantee), Application check (Race prone). |
+| **Initiator** | Nullable FK + Name | Handles both Users (FK) and System/Scheduler (Name "System") uniformly. | Polymorphic relation (Overkill for simple auditing). |
+
+## 3. Implementation Patterns
+
+### Canonical Run Lifecycle
+1.  **Start Request**:
+    -   Compute `run_identity_hash` from inputs.
+    -   Attempt `INSERT` into `operation_runs` (ignore conflict if active).
+    -   If active run exists, return it (Idempotency).
+    -   If new, dispatch Job.
+2.  **Job Execution**:
+    -   Update status to `running`.
+    -   Perform work.
+    -   Update status to `succeeded`/`failed`.
+3.  **Restore Adapter**:
+    -   When `RestoreRun` is created, create `OperationRun` (queued/running).
+    -   When `RestoreRun` updates (status change), update `OperationRun`.
+
+### Data Model
+```sql
+CREATE TABLE operation_runs (
+    id BIGSERIAL PRIMARY KEY,
+    tenant_id BIGINT NOT NULL REFERENCES tenants(id),
+    user_id BIGINT NULL REFERENCES users(id), -- Initiator
+    initiator_name VARCHAR(255) NOT NULL, -- "John Doe" or "System"
+    type VARCHAR(255) NOT NULL, -- "inventory.sync"
+    status VARCHAR(50) NOT NULL, -- queued, running, completed
+    outcome VARCHAR(50) NOT NULL, -- pending, succeeded, partially_succeeded, failed, cancelled
+    run_identity_hash VARCHAR(64) NOT NULL, -- SHA256(tenant_id + inputs)
+    summary_counts JSONB DEFAULT '{}', -- { success: 10, failed: 2 }
+    failure_summary JSONB DEFAULT '[]', -- [{ code: "ERR_TIMEOUT", message: "..." }]
+    context JSONB DEFAULT '{}', -- { selection: [...], restore_run_id: 123 }
+    started_at TIMESTAMP NULL,
+    completed_at TIMESTAMP NULL,
+    created_at TIMESTAMP,
+    updated_at TIMESTAMP
+);
+
+CREATE UNIQUE INDEX operation_runs_active_unique 
+ON operation_runs (tenant_id, run_identity_hash) 
+WHERE status IN ('queued', 'running');
+```
+
+## 4. Risks & Mitigations
+-   **Risk**: Desync between `RestoreRun` and `OperationRun`.
+    -   **Mitigation**: Use model observers or service-layer wrapping to ensure atomic-like updates, or accept slight eventual consistency (Monitoring might lag ms behind Restore UI).
+-   **Risk**: Legacy runs not appearing.
+    -   **Mitigation**: We are NOT backfilling legacy runs. Only new runs after deployment will appear in the new Monitoring UI. This is acceptable for "Phase 1".
diff --git a/specs/054-unify-runs-suitewide/spec.md b/specs/054-unify-runs-suitewide/spec.md
new file mode 100644
index 0000000..b54f7a3
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/spec.md
@@ -0,0 +1,148 @@
+# Feature Specification: Unified Operations Runs Suitewide (Except Restore Domain Model) (054)
+
+**Feature Branch**: `feat/054-unify-operations-runs-suitewide`  
+**Created**: 2026-01-16  
+**Status**: Draft  
+**Input**: User description: "Eliminate run sprawl by adopting one canonical tenant-scoped operation run record for long-running actions across the product, surfaced consistently in Monitoring → Operations, while keeping restore as a separate domain workflow that is still visible via an adapter entry."
+
+## Clarifications
+
+### Session 2026-01-16
+
+- Q: Welche Default-Retention soll 054 für canonical Operation Runs festlegen? → A: 90 days
+- Q: Transition-Strategie in 054: schreiben wir canonical Runs parallel zu Legacy-Run-Tabellen, oder ersetzen wir sofort? → A: Parallel write (canonical + legacy)
+- Q: For `restore.execute`, the spec mentions it acts as an "adapter entry" linking to the restore domain record. How should this be implemented? → A: Physical Row (Create a physical row in `operation_runs` that points to the restore record).
+- Q: How should concurrency and deduplication (FR-009) be enforced at the database level? → A: Partial Unique Index (unique constraint on `tenant_id, run_identity_hash` where outcome is `queued` or `running`).
+- Q: How should the `initiator` be modeled to support both users and system processes (FR-001)? → A: Nullable FK + Name Snapshot (`user_id` nullable FK + required `initiator_name` string).
+
+## User Scenarios & Testing *(mandatory)*
+
+### User Story 1 - See Every Supported Operation in Monitoring (Priority: P1)
+
+As an operator, I want Monitoring → Operations to show all supported long-running operations for my tenant in one consistent list and detail view, so I can quickly answer what ran, who started it, whether it succeeded/partially succeeded/failed, and where to look next.
+
+**Why this priority**: This is the core value: a single, tenant-scoped source of truth for operational visibility.
+
+**Independent Test**: Trigger at least one run of each Phase 1 run producer, then verify each appears in Monitoring with consistent status/outcome semantics, safe failure summaries, and context links.
+
+**Acceptance Scenarios**:
+
+1. **Given** I am signed into tenant A, **When** I open Monitoring → Operations, **Then** I see only tenant A runs and can filter by run type, outcome bucket, time range, and initiator.
+2. **Given** multiple run types exist, **When** I filter to `inventory.sync`, **Then** only inventory sync runs are shown.
+3. **Given** a run exists, **When** I open its detail view, **Then** I can see initiator, run type, outcome bucket, timestamps, summary counts (if applicable), sanitized failures (if any), and links to relevant feature context/results.
+4. **Given** restore execution exists, **When** I open Monitoring → Operations, **Then** I can see a `restore.execute` entry that links to the existing restore record (restore history remains owned by the restore domain record).
+5. **Given** I am a `Readonly` user in tenant A, **When** I view Monitoring → Operations, **Then** I can view runs and details but I do not see any start/rerun/cancel/delete controls.
+6. **Given** I attempt to access a run from another tenant (direct link or list), **When** I request it, **Then** access is denied and no run details are disclosed.
+
+---
+
+### User Story 2 - Start Operations Without Blocking (Priority: P2)
+
+As an operator, when I start a supported operation, I want immediate confirmation and a “View run” link so I can continue working while the operation runs in the background.
+
+**Why this priority**: Removes long-running requests/timeouts and standardizes how operations are started and observed.
+
+**Independent Test**: Start each Phase 1 operation from its owning UI and confirm the start returns quickly, includes “View run”, and the run progresses through queued/running into a terminal outcome.
+
+**Acceptance Scenarios**:
+
+1. **Given** I have permission to start a Phase 1 operation in tenant A, **When** I start it, **Then** I receive immediate confirmation with a “View run” link and the run is visible as queued or running.
+2. **Given** I am a `Readonly` user in tenant A, **When** I attempt to start any Phase 1 operation, **Then** the system denies the request and does not create a new run.
+3. **Given** the run reaches a terminal outcome, **When** that occurs, **Then** the initiating user receives an in-app notification including a short summary and a “View run” link.
+4. **Given** background processing is unavailable, **When** I attempt to start an operation, **Then** I receive a clear message and the system MUST NOT claim it was queued.
+
+---
+
+### User Story 3 - Duplicate Starts Reuse the Same Active Run (Priority: P3)
+
+As an operator, I want accidental double-starts (double clicks, two admins, retries) to reuse the same active run so duplicate background work is avoided and results remain auditable.
+
+**Why this priority**: Reduces load, prevents confusing duplicate outcomes, and makes operations safer under concurrency.
+
+**Independent Test**: Start the same operation twice with identical effective inputs while the first is queued/running and verify the system reuses the active run.
+
+**Acceptance Scenarios**:
+
+1. **Given** an identical run is queued/running for a tenant, **When** another start request is made with the same effective inputs, **Then** the system reuses the existing run and does not start a second one.
+2. **Given** two starts happen at nearly the same time, **When** the system resolves the race, **Then** at most one active run exists for that identity and both users are directed to it.
+
+### Edge Cases
+
+- Background execution unavailable: start fails fast with a clear message; the system MUST NOT create misleading “queued” runs.
+- Partial processing: at least one success and at least one failure yields “partially succeeded”, with per-item failures when applicable.
+- Large run history: Monitoring remains usable with filters and defaults (recent runs, last 30 days).
+- Permissions revoked mid-run: the run continues; visibility is evaluated at time of access.
+
+## Requirements *(mandatory)*
+
+**Constitution alignment (required):** If this feature introduces any external tenant API calls or any write/change behavior,
+the spec MUST describe contract registry updates, safety gates (preview/confirmation/audit), tenant isolation, and tests.
+
+### Scope & Assumptions
+
+**Phase 1 adoption set (must be implemented):**
+
+- `inventory.sync` (Inventory “Sync now”)
+- `policy.sync` (Policies “Sync now”)
+- `directory_groups.sync` (Directory → Groups “Sync groups”)
+- `drift.generate` (Drift “Generate drift now” / auto-on-open when eligible)
+- `backup_set.add_policies` (Backup Sets “Add selected” / “Add policies”)
+
+**Restore visibility (adapter only):**
+
+- `restore.execute` appears as a canonical run entry that links to an existing restore domain record.
+- Restore execution history remains owned by the restore domain record (not replaced in Phase 1).
+
+**Out of scope for 054 (explicit):**
+
+- Cross-tenant compare/promotion
+- UI redesign/styling polish (separate UI polish work)
+- Cancel/rerun/delete controls inside Monitoring hub (hub stays view-only)
+- Replacing restore domain records with canonical runs
+- A full settings UI for retention/notifications/etc.
+
+**Assumptions (defaults to remove ambiguity in Phase 1):**
+
+- Canonical run history retention defaults to 90 days, with no user-facing retention configuration in 054.
+- System-initiated runs (if any) do not notify users by default in Phase 1.
+- Transition strategy: write canonical runs in parallel with any existing legacy per-module run tables (where they exist); Monitoring uses canonical runs as the source of truth immediately.
+
+### Functional Requirements
+
+- **FR-001 Canonical Operation Run**: System MUST represent each supported operation execution as a canonical, tenant-scoped operation run record that captures initiator (nullable `user_id` FK + `initiator_name` string), run type, lifecycle status/timestamps, outcome bucket, summary counts (when applicable), safe failure summaries, an idempotency identity for dedupe, and a safe context payload referencing “what this run was about”.
+- **FR-002 Run taxonomy**: Run type MUST be stable and follow `"<resource>.<action>"`.
+- **FR-003 Phase 1 run types**: Phase 1 run types MUST include `inventory.sync`, `policy.sync`, `directory_groups.sync`, `drift.generate`, `backup_set.add_policies`, plus `restore.execute` implemented as a physical `operation_runs` record (adapter) pointing to the domain entity.
+- **FR-004 Monitoring lists all canonical runs**: Monitoring → Operations MUST list canonical runs for the active tenant with filters for run type, outcome bucket, time range, and initiator; default sort is most recent first; default time window is last 30 days.
+- **FR-005 Run detail**: Run detail MUST show initiator, run type, outcome bucket, timestamps (created/started/finished), summary counts (when applicable), sanitized failures (including per-item failures when applicable), and contextual links to owning feature surfaces/results.
+- **FR-006 View-only hub**: Monitoring hub MUST be view-only (no start/rerun/cancel/delete controls) and MUST link back to owning feature surfaces.
+- **FR-007 Start surfaces always enqueue**: Every Phase 1 start surface MUST authorize start, create/reuse a canonical run (dedupe), dispatch background execution, and return immediately with confirmation + “View run”.
+- **FR-008 No remote work in interactive request**: Start surfaces MUST NOT perform remote work inline; long-running work happens in background execution.
+- **FR-009 Deterministic idempotency**: For each run type, the system MUST define a deterministic identity for “identical run” based on tenant + effective inputs; initiator MUST NOT be part of identity. **Enforcement**: Uniqueness MUST be enforced via a partial unique index on `(tenant_id, run_identity_hash)` where outcome is `queued` or `running`.
+- **FR-010 Phase 1 identity rules**: Identity rules MUST be defined at least as follows:
+  - `inventory.sync`: tenant + selection scope
+  - `policy.sync`: tenant + effective policy scope
+  - `directory_groups.sync`: tenant + selection (Phase 1 default: “all groups”)
+  - `backup_set.add_policies`: tenant + backup set + selected policies + option flags (if exposed)
+  - `drift.generate`: tenant + scope key + baseline/current comparison inputs
+- **FR-011 Outcome buckets**: Monitoring MUST present consistent outcome buckets: `queued`, `running`, `succeeded`, `partially succeeded`, `failed`.
+- **FR-012 Partial vs failed**: “Partially succeeded” means at least one success and at least one failure; “Failed” means zero successes or cannot proceed.
+- **FR-013 Failure details are safe + useful**: Failures MUST be persisted and displayed as stable reason codes and short sanitized messages; failures MUST NOT include secrets/tokens/credentials/PII or full external payload dumps.
+- **FR-014 Related links**: Run detail MUST include contextual links where applicable (e.g., drift findings, backup set, inventory results, directory groups, restore detail for `restore.execute`).
+- **FR-015 Notifications**: System MUST emit in-app notifications for “queued” (after start) and terminal outcomes for Phase 1 runs; notifications MUST include a short summary and a “View run” link; recipients are the initiating user only.
+- **FR-016 Tenant isolation**: All run list/detail access MUST be tenant-scoped; cross-tenant access MUST be denied without disclosing run details.
+- **FR-017 No render-time remote calls**: Monitoring pages MUST be render-safe and MUST NOT depend on external service calls during render.
+- **FR-018 Roles & permissions**: Roles `Owner`, `Manager`, `Operator`, and `Readonly` MUST be able to view runs; only `Owner`, `Manager`, `Operator` may start operations; `Readonly` is strictly view-only.
+
+### Key Entities *(include if feature involves data)*
+
+- **Canonical Operation Run**: A tenant-scoped record representing the lifecycle of a long-running operation, including run type, initiator (nullable `user_id` FK + `initiator_name` string), lifecycle state/timestamps, outcome bucket, summary counts, safe failure summaries, idempotency identity (uniqueness enforced by DB index on active runs), and safe context references.
+- **Restore domain record (exception)**: Restore remains a domain workflow record with richer semantics and history. Monitoring shows restore activity through a physical `operation_runs` row (adapter) that links back to the restore record, without replacing it.
+
+## Success Criteria *(mandatory)*
+
+### Measurable Outcomes
+
+- **SC-001**: Operators can answer “what ran, when, and did it succeed?” for any Phase 1 run in under 1 minute using Monitoring → Operations.
+- **SC-002**: Starting a Phase 1 operation returns confirmation + “View run” link within 2 seconds under normal conditions.
+- **SC-003**: Duplicate starts reuse the same active run in at least 99% of attempts under normal conditions.
+- **SC-004**: No secrets/tokens/credentials/PII appear in persisted failures or notifications (verified by tests).
diff --git a/specs/054-unify-runs-suitewide/tasks.md b/specs/054-unify-runs-suitewide/tasks.md
new file mode 100644
index 0000000..fd8b909
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/tasks.md
@@ -0,0 +1,64 @@
+# Tasks: Unified Operations Runs Suitewide
+
+**Feature**: `054-unify-runs-suitewide`
+**Spec**: `specs/054-unify-runs-suitewide/spec.md`
+
+## Phase 1: Foundation (DB & Service)
+
+- [ ] **Migration**: Create `operation_runs` table with partial unique index on `(tenant_id, run_identity_hash)` where status in `queued, running`.
+- [ ] **Model**: Create `OperationRun` model with casts (JSONB for summaries/context), relationship to `Tenant` and `User`.
+- [ ] **Service**: Implement `OperationRunService::ensureRun()` (idempotent creation) and `updateRun()` methods.
+- [ ] **Test**: Feature test for `ensureRun` verifying idempotency (same hash = same run) and concurrency safety (simulated).
+- [ ] **Test**: Feature test for `updateRun` verifying status transitions and history logging (if any).
+- [ ] **Job Middleware**: Create `TrackOperationRun` middleware to automatically handle job success/failure updates for jobs using this system.
+- [ ] **Retention**: Create a daily scheduled job to prune `operation_runs` older than 90 days.
+
+## Phase 2: Monitoring UI (Read-Only)
+
+- [ ] **Page**: Create Filament Page `Monitoring/Operations` (List) strictly scoped to current tenant.
+- [ ] **Table**: Implement `OperationRun` table with columns: Status (Badge), Operation Type, Initiator, Started At, Duration, Outcome.
+- [ ] **Filters**: Add table filters for `Type`, `Outcome`, `Date Range`, `Initiator`.
+- [ ] **Detail View**: Create "View Run" modal or separate page showing:
+    - Summary counts (Success/Fail/Total)
+    - Failure list (Sanitized codes/messages)
+    - Context JSON (Debug info)
+    - Timeline (Created/Started/Finished)
+- [ ] **Test**: Livewire test verifying `Readonly` users can see table but no actions.
+- [ ] **Test**: Verify cross-tenant access is blocked.
+
+## Phase 3: Producer Migration (Parallel Write)
+
+### Inventory Sync (`inventory.sync`)
+- [ ] **Refactor**: Update `RunInventorySyncJob` dispatch logic to call `OperationRunService::ensureRun()` first.
+- [ ] **Refactor**: Update Job to use `TrackOperationRun` middleware (or manual updates) to sync status to `operation_runs`.
+- [ ] **Verify**: Ensure legacy `inventory_sync_runs` is still written to (if legacy UI depends on it) OR confirm legacy UI is replaced. *Decision: Parallel write as per spec.*
+
+### Policy Sync (`policy.sync`)
+- [ ] **Refactor**: Update Policy Sync start logic to use `OperationRunService`.
+- [ ] **Refactor**: Instrument Policy Sync job to update `operation_runs`.
+
+### Directory Groups Sync (`directory_groups.sync`)
+- [ ] **Refactor**: Update Group Sync start logic to use `OperationRunService`.
+- [ ] **Refactor**: Instrument Group Sync job to update `operation_runs`.
+
+### Drift Generation (`drift.generate`)
+- [ ] **Refactor**: Update Drift Generation start logic to use `OperationRunService`.
+- [ ] **Refactor**: Instrument Drift job to update `operation_runs`.
+
+### Backup Set (`backup_set.add_policies`)
+- [ ] **Refactor**: Update "Add Policies" action to use `OperationRunService`.
+
+## Phase 4: Restore Adapter
+
+- [ ] **Listener**: Create `SyncRestoreRunToOperation` listener observing `RestoreRun` events (`created`, `updated`).
+- [ ] **Logic**: Map `RestoreRun` status/outcomes to `OperationRun` schema.
+    - `RestoreRun` created -> `OperationRun` created (queued/running).
+    - `RestoreRun` updated -> `OperationRun` updated.
+- [ ] **Context**: Store `{"restore_run_id": <id>}` in `OperationRun.context`.
+- [ ] **Test**: Verify creating a `RestoreRun` automatically spawns a shadow `OperationRun`.
+
+## Phase 5: Notifications & Polish
+
+- [ ] **Notifications**: Implement Database Notifications for "Run Started" (with link) and "Run Completed" (with outcome).
+- [ ] **Frontend**: Ensure "View Run" link in Toast notifications correctly opens the Monitoring Detail view.
+- [ ] **Final Verify**: Run through the `requirements.md` checklist manually.
\ No newline at end of file
-- 
2.45.2


From 9f980ce80eaa834613c33c1c026c40a8e1dc8a61 Mon Sep 17 00:00:00 2001
From: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Date: Sat, 17 Jan 2026 23:14:20 +0100
Subject: [PATCH 2/4] =?UTF-8?q?feat(054):=20finalize=20docs=20=E2=80=94=20?=
 =?UTF-8?q?RBAC=20delegated=20group=20search=20+=20Restore=20DB-only=20map?=
 =?UTF-8?q?ping;=20constitution=20note?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .npmignore                                    |   1 +
 .specify/memory/constitution.md               |  39 ++-
 .specify/templates/plan-template.md           |   3 +-
 .specify/templates/spec-template.md           |   6 +-
 .specify/templates/tasks-template.md          |   3 +
 Agents.md                                     |   7 +
 ...otReconcileBackupScheduleOperationRuns.php | 219 +++++++++++++
 app/Filament/Pages/DriftLanding.php           | 108 +++++--
 app/Filament/Pages/InventoryLanding.php       |  63 +++-
 app/Filament/Pages/Monitoring/Operations.php  | 125 ++++++++
 .../Resources/BackupScheduleResource.php      | 237 ++++++++++++--
 .../BackupItemsRelationManager.php            | 206 +++++++++---
 .../Resources/BulkOperationRunResource.php    |  15 +
 .../Pages/ListEntraGroups.php                 |  67 +++-
 .../Resources/EntraGroupSyncRunResource.php   |  15 +
 .../Resources/InventorySyncRunResource.php    |  15 +
 .../Resources/OperationRunResource.php        | 245 ++++++++++++++
 .../Pages/ListOperationRuns.php               |  11 +
 .../Pages/ViewOperationRun.php                |  50 +++
 app/Filament/Resources/PolicyResource.php     | 156 +++++++--
 .../PolicyResource/Pages/ListPolicies.php     | 124 +++++---
 app/Filament/Resources/RestoreRunResource.php |   4 +-
 app/Filament/Resources/TenantResource.php     | 134 +++++++-
 app/Jobs/AddPoliciesToBackupSetJob.php        |  63 +++-
 app/Jobs/EntraGroupSyncJob.php                |  41 ++-
 app/Jobs/GenerateDriftFindingsJob.php         | 125 +++++---
 app/Jobs/Middleware/TrackOperationRun.php     |  61 ++++
 app/Jobs/PruneOldOperationRunsJob.php         |  31 ++
 app/Jobs/RemovePoliciesFromBackupSetJob.php   | 301 ++++++++++++++++++
 app/Jobs/RunBackupScheduleJob.php             | 267 +++++++++++++++-
 app/Jobs/RunInventorySyncJob.php              |  81 ++++-
 app/Jobs/SyncPoliciesJob.php                  | 151 ++++++++-
 app/Listeners/SyncRestoreRunToOperation.php   |  81 +++++
 .../SyncRestoreRunToOperationRun.php          |  88 +++++
 app/Livewire/BackupSetPolicyPickerTable.php   |  65 +++-
 app/Livewire/Monitoring/OperationsDetail.php  |  28 ++
 app/Models/OperationRun.php                   |  38 +++
 app/Notifications/OperationRunCompleted.php   |  46 +++
 app/Notifications/OperationRunQueued.php      |  46 +++
 app/Observers/RestoreRunObserver.php          |  32 ++
 app/Policies/OperationRunPolicy.php           |  39 +++
 app/Providers/AppServiceProvider.php          |   7 +
 app/Providers/Filament/AdminPanelProvider.php |   4 +-
 app/Services/OperationRunService.php          | 282 ++++++++++++++++
 app/Support/OperationRunLinks.php             |  84 +++++
 app/Support/OperationRunOutcome.php           |  43 +++
 app/Support/OperationRunStatus.php            |  15 +
 app/Support/OperationRunType.php              |  22 ++
 config/tenantpilot.php                        |   2 +
 database/factories/OperationRunFactory.php    |  37 +++
 ..._16_180642_create_operation_runs_table.php |  46 +++
 .../filament/pages/drift-landing.blade.php    |  12 +-
 .../pages/monitoring/operations.blade.php     |   3 +
 .../bulk-operation-progress.blade.php         |   5 +-
 .../monitoring/operations-detail.blade.php    |  60 ++++
 routes/console.php                            |   6 +
 specs/046-inventory-sync-button/research.md   |   2 +-
 .../research.md                               |   3 +-
 specs/053-unify-runs-monitoring/research.md   |   2 +-
 .../checklists/requirements.md                |   2 +
 .../checklists/review.md                      |  61 ++++
 .../contracts/admin-pages.openapi.yaml        |   7 +-
 .../contracts/routes.md                       |  14 +-
 .../contracts/service_interface.md            |   9 +-
 specs/054-unify-runs-suitewide/data-model.md  |  27 +-
 specs/054-unify-runs-suitewide/plan.md        | 106 +++---
 specs/054-unify-runs-suitewide/quickstart.md  |  28 +-
 specs/054-unify-runs-suitewide/research.md    |  26 +-
 specs/054-unify-runs-suitewide/spec.md        | 112 ++++++-
 specs/054-unify-runs-suitewide/tasks.md       | 243 +++++++++++---
 .../RunBackupScheduleJobTest.php              | 219 ++++++++++---
 .../RunNowRetryActionsTest.php                | 104 +++++-
 .../AddPoliciesStartSurfaceTest.php           |  70 ++++
 .../RemovePoliciesJobNotificationTest.php     |  65 ++++
 .../RemovePoliciesStartSurfaceTest.php        |  60 ++++
 ...BackupScheduleOperationRunsCommandTest.php |  88 +++++
 .../StartSyncFromGroupsPageTest.php           |  72 +++++
 .../Drift/DriftGenerationDispatchTest.php     |  51 ++-
 ...nerateDriftFindingsJobNotificationTest.php |  45 ++-
 .../Filament/BackupItemsBulkRemoveTest.php    |  30 +-
 .../InventorySyncStartSurfaceTest.php         |  58 ++++
 .../Inventory/RunInventorySyncJobTest.php     |  10 +-
 tests/Feature/MonitoringOperationsTest.php    | 140 ++++++++
 .../OperationRunNotificationTest.php          | 131 ++++++++
 tests/Feature/OperationRunServiceTest.php     | 171 ++++++++++
 tests/Feature/PolicySyncStartSurfaceTest.php  | 181 +++++++++++
 tests/Feature/RestoreAdapterTest.php          |  93 ++++++
 .../PruneOldOperationRunsScheduleTest.php     |  15 +
 .../TrackOperationRunMiddlewareTest.php       |  43 +++
 89 files changed, 5827 insertions(+), 526 deletions(-)
 create mode 100644 app/Console/Commands/TenantpilotReconcileBackupScheduleOperationRuns.php
 create mode 100644 app/Filament/Pages/Monitoring/Operations.php
 create mode 100644 app/Filament/Resources/OperationRunResource.php
 create mode 100644 app/Filament/Resources/OperationRunResource/Pages/ListOperationRuns.php
 create mode 100644 app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php
 create mode 100644 app/Jobs/Middleware/TrackOperationRun.php
 create mode 100644 app/Jobs/PruneOldOperationRunsJob.php
 create mode 100644 app/Jobs/RemovePoliciesFromBackupSetJob.php
 create mode 100644 app/Listeners/SyncRestoreRunToOperation.php
 create mode 100644 app/Listeners/SyncRestoreRunToOperationRun.php
 create mode 100644 app/Livewire/Monitoring/OperationsDetail.php
 create mode 100644 app/Models/OperationRun.php
 create mode 100644 app/Notifications/OperationRunCompleted.php
 create mode 100644 app/Notifications/OperationRunQueued.php
 create mode 100644 app/Observers/RestoreRunObserver.php
 create mode 100644 app/Policies/OperationRunPolicy.php
 create mode 100644 app/Services/OperationRunService.php
 create mode 100644 app/Support/OperationRunLinks.php
 create mode 100644 app/Support/OperationRunOutcome.php
 create mode 100644 app/Support/OperationRunStatus.php
 create mode 100644 app/Support/OperationRunType.php
 create mode 100644 database/factories/OperationRunFactory.php
 create mode 100644 database/migrations/2026_01_16_180642_create_operation_runs_table.php
 create mode 100644 resources/views/filament/pages/monitoring/operations.blade.php
 create mode 100644 resources/views/livewire/monitoring/operations-detail.blade.php
 create mode 100644 specs/054-unify-runs-suitewide/checklists/review.md
 create mode 100644 tests/Feature/BackupSets/AddPoliciesStartSurfaceTest.php
 create mode 100644 tests/Feature/BackupSets/RemovePoliciesJobNotificationTest.php
 create mode 100644 tests/Feature/BackupSets/RemovePoliciesStartSurfaceTest.php
 create mode 100644 tests/Feature/Console/ReconcileBackupScheduleOperationRunsCommandTest.php
 create mode 100644 tests/Feature/DirectoryGroups/StartSyncFromGroupsPageTest.php
 create mode 100644 tests/Feature/Inventory/InventorySyncStartSurfaceTest.php
 create mode 100644 tests/Feature/MonitoringOperationsTest.php
 create mode 100644 tests/Feature/Notifications/OperationRunNotificationTest.php
 create mode 100644 tests/Feature/OperationRunServiceTest.php
 create mode 100644 tests/Feature/PolicySyncStartSurfaceTest.php
 create mode 100644 tests/Feature/RestoreAdapterTest.php
 create mode 100644 tests/Feature/Scheduling/PruneOldOperationRunsScheduleTest.php
 create mode 100644 tests/Feature/TrackOperationRunMiddlewareTest.php

diff --git a/.npmignore b/.npmignore
index e669c3f..204381c 100644
--- a/.npmignore
+++ b/.npmignore
@@ -2,6 +2,7 @@ dist/
 build/
 public/build/
 node_modules/
+vendor/
 *.log
 .env
 .env.*
diff --git a/.specify/memory/constitution.md b/.specify/memory/constitution.md
index 3df8c1e..dd44daa 100644
--- a/.specify/memory/constitution.md
+++ b/.specify/memory/constitution.md
@@ -1,16 +1,11 @@
 <!--
 Sync Impact Report
 
-- Version change: 1.0.0 → 1.1.0
+- Version change: 1.2.0 → 1.2.1
 - Modified principles:
-	- Safety-First Restore → Read/Write Separation by Default
-	- Auditability & Tenant Isolation → Tenant Isolation is Non-negotiable (+ Least Privilege)
-	- Graph Abstraction & Contracts → Single Contract Path to Graph
-- Added principles:
-	- Inventory-first, Snapshots-second
-	- Deterministic Capabilities
-	- Automation must be Idempotent & Observable
-	- Data Minimization & Safe Logging
+	- Operations / Run Observability Standard (clarify AuditLog vs OperationRun)
+- Added sections: None
+- Removed sections: None
 - Templates requiring updates:
 	- ✅ .specify/templates/plan-template.md
 	- ✅ .specify/templates/tasks-template.md
@@ -48,11 +43,29 @@ ### Tenant Isolation is Non-negotiable
 - Cross-tenant views (MSP/Platform) MUST be explicit, access-checked, and aggregation-based (no ID-based shortcuts).
 - Prefer least-privilege roles/scopes; surface warnings when higher privileges are selected.
 
-### Automation must be Idempotent & Observable
+### Operations / Run Observability Standard
+- Every long-running or operationally relevant action MUST be observable, deduplicated, and auditable via Monitoring → Operations.
+- An action MUST create/reuse a canonical `OperationRun` and execute asynchronously when any of the following applies:
+  1. It can take > 2 seconds under normal conditions.
+  2. It performs remote/external calls (e.g., Microsoft Graph).
+  3. It is queued or scheduled.
+  4. It is operationally relevant for troubleshooting/audit (“what ran, who started it, did it succeed, what failed?”).
+- Actions that are DB-only and typically complete in < 2 seconds MAY skip `OperationRun`.
+- If an action is security-relevant or affects operational behavior (e.g., “Ignore policy”), it MUST write an `AuditLog` entry
+  including actor, tenant, action, target, before/after, and timestamp.
+- The `OperationRun` record is the canonical source of truth for Monitoring (status, timestamps, counts, failures),
+  even if implemented by multiple jobs/steps (“umbrella run”).
+- “Single-row” runs MUST still use consistent counters (e.g., `total=1`, `processed=0|1`) and outcome derived from success/failure.
+- Monitoring pages MUST be DB-only at render time (no external calls).
+- Start surfaces MUST NOT perform remote work inline; they only: authorize, create/reuse run (dedupe), enqueue work,
+  confirm + “View run”.
+- Active-run dedupe MUST be enforced at DB level (partial unique index/constraint for active states).
+- Failures MUST be stored as stable reason codes + sanitized messages; never persist secrets/tokens/PII/raw payload dumps
+  in failures or notifications.
+- Graph calls are allowed only via explicit user interaction and only when delegated auth is present; never as a render side-effect (restore group mapping is intentionally DB-only).
+- Monitoring → Operations is reserved for `OperationRun`-tracked operations.
 - Scheduled/queued operations MUST use locks + idempotency (no duplicates).
-- Long-running operations MUST create run records with status, counts, and stable error codes.
 - Graph throttling and transient failures MUST be handled with backoff + jitter (e.g., 429/503).
-- Failures MUST be visible and actionable (no silent best-effort).
 
 ### Data Minimization & Safe Logging
 - Inventory MUST store only metadata + whitelisted `meta_jsonb`.
@@ -83,4 +96,4 @@ ### Versioning Policy (SemVer)
 - **MINOR**: new principle/section or materially expanded guidance.
 - **MAJOR**: removing/redefining principles in a backward-incompatible way.
 
-**Version**: 1.1.0 | **Ratified**: 2026-01-03 | **Last Amended**: 2026-01-07
+**Version**: 1.2.1 | **Ratified**: 2026-01-03 | **Last Amended**: 2026-01-17
diff --git a/.specify/templates/plan-template.md b/.specify/templates/plan-template.md
index 0c59577..436949c 100644
--- a/.specify/templates/plan-template.md
+++ b/.specify/templates/plan-template.md
@@ -36,7 +36,8 @@ ## Constitution Check
 - Graph contract path: Graph calls only via `GraphClientInterface` + `config/graph_contracts.php`
 - Deterministic capabilities: capability derivation is testable (snapshot/golden tests)
 - Tenant isolation: all reads/writes tenant-scoped; cross-tenant views are explicit and access-checked
-- Automation: queued/scheduled ops are locked, idempotent, observable; handle 429/503 with backoff+jitter
+- Run observability: long-running/remote/queued work creates/reuses `OperationRun`; start surfaces enqueue-only; Monitoring is DB-only; DB-only <2s actions may skip runs but security-relevant ones still audit-log
+- Automation: queued/scheduled ops use locks + idempotency; handle 429/503 with backoff+jitter
 - Data minimization: Inventory stores metadata + whitelisted meta; logs contain no secrets/tokens
 
 ## Project Structure
diff --git a/.specify/templates/spec-template.md b/.specify/templates/spec-template.md
index 84c1682..c1867e3 100644
--- a/.specify/templates/spec-template.md
+++ b/.specify/templates/spec-template.md
@@ -77,8 +77,10 @@ ### Edge Cases
 
 ## Requirements *(mandatory)*
 
-**Constitution alignment (required):** If this feature introduces any Microsoft Graph calls or any write/change behavior,
-the spec MUST describe contract registry updates, safety gates (preview/confirmation/audit), tenant isolation, and tests.
+**Constitution alignment (required):** If this feature introduces any Microsoft Graph calls, any write/change behavior,
+or any long-running/queued/scheduled work, the spec MUST describe contract registry updates, safety gates
+(preview/confirmation/audit), tenant isolation, run observability (`OperationRun` type/identity/visibility), and tests.
+If security-relevant DB-only actions intentionally skip `OperationRun`, the spec MUST describe `AuditLog` entries.
 
 <!--
   ACTION REQUIRED: The content in this section represents placeholders.
diff --git a/.specify/templates/tasks-template.md b/.specify/templates/tasks-template.md
index a7a8be3..031e304 100644
--- a/.specify/templates/tasks-template.md
+++ b/.specify/templates/tasks-template.md
@@ -9,6 +9,9 @@ # Tasks: [FEATURE NAME]
 **Prerequisites**: plan.md (required), spec.md (required for user stories), research.md, data-model.md, contracts/
 
 **Tests**: For runtime behavior changes in this repo, tests are REQUIRED (Pest). Only docs-only changes may omit tests.
+**Operations**: If this feature introduces long-running/remote/queued/scheduled work, include tasks to create/reuse and update a
+canonical `OperationRun`, and ensure “View run” links route to the canonical Monitoring hub.
+If security-relevant DB-only actions skip `OperationRun`, include tasks for `AuditLog` entries (before/after + actor + tenant).
 
 **Organization**: Tasks are grouped by user story to enable independent implementation and testing of each story.
 
diff --git a/Agents.md b/Agents.md
index 4dc089a..2993b9d 100644
--- a/Agents.md
+++ b/Agents.md
@@ -830,3 +830,10 @@ ### Replaced Utilities
 | decoration-slice | box-decoration-slice |
 | decoration-clone | box-decoration-clone |
 </laravel-boost-guidelines>
+
+## Active Technologies
+- PHP 8.4.15 (Laravel 12) + Filament v4, Livewire v3 (054-unify-runs-suitewide-session-1768601416)
+- PostgreSQL (`operation_runs` + JSONB for summary/failures/context; partial unique index for active-run dedupe) (054-unify-runs-suitewide-session-1768601416)
+
+## Recent Changes
+- 054-unify-runs-suitewide-session-1768601416: Added PHP 8.4.15 (Laravel 12) + Filament v4, Livewire v3
diff --git a/app/Console/Commands/TenantpilotReconcileBackupScheduleOperationRuns.php b/app/Console/Commands/TenantpilotReconcileBackupScheduleOperationRuns.php
new file mode 100644
index 0000000..360439a
--- /dev/null
+++ b/app/Console/Commands/TenantpilotReconcileBackupScheduleOperationRuns.php
@@ -0,0 +1,219 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\BackupScheduleRun;
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Services\BulkOperationService;
+use App\Services\OperationRunService;
+use Illuminate\Console\Command;
+
+class TenantpilotReconcileBackupScheduleOperationRuns extends Command
+{
+    protected $signature = 'tenantpilot:operation-runs:reconcile-backup-schedules
+        {--tenant=* : Limit to tenant_id/external_id}
+        {--older-than=5 : Only reconcile runs older than N minutes}
+        {--dry-run : Do not write changes}';
+
+    protected $description = 'Reconcile stuck backup schedule OperationRuns against BackupScheduleRun status.';
+
+    public function handle(OperationRunService $operationRunService, BulkOperationService $bulkOperationService): int
+    {
+        $tenantIdentifiers = array_values(array_filter((array) $this->option('tenant')));
+        $olderThanMinutes = max(0, (int) $this->option('older-than'));
+        $dryRun = (bool) $this->option('dry-run');
+
+        $query = OperationRun::query()
+            ->whereIn('type', ['backup_schedule.run_now', 'backup_schedule.retry'])
+            ->whereIn('status', ['queued', 'running']);
+
+        if ($olderThanMinutes > 0) {
+            $query->where('created_at', '<', now()->subMinutes($olderThanMinutes));
+        }
+
+        if ($tenantIdentifiers !== []) {
+            $tenantIds = $this->resolveTenantIds($tenantIdentifiers);
+
+            if ($tenantIds === []) {
+                $this->info('No tenants matched the provided identifiers.');
+
+                return self::SUCCESS;
+            }
+
+            $query->whereIn('tenant_id', $tenantIds);
+        }
+
+        $reconciled = 0;
+        $skipped = 0;
+        $failed = 0;
+
+        foreach ($query->cursor() as $operationRun) {
+            $backupScheduleRunId = data_get($operationRun->context, 'backup_schedule_run_id');
+
+            if (! is_numeric($backupScheduleRunId)) {
+                $skipped++;
+
+                continue;
+            }
+
+            $scheduleRun = BackupScheduleRun::query()
+                ->whereKey((int) $backupScheduleRunId)
+                ->where('tenant_id', $operationRun->tenant_id)
+                ->first();
+
+            if (! $scheduleRun) {
+                if (! $dryRun) {
+                    $operationRunService->updateRun(
+                        $operationRun,
+                        status: 'completed',
+                        outcome: 'failed',
+                        failures: [
+                            [
+                                'code' => 'RUN_NOT_FOUND',
+                                'message' => $bulkOperationService->sanitizeFailureReason('Backup schedule run not found.'),
+                            ],
+                        ],
+                    );
+                }
+
+                $failed++;
+
+                continue;
+            }
+
+            if ($scheduleRun->status === BackupScheduleRun::STATUS_RUNNING) {
+                if (! $dryRun) {
+                    $operationRunService->updateRun($operationRun, 'running', 'pending');
+
+                    if ($scheduleRun->started_at) {
+                        $operationRun->forceFill(['started_at' => $scheduleRun->started_at])->save();
+                    }
+                }
+
+                $reconciled++;
+
+                continue;
+            }
+
+            $outcome = match ($scheduleRun->status) {
+                BackupScheduleRun::STATUS_SUCCESS => 'succeeded',
+                BackupScheduleRun::STATUS_PARTIAL => 'partially_succeeded',
+                BackupScheduleRun::STATUS_SKIPPED,
+                BackupScheduleRun::STATUS_CANCELED => 'cancelled',
+                default => 'failed',
+            };
+
+            $summary = is_array($scheduleRun->summary) ? $scheduleRun->summary : [];
+            $syncFailures = $summary['sync_failures'] ?? [];
+
+            $summaryCounts = [
+                'backup_schedule_id' => (int) $scheduleRun->backup_schedule_id,
+                'backup_schedule_run_id' => (int) $scheduleRun->getKey(),
+                'backup_set_id' => $scheduleRun->backup_set_id ? (int) $scheduleRun->backup_set_id : null,
+                'policies_total' => (int) ($summary['policies_total'] ?? 0),
+                'policies_backed_up' => (int) ($summary['policies_backed_up'] ?? 0),
+                'sync_failures' => is_array($syncFailures) ? count($syncFailures) : 0,
+            ];
+
+            $summaryCounts = array_filter($summaryCounts, fn (mixed $value): bool => $value !== null);
+
+            $failures = [];
+
+            if (filled($scheduleRun->error_message) || filled($scheduleRun->error_code)) {
+                $failures[] = [
+                    'code' => (string) ($scheduleRun->error_code ?: 'BACKUP_SCHEDULE_ERROR'),
+                    'message' => $bulkOperationService->sanitizeFailureReason((string) ($scheduleRun->error_message ?: 'Backup schedule run failed.')),
+                ];
+            }
+
+            if (is_array($syncFailures)) {
+                foreach ($syncFailures as $failure) {
+                    if (! is_array($failure)) {
+                        continue;
+                    }
+
+                    $policyType = (string) ($failure['policy_type'] ?? 'unknown');
+                    $status = is_numeric($failure['status'] ?? null) ? (int) $failure['status'] : null;
+                    $errors = $failure['errors'] ?? null;
+
+                    $firstErrorMessage = null;
+                    if (is_array($errors) && isset($errors[0]) && is_array($errors[0])) {
+                        $firstErrorMessage = $errors[0]['message'] ?? null;
+                    }
+
+                    $message = $status !== null
+                        ? "{$policyType}: Graph returned {$status}"
+                        : "{$policyType}: Graph request failed";
+
+                    if (is_string($firstErrorMessage) && $firstErrorMessage !== '') {
+                        $message .= ' - '.trim($firstErrorMessage);
+                    }
+
+                    $failures[] = [
+                        'code' => $status !== null ? "GRAPH_HTTP_{$status}" : 'GRAPH_ERROR',
+                        'message' => $bulkOperationService->sanitizeFailureReason($message),
+                    ];
+                }
+            }
+
+            if (! $dryRun) {
+                $operationRun->update([
+                    'context' => array_merge($operationRun->context ?? [], [
+                        'backup_schedule_id' => (int) $scheduleRun->backup_schedule_id,
+                        'backup_schedule_run_id' => (int) $scheduleRun->getKey(),
+                    ]),
+                ]);
+
+                $operationRunService->updateRun(
+                    $operationRun,
+                    status: 'completed',
+                    outcome: $outcome,
+                    summaryCounts: $summaryCounts,
+                    failures: $failures,
+                );
+
+                $operationRun->forceFill([
+                    'started_at' => $scheduleRun->started_at ?? $operationRun->started_at,
+                    'completed_at' => $scheduleRun->finished_at ?? $operationRun->completed_at,
+                ])->save();
+            }
+
+            $reconciled++;
+        }
+
+        $this->info(sprintf(
+            'Reconciled %d run(s), skipped %d, failed %d.',
+            $reconciled,
+            $skipped,
+            $failed,
+        ));
+
+        if ($dryRun) {
+            $this->comment('Dry-run: no changes written.');
+        }
+
+        return self::SUCCESS;
+    }
+
+    /**
+     * @param  array<int, string>  $tenantIdentifiers
+     * @return array<int>
+     */
+    private function resolveTenantIds(array $tenantIdentifiers): array
+    {
+        $tenantIds = [];
+
+        foreach ($tenantIdentifiers as $identifier) {
+            $tenant = Tenant::query()
+                ->forTenant($identifier)
+                ->first();
+
+            if ($tenant) {
+                $tenantIds[] = (int) $tenant->getKey();
+            }
+        }
+
+        return array_values(array_unique($tenantIds));
+    }
+}
diff --git a/app/Filament/Pages/DriftLanding.php b/app/Filament/Pages/DriftLanding.php
index d69c67c..5aee73d 100644
--- a/app/Filament/Pages/DriftLanding.php
+++ b/app/Filament/Pages/DriftLanding.php
@@ -2,20 +2,23 @@
 
 namespace App\Filament\Pages;
 
-use App\Filament\Resources\BulkOperationRunResource;
 use App\Filament\Resources\FindingResource;
 use App\Filament\Resources\InventorySyncRunResource;
 use App\Jobs\GenerateDriftFindingsJob;
 use App\Models\BulkOperationRun;
 use App\Models\Finding;
 use App\Models\InventorySyncRun;
+use App\Models\OperationRun;
 use App\Models\Tenant;
 use App\Models\User;
-use App\Notifications\RunStatusChangedNotification;
 use App\Services\BulkOperationService;
 use App\Services\Drift\DriftRunSelector;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use App\Support\RunIdempotency;
 use BackedEnum;
+use Filament\Actions\Action;
+use Filament\Notifications\Notification;
 use Filament\Pages\Page;
 use UnitEnum;
 
@@ -43,6 +46,8 @@ class DriftLanding extends Page
 
     public ?string $currentFinishedAt = null;
 
+    public ?int $operationRunId = null;
+
     public ?int $bulkOperationRunId = null;
 
     /** @var array<string, int>|null */
@@ -98,6 +103,19 @@ public function mount(): void
         $this->baselineFinishedAt = $baseline->finished_at?->toDateTimeString();
         $this->currentFinishedAt = $current->finished_at?->toDateTimeString();
 
+        $existingOperationRun = OperationRun::query()
+            ->where('tenant_id', $tenant->getKey())
+            ->where('type', 'drift.generate')
+            ->where('context->scope_key', $scopeKey)
+            ->where('context->baseline_run_id', (int) $baseline->getKey())
+            ->where('context->current_run_id', (int) $current->getKey())
+            ->latest('id')
+            ->first();
+
+        if ($existingOperationRun instanceof OperationRun) {
+            $this->operationRunId = (int) $existingOperationRun->getKey();
+        }
+
         $idempotencyKey = RunIdempotency::buildKey(
             tenantId: (int) $tenant->getKey(),
             operationType: 'drift.generate',
@@ -184,6 +202,41 @@ public function mount(): void
             return;
         }
 
+        // --- Phase 3: Canonical Operation Run Start ---
+        /** @var OperationRunService $opService */
+        $opService = app(OperationRunService::class);
+        $opRun = $opService->ensureRun(
+            tenant: $tenant,
+            type: 'drift.generate',
+            inputs: [
+                'scope_key' => $scopeKey,
+                'baseline_run_id' => (int) $baseline->getKey(),
+                'current_run_id' => (int) $current->getKey(),
+            ],
+            initiator: $user
+        );
+
+        $this->operationRunId = (int) $opRun->getKey();
+
+        if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'])) {
+            $this->state = 'generating'; // Reflect generating state in UI if idempotency hit
+            // Optionally, we could find the related BulkOpRun to link, but the UI might just need state.
+
+            Notification::make()
+                ->title('Drift generation already active')
+                ->body('This operation is already queued or running.')
+                ->warning()
+                ->actions([
+                    Action::make('view_run')
+                        ->label('View Run')
+                        ->url(OperationRunLinks::view($opRun, $tenant)),
+                ])
+                ->send();
+
+            return;
+        }
+        // ----------------------------------------------
+
         $bulkOperationService = app(BulkOperationService::class);
         $run = $bulkOperationService->createRun(
             tenant: $tenant,
@@ -203,28 +256,31 @@ public function mount(): void
         $this->state = 'generating';
         $this->bulkOperationRunId = (int) $run->getKey();
 
-        GenerateDriftFindingsJob::dispatch(
-            tenantId: (int) $tenant->getKey(),
-            userId: (int) $user->getKey(),
-            baselineRunId: (int) $baseline->getKey(),
-            currentRunId: (int) $current->getKey(),
-            scopeKey: $scopeKey,
-            bulkOperationRunId: (int) $run->getKey(),
-        );
+        /** @var OperationRunService $opService */
+        $opService = app(OperationRunService::class);
+        $opService->dispatchOrFail($opRun, function () use ($tenant, $user, $baseline, $current, $scopeKey, $run, $opRun): void {
+            GenerateDriftFindingsJob::dispatch(
+                tenantId: (int) $tenant->getKey(),
+                userId: (int) $user->getKey(),
+                baselineRunId: (int) $baseline->getKey(),
+                currentRunId: (int) $current->getKey(),
+                scopeKey: $scopeKey,
+                bulkOperationRunId: (int) $run->getKey(),
+                operationRun: $opRun
+            );
+        });
 
-        $user->notify(new RunStatusChangedNotification([
-            'tenant_id' => (int) $tenant->getKey(),
-            'run_type' => 'bulk_operation',
-            'run_id' => (int) $run->getKey(),
-            'status' => 'queued',
-            'counts' => [
-                'total' => (int) $run->total_items,
-                'processed' => (int) $run->processed_items,
-                'succeeded' => (int) $run->succeeded,
-                'failed' => (int) $run->failed,
-                'skipped' => (int) $run->skipped,
-            ],
-        ]));
+        Notification::make()
+            ->title('Drift generation queued')
+            ->body('Drift generation has been queued. Monitor progress in Monitoring → Operations.')
+            ->success()
+            ->actions([
+                Action::make('view_run')
+                    ->label('View run')
+                    ->url(OperationRunLinks::view($opRun, $tenant)),
+            ])
+            ->sendToDatabase($user)
+            ->send();
     }
 
     public function getFindingsUrl(): string
@@ -250,12 +306,12 @@ public function getCurrentRunUrl(): ?string
         return InventorySyncRunResource::getUrl('view', ['record' => $this->currentRunId], tenant: Tenant::current());
     }
 
-    public function getBulkRunUrl(): ?string
+    public function getOperationRunUrl(): ?string
     {
-        if (! is_int($this->bulkOperationRunId)) {
+        if (! is_int($this->operationRunId)) {
             return null;
         }
 
-        return BulkOperationRunResource::getUrl('view', ['record' => $this->bulkOperationRunId], tenant: Tenant::current());
+        return OperationRunLinks::view($this->operationRunId, Tenant::current());
     }
 }
diff --git a/app/Filament/Pages/InventoryLanding.php b/app/Filament/Pages/InventoryLanding.php
index 71418b3..132484e 100644
--- a/app/Filament/Pages/InventoryLanding.php
+++ b/app/Filament/Pages/InventoryLanding.php
@@ -11,6 +11,8 @@
 use App\Services\BulkOperationService;
 use App\Services\Intune\AuditLogger;
 use App\Services\Inventory\InventorySyncService;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use BackedEnum;
 use Filament\Actions\Action;
 use Filament\Actions\Action as HintAction;
@@ -150,17 +152,52 @@ protected function getHeaderActions(): array
                     }
                     $computed = $inventorySyncService->normalizeAndHashSelection($selectionPayload);
 
+                    // --- Phase 3: Canonical Operation Run Start ---
+                    /** @var OperationRunService $opService */
+                    $opService = app(OperationRunService::class);
+                    $opRun = $opService->ensureRun(
+                        tenant: $tenant,
+                        type: 'inventory.sync',
+                        inputs: $computed['selection'],
+                        initiator: $user
+                    );
+
+                    // If run is already active (was recently created or re-used), and we want to enforce re-use:
+                    if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'])) {
+                        // Just notify and exit (Idempotency)
+                        Notification::make()
+                            ->title('Inventory sync already active')
+                            ->body('This operation is already queued or running.')
+                            ->warning()
+                            ->actions([
+                                Action::make('view_run')
+                                    ->label('View Run')
+                                    ->url(OperationRunLinks::view($opRun, $tenant)),
+                            ])
+                            ->send();
+
+                        return;
+                    }
+                    // ----------------------------------------------
+
+                    // Legacy checks (kept for safety if parallel usage needs it, though OpRun handles idempotency now)
                     $existing = InventorySyncRun::query()
                         ->where('tenant_id', $tenant->getKey())
                         ->where('selection_hash', $computed['selection_hash'])
                         ->whereIn('status', [InventorySyncRun::STATUS_PENDING, InventorySyncRun::STATUS_RUNNING])
                         ->first();
 
+                    // If legacy thinks it's running but OpRun didn't catch it (unlikely with shared hash logic), fail safe.
                     if ($existing instanceof InventorySyncRun) {
                         Notification::make()
-                            ->title('Sync already running')
-                            ->body('An inventory sync is already running for this tenant. Check the progress widget for status.')
+                            ->title('Inventory sync already active')
+                            ->body('A matching inventory sync run is already pending or running.')
                             ->warning()
+                            ->actions([
+                                Action::make('view_run')
+                                    ->label('View Run')
+                                    ->url(OperationRunLinks::view($opRun, $tenant)),
+                            ])
                             ->send();
 
                         return;
@@ -201,19 +238,27 @@ protected function getHeaderActions(): array
 
                     Notification::make()
                         ->title('Inventory sync started')
-                        ->body('Sync dispatched. Check the bottom-right progress widget for status.')
+                        ->body('Sync dispatched. Check the progress widget or Monitoring.')
                         ->icon('heroicon-o-arrow-path')
                         ->iconColor('warning')
                         ->success()
+                        ->actions([
+                            Action::make('view_run')
+                                ->label('View Run')
+                                ->url(OperationRunLinks::view($opRun, $tenant)),
+                        ])
                         ->sendToDatabase($user)
                         ->send();
 
-                    RunInventorySyncJob::dispatch(
-                        tenantId: (int) $tenant->getKey(),
-                        userId: (int) $user->getKey(),
-                        bulkRunId: (int) $bulkRun->getKey(),
-                        inventorySyncRunId: (int) $run->getKey(),
-                    );
+                    $opService->dispatchOrFail($opRun, function () use ($tenant, $user, $run, $bulkRun, $opRun): void {
+                        RunInventorySyncJob::dispatch(
+                            tenantId: (int) $tenant->getKey(),
+                            userId: (int) $user->getKey(),
+                            inventorySyncRunId: (int) $run->id,
+                            bulkRunId: (int) $bulkRun->getKey(),
+                            operationRun: $opRun
+                        );
+                    });
                 }),
         ];
     }
diff --git a/app/Filament/Pages/Monitoring/Operations.php b/app/Filament/Pages/Monitoring/Operations.php
new file mode 100644
index 0000000..8c7a1ec
--- /dev/null
+++ b/app/Filament/Pages/Monitoring/Operations.php
@@ -0,0 +1,125 @@
+<?php
+
+namespace App\Filament\Pages\Monitoring;
+
+use App\Models\OperationRun;
+use BackedEnum;
+use Filament\Facades\Filament;
+use Filament\Forms\Components\DatePicker;
+use Filament\Forms\Concerns\InteractsWithForms;
+use Filament\Forms\Contracts\HasForms;
+use Filament\Pages\Page;
+use Filament\Tables\Columns\TextColumn;
+use Filament\Tables\Concerns\InteractsWithTable;
+use Filament\Tables\Contracts\HasTable;
+use Filament\Tables\Filters\Filter;
+use Filament\Tables\Filters\SelectFilter;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+use UnitEnum;
+
+class Operations extends Page implements HasForms, HasTable
+{
+    use InteractsWithForms;
+    use InteractsWithTable;
+
+    protected static bool $isDiscovered = false;
+
+    protected static string|BackedEnum|null $navigationIcon = 'heroicon-o-queue-list';
+
+    protected static string|UnitEnum|null $navigationGroup = 'Monitoring';
+
+    protected static ?string $title = 'Operations';
+
+    // Must be non-static
+    protected string $view = 'filament.pages.monitoring.operations';
+
+    public function table(Table $table): Table
+    {
+        return $table
+            ->query(
+                OperationRun::query()
+                    ->where('tenant_id', Filament::getTenant()->id)
+                    ->latest('created_at')
+            )
+            ->columns([
+                TextColumn::make('type')
+                    ->searchable()
+                    ->sortable(),
+
+                TextColumn::make('status')
+                    ->badge()
+                    ->colors([
+                        'secondary' => 'queued',
+                        'warning' => 'running',
+                        'success' => 'completed',
+                    ]),
+
+                TextColumn::make('outcome')
+                    ->badge()
+                    ->colors([
+                        'gray' => 'pending',
+                        'success' => 'succeeded',
+                        'warning' => 'partially_succeeded',
+                        'danger' => 'failed',
+                        'secondary' => 'cancelled',
+                    ]),
+
+                TextColumn::make('initiator_name')
+                    ->label('Initiator')
+                    ->searchable(),
+
+                TextColumn::make('created_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->label('Started'),
+
+                TextColumn::make('duration')
+                    ->getStateUsing(function (OperationRun $record) {
+                        if ($record->started_at && $record->completed_at) {
+                            return $record->completed_at->diffForHumans($record->started_at, true);
+                        }
+
+                        return '-';
+                    }),
+            ])
+            ->filters([
+                SelectFilter::make('outcome')
+                    ->options([
+                        'succeeded' => 'Succeeded',
+                        'partially_succeeded' => 'Partially Succeeded',
+                        'failed' => 'Failed',
+                        'cancelled' => 'Cancelled',
+                        'pending' => 'Pending',
+                    ]),
+
+                SelectFilter::make('type')
+                    ->options(
+                        fn () => OperationRun::where('tenant_id', Filament::getTenant()->id)
+                            ->distinct()
+                            ->pluck('type', 'type')
+                            ->toArray()
+                    ),
+
+                Filter::make('created_at')
+                    ->form([
+                        DatePicker::make('created_from'),
+                        DatePicker::make('created_until'),
+                    ])
+                    ->query(function (Builder $query, array $data): Builder {
+                        return $query
+                            ->when(
+                                $data['created_from'],
+                                fn (Builder $query, $date) => $query->whereDate('created_at', '>=', $date),
+                            )
+                            ->when(
+                                $data['created_until'],
+                                fn (Builder $query, $date) => $query->whereDate('created_at', '<=', $date),
+                            );
+                    }),
+            ])
+            ->actions([
+                // View action handled by opening a modal or side-peek
+            ]);
+    }
+}
diff --git a/app/Filament/Resources/BackupScheduleResource.php b/app/Filament/Resources/BackupScheduleResource.php
index a16c996..2a97863 100644
--- a/app/Filament/Resources/BackupScheduleResource.php
+++ b/app/Filament/Resources/BackupScheduleResource.php
@@ -15,6 +15,8 @@
 use App\Services\BackupScheduling\ScheduleTimeService;
 use App\Services\BulkOperationService;
 use App\Services\Intune\AuditLogger;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use App\Support\TenantRole;
 use BackedEnum;
 use Carbon\CarbonImmutable;
@@ -30,7 +32,6 @@
 use Filament\Forms\Components\Select;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Components\Toggle;
-use Filament\Notifications\Events\DatabaseNotificationsSent;
 use Filament\Notifications\Notification;
 use Filament\Resources\Resource;
 use Filament\Schemas\Components\Utilities\Get;
@@ -295,6 +296,32 @@ public static function table(Table $table): Table
                             $userId = auth()->id();
                             $userModel = $user instanceof User ? $user : ($userId ? User::query()->find($userId) : null);
 
+                            /** @var OperationRunService $operationRunService */
+                            $operationRunService = app(OperationRunService::class);
+                            $operationRun = $operationRunService->ensureRun(
+                                tenant: $tenant,
+                                type: 'backup_schedule.run_now',
+                                inputs: [
+                                    'backup_schedule_id' => (int) $record->getKey(),
+                                ],
+                                initiator: $userModel
+                            );
+
+                            if (! $operationRun->wasRecentlyCreated && in_array($operationRun->status, ['queued', 'running'], true)) {
+                                Notification::make()
+                                    ->title('Run already queued')
+                                    ->body('This schedule already has a queued or running backup.')
+                                    ->warning()
+                                    ->actions([
+                                        Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($operationRun, $tenant)),
+                                    ])
+                                    ->send();
+
+                                return;
+                            }
+
                             $scheduledFor = CarbonImmutable::now('UTC')->startOfMinute();
                             $run = null;
 
@@ -319,11 +346,38 @@ public static function table(Table $table): Table
                                     ->title('Run already queued')
                                     ->body('Please wait a moment and try again.')
                                     ->warning()
+                                    ->actions([
+                                        Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($operationRun, $tenant)),
+                                    ])
                                     ->send();
 
+                                $operationRunService->updateRun(
+                                    $operationRun,
+                                    status: 'completed',
+                                    outcome: 'failed',
+                                    summaryCounts: [
+                                        'backup_schedule_id' => (int) $record->getKey(),
+                                    ],
+                                    failures: [
+                                        [
+                                            'code' => 'SCHEDULE_CONFLICT',
+                                            'message' => 'Unable to queue a unique backup schedule run.',
+                                        ],
+                                    ],
+                                );
+
                                 return;
                             }
 
+                            $operationRun->update([
+                                'context' => array_merge($operationRun->context ?? [], [
+                                    'backup_schedule_id' => (int) $record->getKey(),
+                                    'backup_schedule_run_id' => (int) $run->getKey(),
+                                ]),
+                            ]);
+
                             app(AuditLogger::class)->log(
                                 tenant: $tenant,
                                 action: 'backup_schedule.run_dispatched_manual',
@@ -355,17 +409,19 @@ public static function table(Table $table): Table
                                     ->id;
                             }
 
-                            Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRunId));
+                            $operationRunService->dispatchOrFail($operationRun, function () use ($run, $bulkRunId, $operationRun): void {
+                                Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRunId, $operationRun));
+                            });
 
                             $notification = Notification::make()
                                 ->title('Run dispatched')
                                 ->body('The backup run has been queued.')
-                                ->success();
-
-                            if ($userModel instanceof User) {
-                                $userModel->notifyNow($notification->toDatabase());
-                                DatabaseNotificationsSent::dispatch($userModel);
-                            }
+                                ->success()
+                                ->actions([
+                                    Action::make('view_run')
+                                        ->label('View run')
+                                        ->url(OperationRunLinks::view($operationRun, $tenant)),
+                                ]);
 
                             $notification->send();
                         }),
@@ -382,6 +438,32 @@ public static function table(Table $table): Table
                             $userId = auth()->id();
                             $userModel = $user instanceof User ? $user : ($userId ? User::query()->find($userId) : null);
 
+                            /** @var OperationRunService $operationRunService */
+                            $operationRunService = app(OperationRunService::class);
+                            $operationRun = $operationRunService->ensureRun(
+                                tenant: $tenant,
+                                type: 'backup_schedule.retry',
+                                inputs: [
+                                    'backup_schedule_id' => (int) $record->getKey(),
+                                ],
+                                initiator: $userModel
+                            );
+
+                            if (! $operationRun->wasRecentlyCreated && in_array($operationRun->status, ['queued', 'running'], true)) {
+                                Notification::make()
+                                    ->title('Retry already queued')
+                                    ->body('This schedule already has a queued or running retry.')
+                                    ->warning()
+                                    ->actions([
+                                        Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($operationRun, $tenant)),
+                                    ])
+                                    ->send();
+
+                                return;
+                            }
+
                             $scheduledFor = CarbonImmutable::now('UTC')->startOfMinute();
                             $run = null;
 
@@ -406,11 +488,38 @@ public static function table(Table $table): Table
                                     ->title('Retry already queued')
                                     ->body('Please wait a moment and try again.')
                                     ->warning()
+                                    ->actions([
+                                        Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($operationRun, $tenant)),
+                                    ])
                                     ->send();
 
+                                $operationRunService->updateRun(
+                                    $operationRun,
+                                    status: 'completed',
+                                    outcome: 'failed',
+                                    summaryCounts: [
+                                        'backup_schedule_id' => (int) $record->getKey(),
+                                    ],
+                                    failures: [
+                                        [
+                                            'code' => 'SCHEDULE_CONFLICT',
+                                            'message' => 'Unable to queue a unique backup schedule retry run.',
+                                        ],
+                                    ],
+                                );
+
                                 return;
                             }
 
+                            $operationRun->update([
+                                'context' => array_merge($operationRun->context ?? [], [
+                                    'backup_schedule_id' => (int) $record->getKey(),
+                                    'backup_schedule_run_id' => (int) $run->getKey(),
+                                ]),
+                            ]);
+
                             app(AuditLogger::class)->log(
                                 tenant: $tenant,
                                 action: 'backup_schedule.run_dispatched_manual',
@@ -442,17 +551,19 @@ public static function table(Table $table): Table
                                     ->id;
                             }
 
-                            Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRunId));
+                            $operationRunService->dispatchOrFail($operationRun, function () use ($run, $bulkRunId, $operationRun): void {
+                                Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRunId, $operationRun));
+                            });
 
                             $notification = Notification::make()
                                 ->title('Retry dispatched')
                                 ->body('A new backup run has been queued.')
-                                ->success();
-
-                            if ($userModel instanceof User) {
-                                $userModel->notifyNow($notification->toDatabase());
-                                DatabaseNotificationsSent::dispatch($userModel);
-                            }
+                                ->success()
+                                ->actions([
+                                    Action::make('view_run')
+                                        ->label('View run')
+                                        ->url(OperationRunLinks::view($operationRun, $tenant)),
+                                ]);
 
                             $notification->send();
                         }),
@@ -479,6 +590,8 @@ public static function table(Table $table): Table
                             $tenant = Tenant::current();
                             $userId = auth()->id();
                             $user = $userId ? User::query()->find($userId) : null;
+                            /** @var OperationRunService $operationRunService */
+                            $operationRunService = app(OperationRunService::class);
 
                             $bulkRun = null;
                             if ($user) {
@@ -496,6 +609,19 @@ public static function table(Table $table): Table
 
                             /** @var BackupSchedule $record */
                             foreach ($records as $record) {
+                                $operationRun = $operationRunService->ensureRun(
+                                    tenant: $tenant,
+                                    type: 'backup_schedule.run_now',
+                                    inputs: [
+                                        'backup_schedule_id' => (int) $record->getKey(),
+                                    ],
+                                    initiator: $user
+                                );
+
+                                if (! $operationRun->wasRecentlyCreated && in_array($operationRun->status, ['queued', 'running'], true)) {
+                                    continue;
+                                }
+
                                 $scheduledFor = CarbonImmutable::now('UTC')->startOfMinute();
                                 $run = null;
 
@@ -516,11 +642,33 @@ public static function table(Table $table): Table
                                 }
 
                                 if (! $run instanceof BackupScheduleRun) {
+                                    $operationRunService->updateRun(
+                                        $operationRun,
+                                        status: 'completed',
+                                        outcome: 'failed',
+                                        summaryCounts: [
+                                            'backup_schedule_id' => (int) $record->getKey(),
+                                        ],
+                                        failures: [
+                                            [
+                                                'code' => 'SCHEDULE_CONFLICT',
+                                                'message' => 'Unable to queue a unique backup schedule run.',
+                                            ],
+                                        ],
+                                    );
+
                                     continue;
                                 }
 
                                 $createdRunIds[] = (int) $run->id;
 
+                                $operationRun->update([
+                                    'context' => array_merge($operationRun->context ?? [], [
+                                        'backup_schedule_id' => (int) $record->getKey(),
+                                        'backup_schedule_run_id' => (int) $run->getKey(),
+                                    ]),
+                                ]);
+
                                 app(AuditLogger::class)->log(
                                     tenant: $tenant,
                                     action: 'backup_schedule.run_dispatched_manual',
@@ -538,7 +686,9 @@ public static function table(Table $table): Table
                                     ],
                                 );
 
-                                Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRun?->id));
+                                $operationRunService->dispatchOrFail($operationRun, function () use ($run, $bulkRun, $operationRun): void {
+                                    Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRun?->id, $operationRun));
+                                }, emitQueuedNotification: false);
                             }
 
                             $notification = Notification::make()
@@ -552,8 +702,11 @@ public static function table(Table $table): Table
                             }
 
                             if ($user instanceof User) {
-                                $user->notifyNow($notification->toDatabase());
-                                DatabaseNotificationsSent::dispatch($user);
+                                $notification->actions([
+                                    Action::make('view_runs')
+                                        ->label('View in Operations')
+                                        ->url(OperationRunLinks::index($tenant)),
+                                ])->sendToDatabase($user);
                             }
 
                             $notification->send();
@@ -573,6 +726,8 @@ public static function table(Table $table): Table
                             $tenant = Tenant::current();
                             $userId = auth()->id();
                             $user = $userId ? User::query()->find($userId) : null;
+                            /** @var OperationRunService $operationRunService */
+                            $operationRunService = app(OperationRunService::class);
 
                             $bulkRun = null;
                             if ($user) {
@@ -590,6 +745,19 @@ public static function table(Table $table): Table
 
                             /** @var BackupSchedule $record */
                             foreach ($records as $record) {
+                                $operationRun = $operationRunService->ensureRun(
+                                    tenant: $tenant,
+                                    type: 'backup_schedule.retry',
+                                    inputs: [
+                                        'backup_schedule_id' => (int) $record->getKey(),
+                                    ],
+                                    initiator: $user
+                                );
+
+                                if (! $operationRun->wasRecentlyCreated && in_array($operationRun->status, ['queued', 'running'], true)) {
+                                    continue;
+                                }
+
                                 $scheduledFor = CarbonImmutable::now('UTC')->startOfMinute();
                                 $run = null;
 
@@ -610,11 +778,33 @@ public static function table(Table $table): Table
                                 }
 
                                 if (! $run instanceof BackupScheduleRun) {
+                                    $operationRunService->updateRun(
+                                        $operationRun,
+                                        status: 'completed',
+                                        outcome: 'failed',
+                                        summaryCounts: [
+                                            'backup_schedule_id' => (int) $record->getKey(),
+                                        ],
+                                        failures: [
+                                            [
+                                                'code' => 'SCHEDULE_CONFLICT',
+                                                'message' => 'Unable to queue a unique backup schedule retry run.',
+                                            ],
+                                        ],
+                                    );
+
                                     continue;
                                 }
 
                                 $createdRunIds[] = (int) $run->id;
 
+                                $operationRun->update([
+                                    'context' => array_merge($operationRun->context ?? [], [
+                                        'backup_schedule_id' => (int) $record->getKey(),
+                                        'backup_schedule_run_id' => (int) $run->getKey(),
+                                    ]),
+                                ]);
+
                                 app(AuditLogger::class)->log(
                                     tenant: $tenant,
                                     action: 'backup_schedule.run_dispatched_manual',
@@ -632,7 +822,9 @@ public static function table(Table $table): Table
                                     ],
                                 );
 
-                                Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRun?->id));
+                                $operationRunService->dispatchOrFail($operationRun, function () use ($run, $bulkRun, $operationRun): void {
+                                    Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRun?->id, $operationRun));
+                                }, emitQueuedNotification: false);
                             }
 
                             $notification = Notification::make()
@@ -646,8 +838,11 @@ public static function table(Table $table): Table
                             }
 
                             if ($user instanceof User) {
-                                $user->notifyNow($notification->toDatabase());
-                                DatabaseNotificationsSent::dispatch($user);
+                                $notification->actions([
+                                    Action::make('view_runs')
+                                        ->label('View in Operations')
+                                        ->url(OperationRunLinks::index($tenant)),
+                                ])->sendToDatabase($user);
                             }
 
                             $notification->send();
diff --git a/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php b/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php
index e5e8035..79f0b21 100644
--- a/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php
+++ b/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php
@@ -3,8 +3,12 @@
 namespace App\Filament\Resources\BackupSetResource\RelationManagers;
 
 use App\Filament\Resources\PolicyResource;
+use App\Jobs\RemovePoliciesFromBackupSetJob;
 use App\Models\BackupItem;
-use App\Services\Intune\AuditLogger;
+use App\Models\Tenant;
+use App\Models\User;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use Filament\Actions;
 use Filament\Notifications\Notification;
 use Filament\Resources\RelationManagers\RelationManager;
@@ -18,10 +22,30 @@ class BackupItemsRelationManager extends RelationManager
 {
     protected static string $relationship = 'items';
 
+    public ?int $pollUntil = null;
+
+    protected $listeners = [
+        'backup-set-policy-picker:close' => 'closeAddPoliciesModal',
+    ];
+
+    public function closeAddPoliciesModal(): void
+    {
+        $this->unmountAction();
+        $this->resetTable();
+
+        $this->pollUntil = now()->addSeconds(20)->getTimestamp();
+    }
+
+    public function shouldPollTable(): bool
+    {
+        return $this->pollUntil !== null && now()->getTimestamp() < $this->pollUntil;
+    }
+
     public function table(Table $table): Table
     {
         return $table
             ->modifyQueryUsing(fn (Builder $query) => $query->with('policyVersion'))
+            ->poll(fn (): ?string => (filled($this->mountedActions) || ! $this->shouldPollTable()) ? null : '2s')
             ->columns([
                 Tables\Columns\TextColumn::make('policy.display_name')
                     ->label('Item')
@@ -128,30 +152,77 @@ public function table(Table $table): Table
                         ->color('danger')
                         ->icon('heroicon-o-x-mark')
                         ->requiresConfirmation()
-                        ->action(function (BackupItem $record, AuditLogger $auditLogger) {
-                            $record->delete();
+                        ->action(function (BackupItem $record): void {
+                            $backupSet = $this->getOwnerRecord();
 
-                            if ($record->backupSet) {
-                                $record->backupSet->update([
-                                    'item_count' => $record->backupSet->items()->count(),
-                                ]);
+                            $user = auth()->user();
+                            if (! $user instanceof User) {
+                                abort(403);
                             }
 
-                            if ($record->tenant) {
-                                $auditLogger->log(
-                                    tenant: $record->tenant,
-                                    action: 'backup.item_removed',
-                                    resourceType: 'backup_set',
-                                    resourceId: (string) $record->backup_set_id,
-                                    status: 'success',
-                                    context: ['metadata' => ['policy_id' => $record->policy_id]]
+                            $tenant = $backupSet->tenant ?? Tenant::current();
+
+                            if (! $user->canSyncTenant($tenant)) {
+                                abort(403);
+                            }
+
+                            if ((int) $tenant->getKey() !== (int) $backupSet->tenant_id) {
+                                abort(403);
+                            }
+
+                            $backupItemIds = [(int) $record->getKey()];
+
+                            /** @var OperationRunService $opService */
+                            $opService = app(OperationRunService::class);
+                            $opRun = $opService->ensureRun(
+                                tenant: $tenant,
+                                type: 'backup_set.remove_policies',
+                                inputs: [
+                                    'backup_set_id' => (int) $backupSet->getKey(),
+                                    'backup_item_ids' => $backupItemIds,
+                                ],
+                                initiator: $user,
+                            );
+
+                            if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'], true)) {
+                                Notification::make()
+                                    ->title('Removal already queued')
+                                    ->body('A matching remove operation is already queued or running.')
+                                    ->info()
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($opRun, $tenant)),
+                                    ])
+                                    ->send();
+
+                                return;
+                            }
+
+                            $opService->dispatchOrFail($opRun, function () use ($backupSet, $backupItemIds, $user, $opRun): void {
+                                RemovePoliciesFromBackupSetJob::dispatch(
+                                    backupSetId: (int) $backupSet->getKey(),
+                                    backupItemIds: $backupItemIds,
+                                    initiatorUserId: (int) $user->getKey(),
+                                    operationRun: $opRun,
                                 );
-                            }
+                            });
 
                             Notification::make()
-                                ->title('Policy removed from backup')
+                                ->title('Removal queued')
+                                ->body('A background job has been queued. You can monitor progress in the run details or progress widget.')
                                 ->success()
+                                ->actions([
+                                    Actions\Action::make('view_run')
+                                        ->label('View run')
+                                        ->url(OperationRunLinks::view($opRun, $tenant)),
+                                ])
+                                ->sendToDatabase($user)
                                 ->send();
+
+                            $this->resetTable();
+
+                            $this->pollUntil = now()->addSeconds(20)->getTimestamp();
                         }),
                 ])->icon('heroicon-o-ellipsis-vertical'),
             ])
@@ -162,42 +233,93 @@ public function table(Table $table): Table
                         ->icon('heroicon-o-x-mark')
                         ->color('danger')
                         ->requiresConfirmation()
-                        ->action(function (Collection $records, AuditLogger $auditLogger) {
+                        ->deselectRecordsAfterCompletion()
+                        ->action(function (Collection $records): void {
                             if ($records->isEmpty()) {
                                 return;
                             }
 
                             $backupSet = $this->getOwnerRecord();
 
-                            $records->each(fn (BackupItem $record) => $record->delete());
-
-                            $backupSet->update([
-                                'item_count' => $backupSet->items()->count(),
-                            ]);
-
-                            $tenant = $records->first()?->tenant;
-
-                            if ($tenant) {
-                                $auditLogger->log(
-                                    tenant: $tenant,
-                                    action: 'backup.items_removed',
-                                    resourceType: 'backup_set',
-                                    resourceId: (string) $backupSet->id,
-                                    status: 'success',
-                                    context: [
-                                        'metadata' => [
-                                            'removed_count' => $records->count(),
-                                            'policy_ids' => $records->pluck('policy_id')->filter()->values()->all(),
-                                            'policy_identifiers' => $records->pluck('policy_identifier')->filter()->values()->all(),
-                                        ],
-                                    ]
-                                );
+                            $user = auth()->user();
+                            if (! $user instanceof User) {
+                                abort(403);
                             }
 
+                            $tenant = $backupSet->tenant ?? Tenant::current();
+
+                            if (! $user->canSyncTenant($tenant)) {
+                                abort(403);
+                            }
+
+                            if ((int) $tenant->getKey() !== (int) $backupSet->tenant_id) {
+                                abort(403);
+                            }
+
+                            $backupItemIds = $records
+                                ->pluck('id')
+                                ->map(fn (mixed $value): int => (int) $value)
+                                ->filter(fn (int $value): bool => $value > 0)
+                                ->unique()
+                                ->sort()
+                                ->values()
+                                ->all();
+
+                            if ($backupItemIds === []) {
+                                return;
+                            }
+
+                            /** @var OperationRunService $opService */
+                            $opService = app(OperationRunService::class);
+                            $opRun = $opService->ensureRun(
+                                tenant: $tenant,
+                                type: 'backup_set.remove_policies',
+                                inputs: [
+                                    'backup_set_id' => (int) $backupSet->getKey(),
+                                    'backup_item_ids' => $backupItemIds,
+                                ],
+                                initiator: $user,
+                            );
+
+                            if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'], true)) {
+                                Notification::make()
+                                    ->title('Removal already queued')
+                                    ->body('A matching remove operation is already queued or running.')
+                                    ->info()
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($opRun, $tenant)),
+                                    ])
+                                    ->send();
+
+                                return;
+                            }
+
+                            $opService->dispatchOrFail($opRun, function () use ($backupSet, $backupItemIds, $user, $opRun): void {
+                                RemovePoliciesFromBackupSetJob::dispatch(
+                                    backupSetId: (int) $backupSet->getKey(),
+                                    backupItemIds: $backupItemIds,
+                                    initiatorUserId: (int) $user->getKey(),
+                                    operationRun: $opRun,
+                                );
+                            });
+
                             Notification::make()
-                                ->title('Policies removed from backup')
+                                ->title('Removal queued')
+                                ->body('A background job has been queued. You can monitor progress in the run details or progress widget.')
                                 ->success()
+                                ->actions([
+                                    Actions\Action::make('view_run')
+                                        ->label('View run')
+                                        ->url(OperationRunLinks::view($opRun, $tenant)),
+                                ])
+                                ->sendToDatabase($user)
                                 ->send();
+
+                            $this->resetTable();
+
+                            $this->pollUntil = now()->addSeconds(20)->getTimestamp();
                         }),
                 ]),
             ]);
diff --git a/app/Filament/Resources/BulkOperationRunResource.php b/app/Filament/Resources/BulkOperationRunResource.php
index ca9677e..87a0678 100644
--- a/app/Filament/Resources/BulkOperationRunResource.php
+++ b/app/Filament/Resources/BulkOperationRunResource.php
@@ -5,6 +5,7 @@
 use App\Filament\Resources\BulkOperationRunResource\Pages;
 use App\Models\BulkOperationRun;
 use App\Models\Tenant;
+use App\Support\OperationRunLinks;
 use BackedEnum;
 use Filament\Actions;
 use Filament\Forms\Components\DatePicker;
@@ -24,6 +25,8 @@ class BulkOperationRunResource extends Resource
 
     protected static ?string $model = BulkOperationRun::class;
 
+    protected static bool $shouldRegisterNavigation = false;
+
     protected static string|BackedEnum|null $navigationIcon = 'heroicon-o-clock';
 
     protected static string|UnitEnum|null $navigationGroup = 'Monitoring';
@@ -39,6 +42,18 @@ public static function infolist(Schema $schema): Schema
     {
         return $schema
             ->schema([
+                Section::make('Legacy run view')
+                    ->description('Canonical monitoring is now available in Monitoring → Operations.')
+                    ->schema([
+                        TextEntry::make('canonical_view')
+                            ->label('Canonical view')
+                            ->state('View in Operations')
+                            ->url(fn (BulkOperationRun $record): string => OperationRunLinks::index(Tenant::current() ?? $record->tenant))
+                            ->badge()
+                            ->color('primary'),
+                    ])
+                    ->columnSpanFull(),
+
                 Section::make('Run')
                     ->schema([
                         TextEntry::make('user.name')
diff --git a/app/Filament/Resources/EntraGroupResource/Pages/ListEntraGroups.php b/app/Filament/Resources/EntraGroupResource/Pages/ListEntraGroups.php
index 6079093..edce49f 100644
--- a/app/Filament/Resources/EntraGroupResource/Pages/ListEntraGroups.php
+++ b/app/Filament/Resources/EntraGroupResource/Pages/ListEntraGroups.php
@@ -8,9 +8,11 @@
 use App\Models\EntraGroupSyncRun;
 use App\Models\Tenant;
 use App\Models\User;
-use App\Notifications\RunStatusChangedNotification;
 use App\Services\Directory\EntraGroupSelection;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use Filament\Actions\Action;
+use Filament\Notifications\Notification;
 use Filament\Resources\Pages\ListRecords;
 
 class ListEntraGroups extends ListRecords
@@ -72,6 +74,32 @@ protected function getHeaderActions(): array
 
                     $selectionKey = EntraGroupSelection::allGroupsV1();
 
+                    // --- Phase 3: Canonical Operation Run Start ---
+                    /** @var OperationRunService $opService */
+                    $opService = app(OperationRunService::class);
+                    $opRun = $opService->ensureRun(
+                        tenant: $tenant,
+                        type: 'directory_groups.sync',
+                        inputs: ['selection_key' => $selectionKey],
+                        initiator: $user
+                    );
+
+                    if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'])) {
+                        Notification::make()
+                            ->title('Group sync already active')
+                            ->body('This operation is already queued or running.')
+                            ->warning()
+                            ->actions([
+                                Action::make('view_run')
+                                    ->label('View Run')
+                                    ->url(OperationRunLinks::view($opRun, $tenant)),
+                            ])
+                            ->send();
+
+                        return;
+                    }
+                    // ----------------------------------------------
+
                     $existing = EntraGroupSyncRun::query()
                         ->where('tenant_id', $tenant->getKey())
                         ->where('selection_key', $selectionKey)
@@ -80,14 +108,17 @@ protected function getHeaderActions(): array
                         ->first();
 
                     if ($existing instanceof EntraGroupSyncRun) {
-                        $normalizedStatus = $existing->status === EntraGroupSyncRun::STATUS_RUNNING ? 'running' : 'queued';
-
-                        $user->notify(new RunStatusChangedNotification([
-                            'tenant_id' => (int) $tenant->getKey(),
-                            'run_type' => 'directory_groups',
-                            'run_id' => (int) $existing->getKey(),
-                            'status' => $normalizedStatus,
-                        ]));
+                        Notification::make()
+                            ->title('Group sync already active')
+                            ->body('This operation is already queued or running.')
+                            ->warning()
+                            ->actions([
+                                Action::make('view_run')
+                                    ->label('View Run')
+                                    ->url(OperationRunLinks::view($opRun, $tenant)),
+                            ])
+                            ->sendToDatabase($user)
+                            ->send();
 
                         return;
                     }
@@ -105,14 +136,20 @@ protected function getHeaderActions(): array
                         selectionKey: $selectionKey,
                         slotKey: null,
                         runId: (int) $run->getKey(),
+                        operationRun: $opRun
                     ));
 
-                    $user->notify(new RunStatusChangedNotification([
-                        'tenant_id' => (int) $tenant->getKey(),
-                        'run_type' => 'directory_groups',
-                        'run_id' => (int) $run->getKey(),
-                        'status' => 'queued',
-                    ]));
+                    Notification::make()
+                        ->title('Group sync started')
+                        ->body('Sync dispatched.')
+                        ->success()
+                        ->actions([
+                            Action::make('view_run')
+                                ->label('View Run')
+                                ->url(OperationRunLinks::view($opRun, $tenant)),
+                        ])
+                        ->sendToDatabase($user)
+                        ->send();
                 }),
         ];
     }
diff --git a/app/Filament/Resources/EntraGroupSyncRunResource.php b/app/Filament/Resources/EntraGroupSyncRunResource.php
index 2963c84..259dc8a 100644
--- a/app/Filament/Resources/EntraGroupSyncRunResource.php
+++ b/app/Filament/Resources/EntraGroupSyncRunResource.php
@@ -5,6 +5,7 @@
 use App\Filament\Resources\EntraGroupSyncRunResource\Pages;
 use App\Models\EntraGroupSyncRun;
 use App\Models\Tenant;
+use App\Support\OperationRunLinks;
 use BackedEnum;
 use Filament\Actions;
 use Filament\Infolists\Components\TextEntry;
@@ -23,6 +24,8 @@ class EntraGroupSyncRunResource extends Resource
 
     protected static ?string $model = EntraGroupSyncRun::class;
 
+    protected static bool $shouldRegisterNavigation = false;
+
     protected static string|BackedEnum|null $navigationIcon = 'heroicon-o-user-group';
 
     protected static string|UnitEnum|null $navigationGroup = 'Directory';
@@ -38,6 +41,18 @@ public static function infolist(Schema $schema): Schema
     {
         return $schema
             ->schema([
+                Section::make('Legacy run view')
+                    ->description('Canonical monitoring is now available in Monitoring → Operations.')
+                    ->schema([
+                        TextEntry::make('canonical_view')
+                            ->label('Canonical view')
+                            ->state('View in Operations')
+                            ->url(fn (EntraGroupSyncRun $record): string => OperationRunLinks::index(Tenant::current() ?? $record->tenant))
+                            ->badge()
+                            ->color('primary'),
+                    ])
+                    ->columnSpanFull(),
+
                 Section::make('Sync Run')
                     ->schema([
                         TextEntry::make('initiator.name')
diff --git a/app/Filament/Resources/InventorySyncRunResource.php b/app/Filament/Resources/InventorySyncRunResource.php
index 0de2629..731d120 100644
--- a/app/Filament/Resources/InventorySyncRunResource.php
+++ b/app/Filament/Resources/InventorySyncRunResource.php
@@ -5,6 +5,7 @@
 use App\Filament\Resources\InventorySyncRunResource\Pages;
 use App\Models\InventorySyncRun;
 use App\Models\Tenant;
+use App\Support\OperationRunLinks;
 use BackedEnum;
 use Filament\Actions;
 use Filament\Infolists\Components\TextEntry;
@@ -21,6 +22,8 @@ class InventorySyncRunResource extends Resource
 {
     protected static ?string $model = InventorySyncRun::class;
 
+    protected static bool $shouldRegisterNavigation = false;
+
     protected static string|BackedEnum|null $navigationIcon = 'heroicon-o-clock';
 
     protected static string|UnitEnum|null $navigationGroup = 'Inventory';
@@ -34,6 +37,18 @@ public static function infolist(Schema $schema): Schema
     {
         return $schema
             ->schema([
+                Section::make('Legacy run view')
+                    ->description('Canonical monitoring is now available in Monitoring → Operations.')
+                    ->schema([
+                        TextEntry::make('canonical_view')
+                            ->label('Canonical view')
+                            ->state('View in Operations')
+                            ->url(fn (InventorySyncRun $record): string => OperationRunLinks::index(Tenant::current() ?? $record->tenant))
+                            ->badge()
+                            ->color('primary'),
+                    ])
+                    ->columnSpanFull(),
+
                 Section::make('Sync Run')
                     ->schema([
                         TextEntry::make('user.name')
diff --git a/app/Filament/Resources/OperationRunResource.php b/app/Filament/Resources/OperationRunResource.php
new file mode 100644
index 0000000..2229d06
--- /dev/null
+++ b/app/Filament/Resources/OperationRunResource.php
@@ -0,0 +1,245 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\OperationRunResource\Pages;
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Support\OperationRunOutcome;
+use App\Support\OperationRunStatus;
+use BackedEnum;
+use Filament\Actions;
+use Filament\Forms\Components\DatePicker;
+use Filament\Infolists\Components\TextEntry;
+use Filament\Infolists\Components\ViewEntry;
+use Filament\Resources\Resource;
+use Filament\Schemas\Components\Section;
+use Filament\Schemas\Schema;
+use Filament\Tables;
+use Filament\Tables\Table;
+use Illuminate\Database\Eloquent\Builder;
+use UnitEnum;
+
+class OperationRunResource extends Resource
+{
+    protected static bool $isScopedToTenant = false;
+
+    protected static ?string $model = OperationRun::class;
+
+    protected static ?string $slug = 'operations';
+
+    protected static string|BackedEnum|null $navigationIcon = 'heroicon-o-queue-list';
+
+    protected static string|UnitEnum|null $navigationGroup = 'Monitoring';
+
+    protected static ?string $navigationLabel = 'Operations';
+
+    public static function form(Schema $schema): Schema
+    {
+        return $schema;
+    }
+
+    public static function infolist(Schema $schema): Schema
+    {
+        return $schema
+            ->schema([
+                Section::make('Run')
+                    ->schema([
+                        TextEntry::make('type')->badge(),
+                        TextEntry::make('status')
+                            ->badge()
+                            ->color(fn (OperationRun $record): string => static::statusColor($record->status)),
+                        TextEntry::make('outcome')
+                            ->badge()
+                            ->color(fn (OperationRun $record): string => static::outcomeColor($record->outcome)),
+                        TextEntry::make('initiator_name')->label('Initiator'),
+                        TextEntry::make('created_at')->dateTime(),
+                        TextEntry::make('started_at')->dateTime()->placeholder('—'),
+                        TextEntry::make('completed_at')->dateTime()->placeholder('—'),
+                        TextEntry::make('run_identity_hash')->label('Identity hash')->copyable(),
+                    ])
+                    ->columns(2)
+                    ->columnSpanFull(),
+
+                Section::make('Counts')
+                    ->schema([
+                        ViewEntry::make('summary_counts')
+                            ->label('')
+                            ->view('filament.infolists.entries.snapshot-json')
+                            ->state(fn (OperationRun $record): array => $record->summary_counts ?? [])
+                            ->columnSpanFull(),
+                    ])
+                    ->visible(fn (OperationRun $record): bool => ! empty($record->summary_counts))
+                    ->columnSpanFull(),
+
+                Section::make('Failures')
+                    ->schema([
+                        ViewEntry::make('failure_summary')
+                            ->label('')
+                            ->view('filament.infolists.entries.snapshot-json')
+                            ->state(fn (OperationRun $record): array => $record->failure_summary ?? [])
+                            ->columnSpanFull(),
+                    ])
+                    ->visible(fn (OperationRun $record): bool => ! empty($record->failure_summary))
+                    ->columnSpanFull(),
+
+                Section::make('Context')
+                    ->schema([
+                        ViewEntry::make('context')
+                            ->label('')
+                            ->view('filament.infolists.entries.snapshot-json')
+                            ->state(fn (OperationRun $record): array => $record->context ?? [])
+                            ->columnSpanFull(),
+                    ])
+                    ->columnSpanFull(),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->defaultSort('created_at', 'desc')
+            ->modifyQueryUsing(function (Builder $query): Builder {
+                $tenantId = Tenant::current()?->getKey();
+
+                return $query->when($tenantId, fn (Builder $q) => $q->where('tenant_id', $tenantId));
+            })
+            ->columns([
+                Tables\Columns\TextColumn::make('status')
+                    ->badge()
+                    ->color(fn (OperationRun $record): string => static::statusColor($record->status)),
+                Tables\Columns\TextColumn::make('type')
+                    ->label('Operation')
+                    ->searchable()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('initiator_name')
+                    ->label('Initiator')
+                    ->searchable(),
+                Tables\Columns\TextColumn::make('created_at')
+                    ->label('Started')
+                    ->since()
+                    ->sortable(),
+                Tables\Columns\TextColumn::make('duration')
+                    ->getStateUsing(function (OperationRun $record): string {
+                        if ($record->started_at && $record->completed_at) {
+                            return $record->completed_at->diffForHumans($record->started_at, true);
+                        }
+
+                        return '—';
+                    }),
+                Tables\Columns\TextColumn::make('outcome')
+                    ->badge()
+                    ->color(fn (OperationRun $record): string => static::outcomeColor($record->outcome)),
+            ])
+            ->filters([
+                Tables\Filters\SelectFilter::make('type')
+                    ->options(function (): array {
+                        $tenantId = Tenant::current()?->getKey();
+
+                        if (! $tenantId) {
+                            return [];
+                        }
+
+                        return OperationRun::query()
+                            ->where('tenant_id', $tenantId)
+                            ->select('type')
+                            ->distinct()
+                            ->orderBy('type')
+                            ->pluck('type', 'type')
+                            ->all();
+                    }),
+                Tables\Filters\SelectFilter::make('status')
+                    ->options([
+                        OperationRunStatus::Queued->value => 'Queued',
+                        OperationRunStatus::Running->value => 'Running',
+                        OperationRunStatus::Completed->value => 'Completed',
+                    ]),
+                Tables\Filters\SelectFilter::make('outcome')
+                    ->options(OperationRunOutcome::uiLabels(includeReserved: false)),
+                Tables\Filters\SelectFilter::make('initiator_name')
+                    ->label('Initiator')
+                    ->options(function (): array {
+                        $tenantId = Tenant::current()?->getKey();
+
+                        if (! $tenantId) {
+                            return [];
+                        }
+
+                        return OperationRun::query()
+                            ->where('tenant_id', $tenantId)
+                            ->whereNotNull('initiator_name')
+                            ->select('initiator_name')
+                            ->distinct()
+                            ->orderBy('initiator_name')
+                            ->pluck('initiator_name', 'initiator_name')
+                            ->all();
+                    })
+                    ->searchable(),
+                Tables\Filters\Filter::make('created_at')
+                    ->label('Created')
+                    ->form([
+                        DatePicker::make('created_from')
+                            ->label('From'),
+                        DatePicker::make('created_until')
+                            ->label('Until'),
+                    ])
+                    ->default(fn (): array => [
+                        'created_from' => now()->subDays(30),
+                        'created_until' => now(),
+                    ])
+                    ->query(function (Builder $query, array $data): Builder {
+                        $from = $data['created_from'] ?? null;
+                        if ($from) {
+                            $query->whereDate('created_at', '>=', $from);
+                        }
+
+                        $until = $data['created_until'] ?? null;
+                        if ($until) {
+                            $query->whereDate('created_at', '<=', $until);
+                        }
+
+                        return $query;
+                    }),
+            ])
+            ->actions([
+                Actions\ViewAction::make(),
+            ])
+            ->bulkActions([]);
+    }
+
+    public static function getEloquentQuery(): Builder
+    {
+        return parent::getEloquentQuery()
+            ->with('user')
+            ->latest('id');
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListOperationRuns::route('/'),
+            'view' => Pages\ViewOperationRun::route('/{record}'),
+        ];
+    }
+
+    private static function statusColor(?string $status): string
+    {
+        return match ($status) {
+            'queued' => 'gray',
+            'running' => 'info',
+            'completed' => 'success',
+            default => 'gray',
+        };
+    }
+
+    private static function outcomeColor(?string $outcome): string
+    {
+        return match ($outcome) {
+            'succeeded' => 'success',
+            'partially_succeeded' => 'warning',
+            'failed' => 'danger',
+            'cancelled' => 'gray',
+            default => 'gray',
+        };
+    }
+}
diff --git a/app/Filament/Resources/OperationRunResource/Pages/ListOperationRuns.php b/app/Filament/Resources/OperationRunResource/Pages/ListOperationRuns.php
new file mode 100644
index 0000000..cbec2a8
--- /dev/null
+++ b/app/Filament/Resources/OperationRunResource/Pages/ListOperationRuns.php
@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Filament\Resources\OperationRunResource\Pages;
+
+use App\Filament\Resources\OperationRunResource;
+use Filament\Resources\Pages\ListRecords;
+
+class ListOperationRuns extends ListRecords
+{
+    protected static string $resource = OperationRunResource::class;
+}
diff --git a/app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php b/app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php
new file mode 100644
index 0000000..b8a5f31
--- /dev/null
+++ b/app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php
@@ -0,0 +1,50 @@
+<?php
+
+namespace App\Filament\Resources\OperationRunResource\Pages;
+
+use App\Filament\Resources\OperationRunResource;
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Support\OperationRunLinks;
+use Filament\Actions;
+use Filament\Resources\Pages\ViewRecord;
+use Illuminate\Support\Str;
+
+class ViewOperationRun extends ViewRecord
+{
+    protected static string $resource = OperationRunResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        $tenant = Tenant::current();
+
+        if (! $tenant instanceof Tenant) {
+            return [];
+        }
+
+        /** @var OperationRun $run */
+        $run = $this->getRecord();
+
+        $related = OperationRunLinks::related($run, $tenant);
+
+        $actions = [];
+
+        foreach ($related as $label => $url) {
+            $actions[] = Actions\Action::make(Str::slug($label, '_'))
+                ->label($label)
+                ->url($url)
+                ->openUrlInNewTab();
+        }
+
+        if (empty($actions)) {
+            return [];
+        }
+
+        return [
+            Actions\ActionGroup::make($actions)
+                ->label('Open')
+                ->icon('heroicon-o-arrow-top-right-on-square')
+                ->color('gray'),
+        ];
+    }
+}
diff --git a/app/Filament/Resources/PolicyResource.php b/app/Filament/Resources/PolicyResource.php
index 371b8cc..50e0ce6 100644
--- a/app/Filament/Resources/PolicyResource.php
+++ b/app/Filament/Resources/PolicyResource.php
@@ -6,12 +6,15 @@
 use App\Filament\Resources\PolicyResource\RelationManagers\VersionsRelationManager;
 use App\Jobs\BulkPolicyDeleteJob;
 use App\Jobs\BulkPolicyExportJob;
-use App\Jobs\BulkPolicySyncJob;
 use App\Jobs\BulkPolicyUnignoreJob;
+use App\Jobs\SyncPoliciesJob;
 use App\Models\Policy;
 use App\Models\Tenant;
+use App\Models\User;
 use App\Services\BulkOperationService;
 use App\Services\Intune\PolicyNormalizer;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use BackedEnum;
 use Filament\Actions;
 use Filament\Actions\ActionGroup;
@@ -371,15 +374,77 @@ public static function table(Table $table): Table
                         ->icon('heroicon-o-arrow-path')
                         ->color('primary')
                         ->requiresConfirmation()
-                        ->visible(fn (Policy $record) => $record->ignored_at === null)
+                        ->visible(function (Policy $record): bool {
+                            if ($record->ignored_at !== null) {
+                                return false;
+                            }
+
+                            $user = auth()->user();
+
+                            if (! $user instanceof User) {
+                                return false;
+                            }
+
+                            $tenant = Tenant::current();
+
+                            return $user->canSyncTenant($tenant);
+                        })
                         ->action(function (Policy $record) {
                             $tenant = Tenant::current();
                             $user = auth()->user();
 
-                            $service = app(BulkOperationService::class);
-                            $run = $service->createRun($tenant, $user, 'policy', 'sync', [$record->id], 1);
+                            if (! $user instanceof User) {
+                                abort(403);
+                            }
 
-                            BulkPolicySyncJob::dispatchSync($run->id);
+                            if (! $user->canAccessTenant($tenant) || ! $user->canSyncTenant($tenant)) {
+                                abort(403);
+                            }
+
+                            /** @var OperationRunService $opService */
+                            $opService = app(OperationRunService::class);
+                            $opRun = $opService->ensureRun(
+                                tenant: $tenant,
+                                type: 'policy.sync_one',
+                                inputs: [
+                                    'scope' => 'one',
+                                    'policy_id' => (int) $record->getKey(),
+                                ],
+                                initiator: $user
+                            );
+
+                            if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'], true)) {
+                                Notification::make()
+                                    ->title('Policy sync already active')
+                                    ->body('This operation is already queued or running.')
+                                    ->warning()
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($opRun, $tenant)),
+                                    ])
+                                    ->send();
+
+                                return;
+                            }
+
+                            SyncPoliciesJob::dispatch(
+                                tenantId: (int) $tenant->getKey(),
+                                policyIds: [(int) $record->getKey()],
+                                operationRun: $opRun
+                            );
+
+                            Notification::make()
+                                ->title('Policy sync queued')
+                                ->body('The sync has been queued. You can monitor progress in Monitoring → Operations.')
+                                ->success()
+                                ->actions([
+                                    Actions\Action::make('view_run')
+                                        ->label('View run')
+                                        ->url(OperationRunLinks::view($opRun, $tenant)),
+                                ])
+                                ->sendToDatabase($user)
+                                ->send();
                         }),
                     Actions\Action::make('export')
                         ->label('Export to Backup')
@@ -501,6 +566,18 @@ public static function table(Table $table): Table
                         ->color('primary')
                         ->requiresConfirmation()
                         ->hidden(function (HasTable $livewire): bool {
+                            $user = auth()->user();
+
+                            if (! $user instanceof User) {
+                                return true;
+                            }
+
+                            $tenant = Tenant::current();
+
+                            if (! $user->canAccessTenant($tenant) || ! $user->canSyncTenant($tenant)) {
+                                return true;
+                            }
+
                             $visibilityFilterState = $livewire->getTableFilterState('visibility') ?? [];
                             $value = $visibilityFilterState['value'] ?? null;
 
@@ -510,26 +587,67 @@ public static function table(Table $table): Table
                             $tenant = Tenant::current();
                             $user = auth()->user();
                             $count = $records->count();
-                            $ids = $records->pluck('id')->toArray();
 
-                            $service = app(BulkOperationService::class);
-                            $run = $service->createRun($tenant, $user, 'policy', 'sync', $ids, $count);
+                            if (! $user instanceof User) {
+                                abort(403);
+                            }
 
-                            if ($count >= 20) {
+                            if (! $user->canAccessTenant($tenant) || ! $user->canSyncTenant($tenant)) {
+                                abort(403);
+                            }
+
+                            $ids = $records
+                                ->pluck('id')
+                                ->map(static fn ($id): int => (int) $id)
+                                ->unique()
+                                ->sort()
+                                ->values()
+                                ->all();
+
+                            /** @var OperationRunService $opService */
+                            $opService = app(OperationRunService::class);
+                            $opRun = $opService->ensureRun(
+                                tenant: $tenant,
+                                type: 'policy.sync',
+                                inputs: [
+                                    'scope' => 'subset',
+                                    'policy_ids' => $ids,
+                                ],
+                                initiator: $user
+                            );
+
+                            if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'], true)) {
                                 Notification::make()
-                                    ->title('Bulk sync started')
-                                    ->body("Syncing {$count} policies in the background. Check the progress bar in the bottom right corner.")
-                                    ->icon('heroicon-o-arrow-path')
-                                    ->iconColor('warning')
-                                    ->info()
-                                    ->duration(8000)
-                                    ->sendToDatabase($user)
+                                    ->title('Policy sync already active')
+                                    ->body('This operation is already queued or running.')
+                                    ->warning()
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(OperationRunLinks::view($opRun, $tenant)),
+                                    ])
                                     ->send();
 
-                                BulkPolicySyncJob::dispatch($run->id);
-                            } else {
-                                BulkPolicySyncJob::dispatchSync($run->id);
+                                return;
                             }
+
+                            SyncPoliciesJob::dispatch(
+                                tenantId: (int) $tenant->getKey(),
+                                policyIds: $ids,
+                                operationRun: $opRun
+                            );
+
+                            Notification::make()
+                                ->title('Policy sync queued')
+                                ->body("The sync has been queued for {$count} policies. You can monitor progress in Monitoring → Operations.")
+                                ->success()
+                                ->actions([
+                                    Actions\Action::make('view_run')
+                                        ->label('View run')
+                                        ->url(OperationRunLinks::view($opRun, $tenant)),
+                                ])
+                                ->sendToDatabase($user)
+                                ->send();
                         })
                         ->deselectRecordsAfterCompletion(),
 
diff --git a/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php b/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php
index 222510c..3b4250a 100644
--- a/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php
+++ b/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php
@@ -3,8 +3,11 @@
 namespace App\Filament\Resources\PolicyResource\Pages;
 
 use App\Filament\Resources\PolicyResource;
+use App\Jobs\SyncPoliciesJob;
 use App\Models\Tenant;
-use App\Services\Intune\PolicySyncService;
+use App\Models\User;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use Filament\Actions;
 use Filament\Notifications\Notification;
 use Filament\Resources\Pages\ListRecords;
@@ -21,53 +24,82 @@ protected function getHeaderActions(): array
                 ->icon('heroicon-o-arrow-path')
                 ->color('primary')
                 ->requiresConfirmation()
-                ->action(function () {
-                    try {
-                        $tenant = Tenant::current();
+                ->visible(function (): bool {
+                    $user = auth()->user();
 
-                        /** @var PolicySyncService $service */
-                        $service = app(PolicySyncService::class);
-
-                        $result = $service->syncPoliciesWithReport($tenant);
-                        $syncedCount = count($result['synced'] ?? []);
-                        $failureCount = count($result['failures'] ?? []);
-
-                        $body = $syncedCount.' policies synced';
-
-                        if ($failureCount > 0) {
-                            $first = $result['failures'][0] ?? [];
-                            $firstType = $first['policy_type'] ?? 'unknown';
-                            $firstStatus = $first['status'] ?? null;
-
-                            $firstErrorMessage = null;
-                            $firstErrors = $first['errors'] ?? null;
-                            if (is_array($firstErrors) && isset($firstErrors[0]) && is_array($firstErrors[0])) {
-                                $firstErrorMessage = $firstErrors[0]['message'] ?? null;
-                            }
-
-                            $suffix = $firstStatus ? "first: {$firstType} {$firstStatus}" : "first: {$firstType}";
-
-                            if (is_string($firstErrorMessage) && $firstErrorMessage !== '') {
-                                $suffix .= ' - '.trim($firstErrorMessage);
-                            }
-
-                            $body .= " ({$failureCount} failed; {$suffix})";
-                        }
-
-                        Notification::make()
-                            ->title('Policy sync completed')
-                            ->body($body)
-                            ->success()
-                            ->sendToDatabase(auth()->user())
-                            ->send();
-                    } catch (\Throwable $e) {
-                        Notification::make()
-                            ->title('Policy sync failed')
-                            ->body($e->getMessage())
-                            ->danger()
-                            ->sendToDatabase(auth()->user())
-                            ->send();
+                    if (! $user instanceof User) {
+                        return false;
                     }
+
+                    $tenant = Tenant::current();
+
+                    return $user->canSyncTenant($tenant);
+                })
+                ->action(function () {
+                    $tenant = Tenant::current();
+                    $user = auth()->user();
+
+                    if (! $user instanceof User) {
+                        abort(403);
+                    }
+
+                    if (! $user->canAccessTenant($tenant) || ! $user->canSyncTenant($tenant)) {
+                        abort(403);
+                    }
+
+                    $requestedTypes = array_map(
+                        static fn (array $typeConfig): string => (string) $typeConfig['type'],
+                        config('tenantpilot.supported_policy_types', [])
+                    );
+
+                    sort($requestedTypes);
+
+                    /** @var OperationRunService $opService */
+                    $opService = app(OperationRunService::class);
+                    $opRun = $opService->ensureRun(
+                        tenant: $tenant,
+                        type: 'policy.sync',
+                        inputs: [
+                            'scope' => 'all',
+                            'types' => $requestedTypes,
+                        ],
+                        initiator: $user
+                    );
+
+                    if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'], true)) {
+                        Notification::make()
+                            ->title('Policy sync already active')
+                            ->body('This operation is already queued or running.')
+                            ->warning()
+                            ->actions([
+                                Actions\Action::make('view_run')
+                                    ->label('View run')
+                                    ->url(OperationRunLinks::view($opRun, $tenant)),
+                            ])
+                            ->send();
+
+                        return;
+                    }
+
+                    $opService->dispatchOrFail($opRun, function () use ($tenant, $requestedTypes, $opRun): void {
+                        SyncPoliciesJob::dispatch(
+                            tenantId: (int) $tenant->getKey(),
+                            types: $requestedTypes,
+                            operationRun: $opRun
+                        );
+                    });
+
+                    Notification::make()
+                        ->title('Policy sync queued')
+                        ->body('The sync has been queued. You can monitor progress in Monitoring → Operations.')
+                        ->success()
+                        ->actions([
+                            Actions\Action::make('view_run')
+                                ->label('View run')
+                                ->url(OperationRunLinks::view($opRun, $tenant)),
+                        ])
+                        ->sendToDatabase($user)
+                        ->send();
                 }),
         ];
     }
diff --git a/app/Filament/Resources/RestoreRunResource.php b/app/Filament/Resources/RestoreRunResource.php
index 8fc1e50..e9b2b23 100644
--- a/app/Filament/Resources/RestoreRunResource.php
+++ b/app/Filament/Resources/RestoreRunResource.php
@@ -149,7 +149,7 @@ public static function form(Schema $schema): Schema
                                             'sourceGroupId' => $groupId,
                                         ]))
                                 )
-                                ->helperText(fn (): string => $cacheNotice ? ($cacheNotice.' Labels use cached directory groups only (no live Graph lookups). Paste a GUID or use SKIP.') : 'Paste the target Entra ID group Object ID (GUID). Labels use cached directory groups only (no live Graph lookups). Use SKIP to omit the assignment.')
+                                ->helperText(fn (): string => ($cacheNotice ? ($cacheNotice.' ') : '').'Paste the target Entra ID group Object ID (GUID). Labels use cached directory groups only (no live Graph lookups). Use SKIP to omit the assignment.')
                                 ->hintAction(
                                     Actions\Action::make('open_directory_groups_'.str_replace('-', '_', $groupId))
                                         ->label('Sync Groups')
@@ -399,7 +399,7 @@ public static function getWizardSteps(): array
                                                 'sourceGroupId' => $groupId,
                                             ]))
                                     )
-                                    ->helperText(fn (): string => $cacheNotice ? ($cacheNotice.' Labels use cached directory groups only (no live Graph lookups). Paste a GUID or use SKIP.') : 'Paste the target Entra ID group Object ID (GUID). Labels use cached directory groups only (no live Graph lookups). Use SKIP to omit the assignment.')
+                                    ->helperText(fn (): string => ($cacheNotice ? ($cacheNotice.' ') : '').'Paste the target Entra ID group Object ID (GUID). Labels use cached directory groups only (no live Graph lookups). Use SKIP to omit the assignment.')
                                     ->hintAction(
                                         Actions\Action::make('open_directory_groups_'.str_replace('-', '_', $groupId))
                                             ->label('Sync Groups')
diff --git a/app/Filament/Resources/TenantResource.php b/app/Filament/Resources/TenantResource.php
index f5efe27..a141fa6 100644
--- a/app/Filament/Resources/TenantResource.php
+++ b/app/Filament/Resources/TenantResource.php
@@ -6,7 +6,6 @@
 use App\Http\Controllers\RbacDelegatedAuthController;
 use App\Jobs\BulkTenantSyncJob;
 use App\Jobs\SyncPoliciesJob;
-use App\Models\EntraGroup;
 use App\Models\Tenant;
 use App\Models\User;
 use App\Services\BulkOperationService;
@@ -17,6 +16,8 @@
 use App\Services\Intune\RbacOnboardingService;
 use App\Services\Intune\TenantConfigService;
 use App\Services\Intune\TenantPermissionService;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use App\Support\TenantRole;
 use BackedEnum;
 use Filament\Actions;
@@ -40,6 +41,7 @@
 
 class TenantResource extends Resource
 {
+    // ... [Properties Omitted for Brevity] ...
     protected static ?string $model = Tenant::class;
 
     protected static bool $isScopedToTenant = false;
@@ -50,6 +52,7 @@ class TenantResource extends Resource
 
     public static function form(Schema $schema): Schema
     {
+        // ... [Schema Omitted - No Change] ...
         return $schema
             ->schema([
                 Forms\Components\TextInput::make('name')
@@ -91,6 +94,7 @@ public static function form(Schema $schema): Schema
 
     public static function getEloquentQuery(): Builder
     {
+        // ... [Query Omitted - No Change] ...
         $user = auth()->user();
 
         if (! $user instanceof User) {
@@ -194,7 +198,32 @@ public static function table(Table $table): Table
                             return $user->canSyncTenant($record);
                         })
                         ->action(function (Tenant $record, AuditLogger $auditLogger): void {
-                            SyncPoliciesJob::dispatch($record->getKey());
+                            // Phase 3: Canonical Operation Run Start
+                            /** @var OperationRunService $opService */
+                            $opService = app(OperationRunService::class);
+                            $opRun = $opService->ensureRun(
+                                tenant: $record,
+                                type: 'policy.sync',
+                                inputs: ['scope' => 'full'],
+                                initiator: auth()->user()
+                            );
+
+                            if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'])) {
+                                Notification::make()
+                                    ->title('Policy sync already active')
+                                    ->body('This operation is already queued or running.')
+                                    ->warning()
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View Run')
+                                            ->url(OperationRunLinks::view($opRun, $record)),
+                                    ])
+                                    ->send();
+
+                                return;
+                            }
+
+                            SyncPoliciesJob::dispatch($record->getKey(), null, $opRun);
 
                             $auditLogger->log(
                                 tenant: $record,
@@ -211,6 +240,11 @@ public static function table(Table $table): Table
                                 ->icon('heroicon-o-arrow-path')
                                 ->iconColor('warning')
                                 ->success()
+                                ->actions([
+                                    Actions\Action::make('view_run')
+                                        ->label('View Run')
+                                        ->url(OperationRunLinks::view($opRun, $record)),
+                                ])
                                 ->sendToDatabase(auth()->user())
                                 ->send();
                         }),
@@ -421,7 +455,21 @@ public static function table(Table $table): Table
                         $run = $service->createRun($tenantContext, $user, 'tenant', 'sync', $ids, $count);
 
                         foreach ($eligible as $tenant) {
-                            SyncPoliciesJob::dispatch($tenant->getKey());
+                            // Note: We might want canonical runs for bulk syncs too, but spec Phase 1 mentions tenant-scoped operations.
+                            // Bulk operation across tenants is a higher level concept.
+                            // Keeping it as is for now or migrating individually.
+                            // If we want each tenant sync to show in its Monitoring, we should create opRun for each.
+
+                            /** @var OperationRunService $opService */
+                            $opService = app(OperationRunService::class);
+                            $opRun = $opService->ensureRun(
+                                tenant: $tenant,
+                                type: 'policy.sync',
+                                inputs: ['scope' => 'full', 'bulk_run_id' => $run->id],
+                                initiator: $user
+                            );
+
+                            SyncPoliciesJob::dispatch($tenant->getKey(), null, null, $opRun);
 
                             $auditLogger->log(
                                 tenant: $tenant,
@@ -454,6 +502,7 @@ public static function table(Table $table): Table
 
     public static function infolist(Schema $schema): Schema
     {
+        // ... [Infolist Omitted - No Change] ...
         return $schema
             ->schema([
                 Infolists\Components\TextEntry::make('name'),
@@ -542,6 +591,7 @@ public static function getPages(): array
 
     public static function rbacAction(): Actions\Action
     {
+        // ... [RBAC Action Omitted - No Change] ...
         return Actions\Action::make('setup_rbac')
             ->label('Setup Intune RBAC')
             ->icon('heroicon-o-shield-check')
@@ -587,7 +637,9 @@ public static function rbacAction(): Actions\Action
                     ->placeholder('Search security groups')
                     ->visible(fn (Get $get) => $get('scope') === 'scope_group')
                     ->required(fn (Get $get) => $get('scope') === 'scope_group')
+                    ->disabled(fn (?Tenant $record) => static::delegatedToken($record) === null)
                     ->helperText(fn (?Tenant $record) => static::groupSearchHelper($record))
+                    ->hintAction(fn (?Tenant $record) => static::loginToSearchGroupsAction($record))
                     ->getSearchResultsUsing(fn (string $search, ?Tenant $record) => static::groupSearchOptions($record, $search))
                     ->getOptionLabelUsing(fn (?string $value, ?Tenant $record) => static::resolveGroupLabel($record, $value))
                     ->noSearchResultsMessage('No security groups found')
@@ -614,7 +666,9 @@ public static function rbacAction(): Actions\Action
                     ->placeholder('Search security groups')
                     ->visible(fn (Get $get) => $get('group_mode') === 'existing')
                     ->required(fn (Get $get) => $get('group_mode') === 'existing')
+                    ->disabled(fn (?Tenant $record) => static::delegatedToken($record) === null)
                     ->helperText(fn (?Tenant $record) => static::groupSearchHelper($record))
+                    ->hintAction(fn (?Tenant $record) => static::loginToSearchGroupsAction($record))
                     ->getSearchResultsUsing(fn (string $search, ?Tenant $record) => static::groupSearchOptions($record, $search))
                     ->getOptionLabelUsing(fn (?string $value, ?Tenant $record) => static::resolveGroupLabel($record, $value))
                     ->noSearchResultsMessage('No security groups found')
@@ -985,7 +1039,7 @@ public static function groupSearchHelper(?Tenant $tenant): ?string
             return null;
         }
 
-        return 'Uses cached directory groups only (no live Graph lookups). Run “Sync Groups” if results are empty.';
+        return static::delegatedToken($tenant) ? null : 'Login to search groups';
     }
 
     /**
@@ -997,14 +1051,43 @@ public static function groupSearchOptions(?Tenant $tenant, string $search): arra
             return [];
         }
 
-        return EntraGroup::query()
-            ->where('tenant_id', $tenant->getKey())
-            ->where('display_name', 'ilike', '%'.str_replace('%', '\\%', $search).'%')
-            ->orderBy('display_name')
-            ->limit(20)
-            ->get(['entra_id', 'display_name'])
-            ->mapWithKeys(fn (EntraGroup $group) => [
-                (string) $group->entra_id => EntraGroupLabelResolver::formatLabel($group->display_name, (string) $group->entra_id),
+        $token = static::delegatedToken($tenant);
+
+        if (! $token) {
+            return [];
+        }
+
+        $filter = sprintf(
+            "securityEnabled eq true and startswith(displayName,'%s')",
+            static::escapeOdataValue($search)
+        );
+
+        try {
+            $response = app(GraphClientInterface::class)->request(
+                'GET',
+                'groups',
+                [
+                    'query' => [
+                        '$select' => 'id,displayName',
+                        '$top' => 20,
+                        '$filter' => $filter,
+                    ],
+                ] + $tenant->graphOptions() + [
+                    'access_token' => $token,
+                ]
+            );
+        } catch (Throwable) {
+            return [];
+        }
+
+        if ($response->failed()) {
+            return [];
+        }
+
+        return collect($response->data['value'] ?? [])
+            ->filter(fn (array $group) => filled($group['id'] ?? null))
+            ->mapWithKeys(fn (array $group) => [
+                (string) $group['id'] => EntraGroupLabelResolver::formatLabel($group['displayName'] ?? null, (string) $group['id']),
             ])
             ->all();
     }
@@ -1015,7 +1098,32 @@ private static function resolveGroupLabel(?Tenant $tenant, ?string $groupId): ?s
             return $groupId;
         }
 
-        return app(EntraGroupLabelResolver::class)->resolveOne($tenant, $groupId);
+        $token = static::delegatedToken($tenant);
+
+        if (! $token) {
+            return $groupId;
+        }
+
+        try {
+            $response = app(GraphClientInterface::class)->request(
+                'GET',
+                'groups/'.$groupId,
+                [] + $tenant->graphOptions() + [
+                    'access_token' => $token,
+                ]
+            );
+        } catch (Throwable) {
+            return $groupId;
+        }
+
+        if ($response->failed()) {
+            return $groupId;
+        }
+
+        return EntraGroupLabelResolver::formatLabel(
+            $response->data['displayName'] ?? null,
+            $response->data['id'] ?? $groupId
+        );
     }
 
     public static function verifyTenant(
diff --git a/app/Jobs/AddPoliciesToBackupSetJob.php b/app/Jobs/AddPoliciesToBackupSetJob.php
index 37d3eea..9a6b4d5 100644
--- a/app/Jobs/AddPoliciesToBackupSetJob.php
+++ b/app/Jobs/AddPoliciesToBackupSetJob.php
@@ -3,15 +3,19 @@
 namespace App\Jobs;
 
 use App\Filament\Resources\BulkOperationRunResource;
+use App\Jobs\Middleware\TrackOperationRun;
 use App\Models\BackupItem;
 use App\Models\BackupSet;
 use App\Models\BulkOperationRun;
+use App\Models\OperationRun;
 use App\Models\Policy;
 use App\Models\Tenant;
 use App\Services\BulkOperationService;
 use App\Services\Intune\FoundationSnapshotService;
 use App\Services\Intune\PolicyCaptureOrchestrator;
 use App\Services\Intune\SnapshotValidator;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use Filament\Notifications\Notification;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
@@ -28,13 +32,23 @@ class AddPoliciesToBackupSetJob implements ShouldQueue
 {
     use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
 
+    public ?OperationRun $operationRun = null;
+
     public function __construct(
         public int $bulkRunId,
         public int $backupSetId,
         public bool $includeAssignments,
         public bool $includeScopeTags,
         public bool $includeFoundations,
-    ) {}
+        ?OperationRun $operationRun = null
+    ) {
+        $this->operationRun = $operationRun;
+    }
+
+    public function middleware(): array
+    {
+        return [new TrackOperationRun];
+    }
 
     public function handle(
         BulkOperationService $bulkOperationService,
@@ -111,6 +125,12 @@ public function handle(
             if ($policyIds === []) {
                 $bulkOperationService->complete($run);
 
+                if ($this->operationRun) {
+                    /** @var OperationRunService $opService */
+                    $opService = app(OperationRunService::class);
+                    $opService->updateRun($this->operationRun, 'completed', 'succeeded', ['policy_ids' => 0]);
+                }
+
                 return;
             }
 
@@ -402,6 +422,30 @@ public function handle(
 
             $bulkOperationService->complete($run);
 
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+
+                $opOutcome = match (true) {
+                    $run->status === 'completed' => 'succeeded',
+                    $run->status === 'completed_with_errors' => 'partially_succeeded',
+                    $run->status === 'failed' => 'failed',
+                    default => 'failed'
+                };
+
+                $opService->updateRun(
+                    $this->operationRun,
+                    'completed',
+                    $opOutcome,
+                    [
+                        'policies_added' => $backupSetItemMutations,
+                        'foundations_added' => $foundationMutations,
+                        'failures' => count($newBackupFailures),
+                    ],
+                    $newBackupFailures
+                );
+            }
+
             if (! $run->user) {
                 return;
             }
@@ -432,7 +476,7 @@ public function handle(
                 ->actions([
                     \Filament\Actions\Action::make('view_run')
                         ->label('View run')
-                        ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                        ->url($this->operationRun ? OperationRunLinks::view($this->operationRun, $tenant) : BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
                 ]);
 
             if ($partial) {
@@ -460,6 +504,7 @@ public function handle(
                 reason: $throwable->getMessage(),
             );
 
+            // TrackOperationRun will catch this throw
             throw $throwable;
         }
     }
@@ -523,6 +568,18 @@ private function markRunFailed(
             $run->update(['status' => 'failed']);
         }
 
+        if ($this->operationRun) {
+            /** @var OperationRunService $opService */
+            $opService = app(OperationRunService::class);
+            $opService->updateRun(
+                $this->operationRun,
+                'completed',
+                'failed',
+                ['failure_reason' => $reason],
+                [['code' => $reasonCode, 'message' => $reason]]
+            );
+        }
+
         $this->notifyRunFailed($run, $tenant, $reason);
     }
 
@@ -540,7 +597,7 @@ private function notifyRunFailed(BulkOperationRun $run, ?Tenant $tenant, string
             $notification->actions([
                 \Filament\Actions\Action::make('view_run')
                     ->label('View run')
-                    ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                    ->url($this->operationRun ? OperationRunLinks::view($this->operationRun, $tenant) : BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
             ]);
         }
 
diff --git a/app/Jobs/EntraGroupSyncJob.php b/app/Jobs/EntraGroupSyncJob.php
index cb52e8a..e5353c4 100644
--- a/app/Jobs/EntraGroupSyncJob.php
+++ b/app/Jobs/EntraGroupSyncJob.php
@@ -2,10 +2,13 @@
 
 namespace App\Jobs;
 
+use App\Jobs\Middleware\TrackOperationRun;
 use App\Models\EntraGroupSyncRun;
+use App\Models\OperationRun;
 use App\Models\Tenant;
 use App\Services\Directory\EntraGroupSyncService;
 use App\Services\Intune\AuditLogger;
+use App\Services\OperationRunService;
 use Carbon\CarbonImmutable;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
@@ -18,12 +21,22 @@ class EntraGroupSyncJob implements ShouldQueue
 {
     use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
 
+    public ?OperationRun $operationRun = null;
+
     public function __construct(
         public int $tenantId,
         public string $selectionKey,
         public ?string $slotKey = null,
         public ?int $runId = null,
-    ) {}
+        ?OperationRun $operationRun = null
+    ) {
+        $this->operationRun = $operationRun;
+    }
+
+    public function middleware(): array
+    {
+        return [new TrackOperationRun];
+    }
 
     public function handle(EntraGroupSyncService $syncService, AuditLogger $auditLogger): void
     {
@@ -35,6 +48,7 @@ public function handle(EntraGroupSyncService $syncService, AuditLogger $auditLog
         $run = $this->resolveRun($tenant);
 
         if ($run->status !== EntraGroupSyncRun::STATUS_PENDING) {
+            // Already ran?
             return;
         }
 
@@ -81,6 +95,31 @@ public function handle(EntraGroupSyncService $syncService, AuditLogger $auditLog
             'finished_at' => CarbonImmutable::now('UTC'),
         ]);
 
+        // Update OperationRun with stats
+        if ($this->operationRun) {
+            /** @var OperationRunService $opService */
+            $opService = app(OperationRunService::class);
+
+            $opOutcome = match ($terminalStatus) {
+                EntraGroupSyncRun::STATUS_SUCCEEDED => 'succeeded',
+                EntraGroupSyncRun::STATUS_PARTIAL => 'partially_succeeded',
+                EntraGroupSyncRun::STATUS_FAILED => 'failed',
+                default => 'failed'
+            };
+
+            $opService->updateRun(
+                $this->operationRun,
+                'completed',
+                $opOutcome,
+                [
+                    'fetched' => $result['items_observed_count'],
+                    'upserted' => $result['items_upserted_count'],
+                    'errors' => $result['error_count'],
+                ],
+                $result['error_summary'] ? [['code' => $result['error_code'] ?? 'ERR', 'message' => json_encode($result['error_summary'])]] : []
+            );
+        }
+
         $auditLogger->log(
             tenant: $tenant,
             action: $terminalStatus === EntraGroupSyncRun::STATUS_SUCCEEDED
diff --git a/app/Jobs/GenerateDriftFindingsJob.php b/app/Jobs/GenerateDriftFindingsJob.php
index f5c75ec..3c66403 100644
--- a/app/Jobs/GenerateDriftFindingsJob.php
+++ b/app/Jobs/GenerateDriftFindingsJob.php
@@ -2,12 +2,17 @@
 
 namespace App\Jobs;
 
+use App\Jobs\Middleware\TrackOperationRun;
 use App\Models\BulkOperationRun;
 use App\Models\InventorySyncRun;
+use App\Models\OperationRun;
 use App\Models\Tenant;
-use App\Notifications\RunStatusChangedNotification;
 use App\Services\BulkOperationService;
 use App\Services\Drift\DriftFindingGenerator;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
+use Filament\Actions\Action;
+use Filament\Notifications\Notification;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Foundation\Bus\Dispatchable;
@@ -21,6 +26,8 @@ class GenerateDriftFindingsJob implements ShouldQueue
 {
     use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
 
+    public ?OperationRun $operationRun = null;
+
     public function __construct(
         public int $tenantId,
         public int $userId,
@@ -28,7 +35,15 @@ public function __construct(
         public int $currentRunId,
         public string $scopeKey,
         public int $bulkOperationRunId,
-    ) {}
+        ?OperationRun $operationRun = null
+    ) {
+        $this->operationRun = $operationRun;
+    }
+
+    public function middleware(): array
+    {
+        return [new TrackOperationRun];
+    }
 
     /**
      * Execute the job.
@@ -88,6 +103,17 @@ public function handle(DriftFindingGenerator $generator, BulkOperationService $b
             $bulkOperationService->recordSuccess($run);
             $bulkOperationService->complete($run);
 
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+                $opService->updateRun(
+                    $this->operationRun,
+                    'completed',
+                    'succeeded',
+                    ['findings_created' => $created]
+                );
+            }
+
             $this->notifyStatus($run->refresh());
         } catch (Throwable $e) {
             Log::error('GenerateDriftFindingsJob: failed', [
@@ -107,6 +133,14 @@ public function handle(DriftFindingGenerator $generator, BulkOperationService $b
             );
 
             $bulkOperationService->fail($run, $e->getMessage());
+
+            // TrackOperationRun middleware might catch this, but explicit fail ensures structure
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+                $opService->failRun($this->operationRun, $e);
+            }
+
             $this->notifyStatus($run->refresh());
 
             throw $e;
@@ -124,55 +158,50 @@ private function notifyStatus(BulkOperationRun $run): void
                 return;
             }
 
-            $status = 'failed';
+            $tenant = Tenant::query()->find((int) $run->tenant_id);
 
-            try {
-                $status = $run->statusBucket();
-            } catch (Throwable) {
-                $failureEntries = $run->failures ?? [];
-                $hasNonSkippedFailure = false;
-                foreach ($failureEntries as $entry) {
-                    if (! is_array($entry)) {
-                        continue;
-                    }
-
-                    if (($entry['type'] ?? 'failed') !== 'skipped') {
-                        $hasNonSkippedFailure = true;
-                        break;
-                    }
-                }
-
-                $failedCount = (int) ($run->failed ?? 0);
-                $succeededCount = (int) ($run->succeeded ?? 0);
-                $hasFailures = $failedCount > 0 || $hasNonSkippedFailure;
-
-                if ($succeededCount > 0 && $hasFailures) {
-                    $status = 'partially succeeded';
-                } elseif ($succeededCount === 0 && $hasFailures) {
-                    $status = 'failed';
-                } else {
-                    $status = match ($run->status) {
-                        'pending' => 'queued',
-                        'running' => 'running',
-                        'completed', 'completed_with_errors' => 'succeeded',
-                        default => 'failed',
-                    };
-                }
+            if (! $tenant instanceof Tenant) {
+                return;
             }
 
-            $run->user->notify(new RunStatusChangedNotification([
-                'tenant_id' => (int) $run->tenant_id,
-                'run_type' => 'bulk_operation',
-                'run_id' => (int) $run->getKey(),
-                'status' => $status,
-                'counts' => [
-                    'total' => (int) $run->total_items,
-                    'processed' => (int) $run->processed_items,
-                    'succeeded' => (int) $run->succeeded,
-                    'failed' => (int) $run->failed,
-                    'skipped' => (int) $run->skipped,
-                ],
-            ]));
+            $status = $run->statusBucket();
+
+            $title = match ($status) {
+                'queued' => 'Drift generation queued',
+                'running' => 'Drift generation started',
+                'succeeded' => 'Drift generation completed',
+                'partially succeeded' => 'Drift generation completed (partial)',
+                default => 'Drift generation failed',
+            };
+
+            $body = sprintf(
+                'Total: %d, processed: %d, succeeded: %d, failed: %d, skipped: %d.',
+                (int) $run->total_items,
+                (int) $run->processed_items,
+                (int) $run->succeeded,
+                (int) $run->failed,
+                (int) $run->skipped,
+            );
+
+            $notification = Notification::make()
+                ->title($title)
+                ->body($body)
+                ->actions([
+                    Action::make('view_run')
+                        ->label('View run')
+                        ->url($this->operationRun ? OperationRunLinks::view($this->operationRun, $tenant) : OperationRunLinks::index($tenant)),
+                ]);
+
+            match ($status) {
+                'succeeded' => $notification->success(),
+                'partially succeeded' => $notification->warning(),
+                'queued', 'running' => $notification->info(),
+                default => $notification->danger(),
+            };
+
+            $notification
+                ->sendToDatabase($run->user)
+                ->send();
         } catch (Throwable $e) {
             Log::warning('GenerateDriftFindingsJob: status notification failed', [
                 'tenant_id' => (int) $run->tenant_id,
diff --git a/app/Jobs/Middleware/TrackOperationRun.php b/app/Jobs/Middleware/TrackOperationRun.php
new file mode 100644
index 0000000..9d878b7
--- /dev/null
+++ b/app/Jobs/Middleware/TrackOperationRun.php
@@ -0,0 +1,61 @@
+<?php
+
+namespace App\Jobs\Middleware;
+
+use App\Models\OperationRun;
+use App\Services\OperationRunService;
+use Closure;
+
+class TrackOperationRun
+{
+    /**
+     * Process the queued job.
+     *
+     * @param  mixed  $job
+     * @param  callable  $next
+     * @return mixed
+     */
+    public function handle($job, Closure $next)
+    {
+        // Check if the job has an 'operationRun' property or method
+        $run = null;
+
+        if (method_exists($job, 'getOperationRun')) {
+            $run = $job->getOperationRun();
+        } elseif (property_exists($job, 'operationRun')) {
+            $run = $job->operationRun;
+        }
+
+        if (! $run instanceof OperationRun) {
+            return $next($job);
+        }
+
+        /** @var OperationRunService $service */
+        $service = app(OperationRunService::class);
+
+        // Mark as running
+        $service->updateRun($run, 'running');
+
+        try {
+            $response = $next($job);
+
+            // If the job was released back onto the queue (retry / delay), do not mark the run as completed.
+            if (property_exists($job, 'job') && $job->job && method_exists($job->job, 'isReleased') && $job->job->isReleased()) {
+                return $response;
+            }
+
+            // If the job didn't already mark it as completed/failed, we do it here.
+            // Re-fetch to check current status
+            $run->refresh();
+
+            if ($run->status === 'running') {
+                $service->updateRun($run, 'completed', 'succeeded');
+            }
+
+            return $response;
+        } catch (\Throwable $e) {
+            $service->failRun($run, $e);
+            throw $e;
+        }
+    }
+}
diff --git a/app/Jobs/PruneOldOperationRunsJob.php b/app/Jobs/PruneOldOperationRunsJob.php
new file mode 100644
index 0000000..315bbe1
--- /dev/null
+++ b/app/Jobs/PruneOldOperationRunsJob.php
@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Jobs;
+
+use App\Models\OperationRun;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+
+class PruneOldOperationRunsJob implements ShouldQueue
+{
+    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
+
+    /**
+     * Create a new job instance.
+     */
+    public function __construct(
+        public int $retentionDays = 90
+    ) {}
+
+    /**
+     * Execute the job.
+     */
+    public function handle(): void
+    {
+        OperationRun::where('created_at', '<', now()->subDays($this->retentionDays))
+            ->delete();
+    }
+}
diff --git a/app/Jobs/RemovePoliciesFromBackupSetJob.php b/app/Jobs/RemovePoliciesFromBackupSetJob.php
new file mode 100644
index 0000000..ffa3fea
--- /dev/null
+++ b/app/Jobs/RemovePoliciesFromBackupSetJob.php
@@ -0,0 +1,301 @@
+<?php
+
+namespace App\Jobs;
+
+use App\Jobs\Middleware\TrackOperationRun;
+use App\Models\BackupItem;
+use App\Models\BackupSet;
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Models\User;
+use App\Services\BulkOperationService;
+use App\Services\Intune\AuditLogger;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
+use Filament\Notifications\Notification;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+use Throwable;
+
+class RemovePoliciesFromBackupSetJob implements ShouldQueue
+{
+    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
+
+    public ?OperationRun $operationRun = null;
+
+    /**
+     * @param  array<int,int>  $backupItemIds
+     */
+    public function __construct(
+        public int $backupSetId,
+        public array $backupItemIds,
+        public int $initiatorUserId,
+        ?OperationRun $operationRun = null,
+    ) {
+        $this->operationRun = $operationRun;
+    }
+
+    /**
+     * @return array<int, object>
+     */
+    public function middleware(): array
+    {
+        return [new TrackOperationRun];
+    }
+
+    public function handle(
+        AuditLogger $auditLogger,
+        BulkOperationService $bulkOperationService,
+    ): void {
+        $backupSet = BackupSet::query()->with(['tenant'])->find($this->backupSetId);
+
+        if (! $backupSet instanceof BackupSet) {
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+                $opService->updateRun(
+                    $this->operationRun,
+                    'completed',
+                    'failed',
+                    ['backup_set_id' => $this->backupSetId],
+                    [['code' => 'backup_set.not_found', 'message' => 'Backup set not found.']]
+                );
+            }
+
+            return;
+        }
+
+        $tenant = $backupSet->tenant;
+
+        $initiator = User::query()->find($this->initiatorUserId);
+
+        $requestedIds = collect($this->backupItemIds)
+            ->map(fn (mixed $value): int => (int) $value)
+            ->filter(fn (int $value): bool => $value > 0)
+            ->unique()
+            ->sort()
+            ->values()
+            ->all();
+
+        $requestedCount = count($requestedIds);
+
+        $failures = [];
+
+        try {
+            /** @var \Illuminate\Database\Eloquent\Collection<int, BackupItem> $items */
+            $items = BackupItem::query()
+                ->where('backup_set_id', $backupSet->getKey())
+                ->whereIn('id', $requestedIds)
+                ->get();
+
+            $foundIds = $items->pluck('id')->map(fn (mixed $value): int => (int) $value)->all();
+            $missingIds = array_values(array_diff($requestedIds, $foundIds));
+
+            foreach ($missingIds as $missingId) {
+                $failures[] = [
+                    'code' => 'backup_item.not_found',
+                    'message' => $bulkOperationService->sanitizeFailureReason("Backup item {$missingId} not found (already removed?)."),
+                ];
+            }
+
+            $removed = 0;
+            $policyIds = [];
+            $policyIdentifiers = [];
+
+            foreach ($items as $item) {
+                $item->delete();
+                $removed++;
+
+                if ($item->policy_id) {
+                    $policyIds[] = (int) $item->policy_id;
+                }
+
+                if ($item->policy_identifier) {
+                    $policyIdentifiers[] = (string) $item->policy_identifier;
+                }
+            }
+
+            $backupSet->update([
+                'item_count' => $backupSet->items()->count(),
+            ]);
+
+            if ($tenant instanceof Tenant) {
+                $auditLogger->log(
+                    tenant: $tenant,
+                    action: 'backup.items_removed',
+                    resourceType: 'backup_set',
+                    resourceId: (string) $backupSet->getKey(),
+                    status: 'success',
+                    context: [
+                        'metadata' => [
+                            'removed_count' => $removed,
+                            'requested_count' => $requestedCount,
+                            'missing_count' => count($missingIds),
+                            'policy_ids' => array_values(array_unique($policyIds)),
+                            'policy_identifiers' => array_values(array_unique($policyIdentifiers)),
+                            'backup_set_id' => (int) $backupSet->getKey(),
+                            'initiator_user_id' => $initiator?->getKey(),
+                        ],
+                    ],
+                    actorId: $initiator?->getKey(),
+                );
+            }
+
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+
+                $outcome = 'succeeded';
+                if ($removed === 0) {
+                    $outcome = 'failed';
+                } elseif ($failures !== []) {
+                    $outcome = 'partially_succeeded';
+                }
+
+                $opService->updateRun(
+                    $this->operationRun,
+                    'completed',
+                    $outcome,
+                    [
+                        'backup_set_id' => (int) $backupSet->getKey(),
+                        'requested' => $requestedCount,
+                        'removed' => $removed,
+                        'missing' => count($missingIds),
+                        'remaining' => (int) $backupSet->item_count,
+                    ],
+                    $failures,
+                );
+            }
+
+            $this->notifyCompleted(
+                initiator: $initiator,
+                tenant: $tenant instanceof Tenant ? $tenant : null,
+                removed: $removed,
+                requested: $requestedCount,
+                missing: count($missingIds),
+                outcome: $outcome,
+            );
+        } catch (Throwable $throwable) {
+            if ($tenant instanceof Tenant) {
+                $auditLogger->log(
+                    tenant: $tenant,
+                    action: 'backup.items_removed',
+                    resourceType: 'backup_set',
+                    resourceId: (string) $backupSet->getKey(),
+                    status: 'failed',
+                    context: [
+                        'metadata' => [
+                            'requested_count' => $requestedCount,
+                            'backup_set_id' => (int) $backupSet->getKey(),
+                        ],
+                    ],
+                    actorId: $initiator?->getKey(),
+                );
+            }
+
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+                $opService->failRun($this->operationRun, $throwable);
+            }
+
+            $this->notifyFailed(
+                initiator: $initiator,
+                tenant: $tenant instanceof Tenant ? $tenant : null,
+                reason: $bulkOperationService->sanitizeFailureReason($throwable->getMessage()),
+            );
+
+            throw $throwable;
+        }
+    }
+
+    private function notifyCompleted(
+        ?User $initiator,
+        ?Tenant $tenant,
+        int $removed,
+        int $requested,
+        int $missing,
+        ?string $outcome,
+    ): void {
+        if (! $initiator instanceof User) {
+            return;
+        }
+
+        if (! $this->operationRun) {
+            return;
+        }
+
+        $message = "Removed {$removed} policies";
+
+        if ($missing > 0) {
+            $message .= " ({$missing} missing)";
+        }
+
+        if ($requested !== $removed && $missing === 0) {
+            $skipped = max(0, $requested - $removed);
+            if ($skipped > 0) {
+                $message .= " ({$skipped} not removed)";
+            }
+        }
+
+        $message .= '.';
+
+        $partial = in_array((string) $outcome, ['partially_succeeded'], true) || $missing > 0;
+        $failed = in_array((string) $outcome, ['failed'], true);
+
+        $notification = Notification::make()
+            ->title($failed ? 'Removal failed' : ($partial ? 'Removal completed (partial)' : 'Removal completed'))
+            ->body($message);
+
+        if ($tenant instanceof Tenant) {
+            $notification->actions([
+                \Filament\Actions\Action::make('view_run')
+                    ->label('View run')
+                    ->url(OperationRunLinks::view($this->operationRun, $tenant)),
+            ]);
+        }
+
+        if ($failed) {
+            $notification->danger();
+        } elseif ($partial) {
+            $notification->warning();
+        } else {
+            $notification->success();
+        }
+
+        $notification
+            ->sendToDatabase($initiator)
+            ->send();
+    }
+
+    private function notifyFailed(?User $initiator, ?Tenant $tenant, string $reason): void
+    {
+        if (! $initiator instanceof User) {
+            return;
+        }
+
+        if (! $this->operationRun) {
+            return;
+        }
+
+        $notification = Notification::make()
+            ->title('Removal failed')
+            ->body($reason);
+
+        if ($tenant instanceof Tenant) {
+            $notification->actions([
+                \Filament\Actions\Action::make('view_run')
+                    ->label('View run')
+                    ->url(OperationRunLinks::view($this->operationRun, $tenant)),
+            ]);
+        }
+
+        $notification
+            ->danger()
+            ->sendToDatabase($initiator)
+            ->send();
+    }
+}
diff --git a/app/Jobs/RunBackupScheduleJob.php b/app/Jobs/RunBackupScheduleJob.php
index 23c802b..27e196a 100644
--- a/app/Jobs/RunBackupScheduleJob.php
+++ b/app/Jobs/RunBackupScheduleJob.php
@@ -2,9 +2,12 @@
 
 namespace App\Jobs;
 
+use App\Jobs\Middleware\TrackOperationRun;
 use App\Models\BackupSchedule;
 use App\Models\BackupScheduleRun;
 use App\Models\BulkOperationRun;
+use App\Models\OperationRun;
+use App\Models\Tenant;
 use App\Services\BackupScheduling\PolicyTypeResolver;
 use App\Services\BackupScheduling\RunErrorMapper;
 use App\Services\BackupScheduling\ScheduleTimeService;
@@ -12,8 +15,10 @@
 use App\Services\Intune\AuditLogger;
 use App\Services\Intune\BackupService;
 use App\Services\Intune\PolicySyncService;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use Carbon\CarbonImmutable;
-use Filament\Notifications\Events\DatabaseNotificationsSent;
+use Filament\Actions\Action;
 use Filament\Notifications\Notification;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
@@ -30,10 +35,20 @@ class RunBackupScheduleJob implements ShouldQueue
 
     public int $tries = 3;
 
+    public ?OperationRun $operationRun = null;
+
     public function __construct(
         public int $backupScheduleRunId,
         public ?int $bulkRunId = null,
-    ) {}
+        ?OperationRun $operationRun = null,
+    ) {
+        $this->operationRun = $operationRun;
+    }
+
+    public function middleware(): array
+    {
+        return [new TrackOperationRun];
+    }
 
     public function handle(
         PolicySyncService $policySyncService,
@@ -49,9 +64,41 @@ public function handle(
             ->find($this->backupScheduleRunId);
 
         if (! $run) {
+            if ($this->operationRun) {
+                $this->markOperationRunFailed(
+                    run: $this->operationRun,
+                    bulkOperationService: $bulkOperationService,
+                    summaryCounts: [],
+                    reasonCode: 'RUN_NOT_FOUND',
+                    reason: 'Backup schedule run not found.',
+                );
+            }
+
             return;
         }
 
+        $tenant = $run->tenant;
+
+        if ($tenant instanceof Tenant) {
+            $this->resolveOperationRunFromContext($tenant, $run);
+        }
+
+        if ($this->operationRun) {
+            $this->operationRun->update([
+                'context' => array_merge($this->operationRun->context ?? [], [
+                    'backup_schedule_id' => (int) $run->backup_schedule_id,
+                    'backup_schedule_run_id' => (int) $run->getKey(),
+                ]),
+            ]);
+
+            /** @var OperationRunService $operationRunService */
+            $operationRunService = app(OperationRunService::class);
+
+            if ($this->operationRun->status === 'queued') {
+                $operationRunService->updateRun($this->operationRun, 'running');
+            }
+        }
+
         $bulkRun = $this->bulkRunId
             ? BulkOperationRun::query()->with(['tenant', 'user'])->find($this->bulkRunId)
             : null;
@@ -77,11 +124,22 @@ public function handle(
                 'finished_at' => CarbonImmutable::now('UTC'),
             ]);
 
+            if ($this->operationRun) {
+                $this->markOperationRunFailed(
+                    run: $this->operationRun,
+                    bulkOperationService: $bulkOperationService,
+                    summaryCounts: [
+                        'backup_schedule_id' => (int) $run->backup_schedule_id,
+                        'backup_schedule_run_id' => (int) $run->getKey(),
+                    ],
+                    reasonCode: 'SCHEDULE_NOT_FOUND',
+                    reason: 'Schedule not found.',
+                );
+            }
+
             return;
         }
 
-        $tenant = $run->tenant;
-
         if (! $tenant) {
             $run->update([
                 'status' => BackupScheduleRun::STATUS_FAILED,
@@ -90,6 +148,19 @@ public function handle(
                 'finished_at' => CarbonImmutable::now('UTC'),
             ]);
 
+            if ($this->operationRun) {
+                $this->markOperationRunFailed(
+                    run: $this->operationRun,
+                    bulkOperationService: $bulkOperationService,
+                    summaryCounts: [
+                        'backup_schedule_id' => (int) $run->backup_schedule_id,
+                        'backup_schedule_run_id' => (int) $run->getKey(),
+                    ],
+                    reasonCode: 'TENANT_NOT_FOUND',
+                    reason: 'Tenant not found.',
+                );
+            }
+
             return;
         }
 
@@ -107,6 +178,13 @@ public function handle(
                 bulkRunId: $this->bulkRunId,
             );
 
+            $this->syncOperationRunFromRun(
+                tenant: $tenant,
+                schedule: $schedule,
+                run: $run->refresh(),
+                bulkOperationService: $bulkOperationService,
+            );
+
             return;
         }
 
@@ -153,6 +231,13 @@ public function handle(
                     bulkRunId: $this->bulkRunId,
                 );
 
+                $this->syncOperationRunFromRun(
+                    tenant: $tenant,
+                    schedule: $schedule,
+                    run: $run->refresh(),
+                    bulkOperationService: $bulkOperationService,
+                );
+
                 return;
             }
 
@@ -212,6 +297,13 @@ public function handle(
                 bulkRunId: $this->bulkRunId,
             );
 
+            $this->syncOperationRunFromRun(
+                tenant: $tenant,
+                schedule: $schedule,
+                run: $run->refresh(),
+                bulkOperationService: $bulkOperationService,
+            );
+
             $auditLogger->log(
                 tenant: $tenant,
                 action: 'backup_schedule.run_finished',
@@ -232,6 +324,12 @@ public function handle(
             $mapped = $errorMapper->map($throwable, $attempt, $this->tries);
 
             if ($mapped['shouldRetry']) {
+                if ($this->operationRun) {
+                    /** @var OperationRunService $operationRunService */
+                    $operationRunService = app(OperationRunService::class);
+                    $operationRunService->updateRun($this->operationRun, 'running', 'pending');
+                }
+
                 $this->release($mapped['delay']);
 
                 return;
@@ -251,6 +349,13 @@ public function handle(
                 bulkRunId: $this->bulkRunId,
             );
 
+            $this->syncOperationRunFromRun(
+                tenant: $tenant,
+                schedule: $schedule,
+                run: $run->refresh(),
+                bulkOperationService: $bulkOperationService,
+            );
+
             $auditLogger->log(
                 tenant: $tenant,
                 action: 'backup_schedule.run_failed',
@@ -281,10 +386,14 @@ private function notifyRunStarted(BackupScheduleRun $run, BackupSchedule $schedu
         $notification = Notification::make()
             ->title('Backup started')
             ->body(sprintf('Schedule "%s" has started.', $schedule->name))
-            ->info();
+            ->info()
+            ->actions([
+                Action::make('view_run')
+                    ->label('View run')
+                    ->url($this->operationRun ? OperationRunLinks::view($this->operationRun, $run->tenant) : OperationRunLinks::index($run->tenant)),
+            ]);
 
-        $user->notifyNow($notification->toDatabase());
-        DatabaseNotificationsSent::dispatch($user);
+        $notification->sendToDatabase($user);
     }
 
     private function notifyRunFinished(BackupScheduleRun $run, BackupSchedule $schedule): void
@@ -316,8 +425,148 @@ private function notifyRunFinished(BackupScheduleRun $run, BackupSchedule $sched
             default => $notification->danger(),
         };
 
-        $user->notifyNow($notification->toDatabase());
-        DatabaseNotificationsSent::dispatch($user);
+        $notification
+            ->actions([
+                Action::make('view_run')
+                    ->label('View run')
+                    ->url($this->operationRun ? OperationRunLinks::view($this->operationRun, $run->tenant) : OperationRunLinks::index($run->tenant)),
+            ])
+            ->sendToDatabase($user);
+    }
+
+    private function syncOperationRunFromRun(
+        Tenant $tenant,
+        BackupSchedule $schedule,
+        BackupScheduleRun $run,
+        BulkOperationService $bulkOperationService,
+    ): void {
+        if (! $this->operationRun) {
+            return;
+        }
+
+        $outcome = match ($run->status) {
+            BackupScheduleRun::STATUS_SUCCESS => 'succeeded',
+            BackupScheduleRun::STATUS_PARTIAL => 'partially_succeeded',
+            // Note: 'cancelled' is a reserved OperationRun outcome token.
+            // We treat schedule SKIPPED/CANCELED as terminal failures with a failure entry.
+            BackupScheduleRun::STATUS_SKIPPED,
+            BackupScheduleRun::STATUS_CANCELED => 'failed',
+            default => 'failed',
+        };
+
+        $summary = is_array($run->summary) ? $run->summary : [];
+        $syncFailures = $summary['sync_failures'] ?? [];
+
+        $summaryCounts = [
+            'backup_schedule_id' => (int) $schedule->getKey(),
+            'backup_schedule_run_id' => (int) $run->getKey(),
+            'backup_set_id' => $run->backup_set_id ? (int) $run->backup_set_id : null,
+            'policies_total' => (int) ($summary['policies_total'] ?? 0),
+            'policies_backed_up' => (int) ($summary['policies_backed_up'] ?? 0),
+            'sync_failures' => is_array($syncFailures) ? count($syncFailures) : 0,
+        ];
+
+        $summaryCounts = array_filter($summaryCounts, fn (mixed $value): bool => $value !== null);
+
+        $failures = [];
+
+        if (filled($run->error_message) || filled($run->error_code)) {
+            $failures[] = [
+                'code' => (string) ($run->error_code ?: 'BACKUP_SCHEDULE_ERROR'),
+                'message' => $bulkOperationService->sanitizeFailureReason((string) ($run->error_message ?: 'Backup schedule run failed.')),
+            ];
+        }
+
+        if (is_array($syncFailures)) {
+            foreach ($syncFailures as $failure) {
+                if (! is_array($failure)) {
+                    continue;
+                }
+
+                $policyType = (string) ($failure['policy_type'] ?? 'unknown');
+                $status = is_numeric($failure['status'] ?? null) ? (int) $failure['status'] : null;
+                $errors = $failure['errors'] ?? null;
+
+                $firstErrorMessage = null;
+                if (is_array($errors) && isset($errors[0]) && is_array($errors[0])) {
+                    $firstErrorMessage = $errors[0]['message'] ?? null;
+                }
+
+                $message = $status !== null
+                    ? "{$policyType}: Graph returned {$status}"
+                    : "{$policyType}: Graph request failed";
+
+                if (is_string($firstErrorMessage) && $firstErrorMessage !== '') {
+                    $message .= ' - '.trim($firstErrorMessage);
+                }
+
+                $failures[] = [
+                    'code' => $status !== null ? "GRAPH_HTTP_{$status}" : 'GRAPH_ERROR',
+                    'message' => $bulkOperationService->sanitizeFailureReason($message),
+                ];
+            }
+        }
+
+        /** @var OperationRunService $operationRunService */
+        $operationRunService = app(OperationRunService::class);
+
+        $this->operationRun->update([
+            'context' => array_merge($this->operationRun->context ?? [], [
+                'backup_schedule_id' => (int) $schedule->getKey(),
+                'backup_schedule_run_id' => (int) $run->getKey(),
+            ]),
+        ]);
+
+        $operationRunService->updateRun(
+            $this->operationRun,
+            status: 'completed',
+            outcome: $outcome,
+            summaryCounts: $summaryCounts,
+            failures: $failures,
+        );
+    }
+
+    private function markOperationRunFailed(
+        OperationRun $run,
+        BulkOperationService $bulkOperationService,
+        array $summaryCounts,
+        string $reasonCode,
+        string $reason,
+    ): void {
+        /** @var OperationRunService $operationRunService */
+        $operationRunService = app(OperationRunService::class);
+
+        $operationRunService->updateRun(
+            $run,
+            status: 'completed',
+            outcome: 'failed',
+            summaryCounts: $summaryCounts,
+            failures: [
+                [
+                    'code' => $reasonCode,
+                    'message' => $bulkOperationService->sanitizeFailureReason($reason),
+                ],
+            ],
+        );
+    }
+
+    private function resolveOperationRunFromContext(Tenant $tenant, BackupScheduleRun $run): void
+    {
+        if ($this->operationRun) {
+            return;
+        }
+
+        $operationRun = OperationRun::query()
+            ->where('tenant_id', $tenant->getKey())
+            ->whereIn('type', ['backup_schedule.run_now', 'backup_schedule.retry'])
+            ->whereIn('status', ['queued', 'running'])
+            ->where('context->backup_schedule_run_id', (int) $run->getKey())
+            ->latest('id')
+            ->first();
+
+        if ($operationRun instanceof OperationRun) {
+            $this->operationRun = $operationRun;
+        }
     }
 
     private function finishRun(
diff --git a/app/Jobs/RunInventorySyncJob.php b/app/Jobs/RunInventorySyncJob.php
index 8eeaf84..2e1e18b 100644
--- a/app/Jobs/RunInventorySyncJob.php
+++ b/app/Jobs/RunInventorySyncJob.php
@@ -2,13 +2,17 @@
 
 namespace App\Jobs;
 
+use App\Jobs\Middleware\TrackOperationRun;
 use App\Models\BulkOperationRun;
 use App\Models\InventorySyncRun;
+use App\Models\OperationRun;
 use App\Models\Tenant;
 use App\Models\User;
 use App\Services\BulkOperationService;
 use App\Services\Intune\AuditLogger;
 use App\Services\Inventory\InventorySyncService;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use Filament\Notifications\Notification;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
@@ -21,6 +25,8 @@ class RunInventorySyncJob implements ShouldQueue
 {
     use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
 
+    public ?OperationRun $operationRun = null;
+
     /**
      * Create a new job instance.
      */
@@ -29,7 +35,20 @@ public function __construct(
         public int $userId,
         public int $bulkRunId,
         public int $inventorySyncRunId,
-    ) {}
+        ?OperationRun $operationRun = null
+    ) {
+        $this->operationRun = $operationRun;
+    }
+
+    /**
+     * Get the middleware the job should pass through.
+     *
+     * @return array<int, object>
+     */
+    public function middleware(): array
+    {
+        return [new TrackOperationRun];
+    }
 
     /**
      * Execute the job.
@@ -60,6 +79,11 @@ public function handle(BulkOperationService $bulkOperationService, InventorySync
 
         $processedPolicyTypes = [];
 
+        // Note: The TrackOperationRun middleware will automatically set status to 'running' at start.
+        // It will also handle success completion if no exceptions thrown.
+        // However, InventorySyncService execution logic might be complex with partial failures.
+        // We might want to explicitly update the OperationRun if partial failures occur.
+
         $run = $inventorySyncService->executePendingRun(
             $run,
             $tenant,
@@ -81,9 +105,31 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
             $policyTypes = is_array($run->selection_payload['policy_types'] ?? null) ? $run->selection_payload['policy_types'] : [];
         }
 
+        // --- Helper to update OperationRun with rich context ---
+        $updateOpRun = function (string $outcome, array $counts = [], array $failures = []) {
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+                $opService->updateRun(
+                    $this->operationRun,
+                    'completed',
+                    $outcome,
+                    $counts,
+                    $failures
+                );
+            }
+        };
+        // -----------------------------------------------------
+
         if ($run->status === InventorySyncRun::STATUS_SUCCESS) {
             $bulkOperationService->complete($bulkRun);
 
+            // Update Operation Run explicitly to provide counts
+            $updateOpRun('succeeded', [
+                'observed' => $run->items_observed_count,
+                'upserted' => $run->items_upserted_count,
+            ]);
+
             $auditLogger->log(
                 tenant: $tenant,
                 action: 'inventory.sync.completed',
@@ -107,6 +153,11 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
                 ->title('Inventory sync completed')
                 ->body('Inventory sync finished successfully.')
                 ->success()
+                ->actions($this->operationRun ? [
+                    \Filament\Actions\Action::make('view_run')
+                        ->label('View run')
+                        ->url(OperationRunLinks::view($this->operationRun, $tenant)),
+                ] : [])
                 ->sendToDatabase($user)
                 ->send();
 
@@ -116,6 +167,15 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
         if ($run->status === InventorySyncRun::STATUS_PARTIAL) {
             $bulkOperationService->complete($bulkRun);
 
+            $updateOpRun('partially_succeeded', [
+                'observed' => $run->items_observed_count,
+                'upserted' => $run->items_upserted_count,
+                'errors' => $run->errors_count,
+            ], [
+                // Minimal error summary
+                ['code' => 'PARTIAL_SYNC', 'message' => "Errors: {$run->errors_count}"],
+            ]);
+
             $auditLogger->log(
                 tenant: $tenant,
                 action: 'inventory.sync.partial',
@@ -141,6 +201,11 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
                 ->title('Inventory sync completed with errors')
                 ->body('Inventory sync finished with some errors. Review the run details for error codes.')
                 ->warning()
+                ->actions($this->operationRun ? [
+                    \Filament\Actions\Action::make('view_run')
+                        ->label('View run')
+                        ->url(OperationRunLinks::view($this->operationRun, $tenant)),
+                ] : [])
                 ->sendToDatabase($user)
                 ->send();
 
@@ -155,6 +220,8 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
             }
             $bulkOperationService->complete($bulkRun);
 
+            $updateOpRun('failed', [], [['code' => 'SKIPPED', 'message' => $reason]]);
+
             $auditLogger->log(
                 tenant: $tenant,
                 action: 'inventory.sync.skipped',
@@ -177,6 +244,11 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
                 ->title('Inventory sync skipped')
                 ->body('Inventory sync could not start due to locks or concurrency limits.')
                 ->warning()
+                ->actions($this->operationRun ? [
+                    \Filament\Actions\Action::make('view_run')
+                        ->label('View run')
+                        ->url(OperationRunLinks::view($this->operationRun, $tenant)),
+                ] : [])
                 ->sendToDatabase($user)
                 ->send();
 
@@ -192,6 +264,8 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
 
         $bulkOperationService->complete($bulkRun);
 
+        $updateOpRun('failed', [], [['code' => 'FAILED', 'message' => $reason]]);
+
         $auditLogger->log(
             tenant: $tenant,
             action: 'inventory.sync.failed',
@@ -215,6 +289,11 @@ function (string $policyType, bool $success, ?string $errorCode) use ($bulkOpera
             ->title('Inventory sync failed')
             ->body('Inventory sync finished with errors.')
             ->danger()
+            ->actions($this->operationRun ? [
+                \Filament\Actions\Action::make('view_run')
+                    ->label('View run')
+                    ->url(OperationRunLinks::view($this->operationRun, $tenant)),
+            ] : [])
             ->sendToDatabase($user)
             ->send();
     }
diff --git a/app/Jobs/SyncPoliciesJob.php b/app/Jobs/SyncPoliciesJob.php
index 81df8f2..613b719 100644
--- a/app/Jobs/SyncPoliciesJob.php
+++ b/app/Jobs/SyncPoliciesJob.php
@@ -2,8 +2,13 @@
 
 namespace App\Jobs;
 
+use App\Jobs\Middleware\TrackOperationRun;
+use App\Models\OperationRun;
+use App\Models\Policy;
 use App\Models\Tenant;
+use App\Services\BulkOperationService;
 use App\Services\Intune\PolicySyncService;
+use App\Services\OperationRunService;
 use Illuminate\Bus\Queueable;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Foundation\Bus\Dispatchable;
@@ -14,24 +19,162 @@ class SyncPoliciesJob implements ShouldQueue
 {
     use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
 
+    public ?OperationRun $operationRun = null;
+
     /**
      * @param  array<int, string>|null  $types
+     * @param  array<int, int>|null  $policyIds
      */
     public function __construct(
         public readonly int $tenantId,
         public readonly ?array $types = null,
-    ) {}
+        public readonly ?array $policyIds = null,
+        ?OperationRun $operationRun = null
+    ) {
+        $this->operationRun = $operationRun;
+    }
 
-    public function handle(PolicySyncService $service): void
+    public function middleware(): array
+    {
+        return [new TrackOperationRun];
+    }
+
+    public function handle(PolicySyncService $service, BulkOperationService $bulkOperationService): void
     {
         $tenant = Tenant::findOrFail($this->tenantId);
 
-        $supported = config('tenantpilot.supported_policy_types');
+        if ($this->policyIds !== null) {
+            $ids = collect($this->policyIds)
+                ->map(static fn ($id): int => (int) $id)
+                ->unique()
+                ->sort()
+                ->values();
+
+            $syncedCount = 0;
+            $skippedCount = 0;
+            $failureSummary = [];
+
+            foreach ($ids as $policyId) {
+                $policy = Policy::query()
+                    ->whereKey($policyId)
+                    ->where('tenant_id', $tenant->getKey())
+                    ->first();
+
+                if (! $policy) {
+                    $failureSummary[] = [
+                        'code' => 'policy.not_found',
+                        'message' => $bulkOperationService->sanitizeFailureReason("Policy {$policyId} not found"),
+                    ];
+
+                    continue;
+                }
+
+                if ($policy->ignored_at !== null) {
+                    $skippedCount++;
+
+                    continue;
+                }
+
+                try {
+                    $service->syncPolicy($tenant, $policy);
+
+                    $syncedCount++;
+                } catch (\Throwable $e) {
+                    $failureSummary[] = [
+                        'code' => 'policy.sync_failed',
+                        'message' => $bulkOperationService->sanitizeFailureReason($e->getMessage()),
+                    ];
+                }
+            }
+
+            $failureCount = count($failureSummary);
+            $outcome = match (true) {
+                $failureCount === 0 => 'succeeded',
+                $syncedCount > 0 => 'partially_succeeded',
+                default => 'failed',
+            };
+
+            if ($this->operationRun) {
+                /** @var OperationRunService $opService */
+                $opService = app(OperationRunService::class);
+                $opService->updateRun(
+                    $this->operationRun,
+                    'completed',
+                    $outcome,
+                    [
+                        'policies_total' => $ids->count(),
+                        'policies_synced' => $syncedCount,
+                        'policies_skipped' => $skippedCount,
+                        'policies_failed' => $failureCount,
+                    ],
+                    $failureSummary
+                );
+            }
+
+            return;
+        }
+
+        $supported = config('tenantpilot.supported_policy_types', []);
 
         if ($this->types !== null) {
             $supported = array_values(array_filter($supported, fn ($type) => in_array($type['type'], $this->types, true)));
         }
 
-        $service->syncPolicies($tenant, $supported);
+        $result = $service->syncPoliciesWithReport($tenant, $supported);
+        $syncedCount = count($result['synced'] ?? []);
+        $failures = $result['failures'] ?? [];
+        $failureCount = count($failures);
+
+        $outcome = match (true) {
+            $failureCount === 0 => 'succeeded',
+            $syncedCount > 0 => 'partially_succeeded',
+            default => 'failed',
+        };
+
+        $failureSummary = [];
+
+        foreach ($failures as $failure) {
+            if (! is_array($failure)) {
+                continue;
+            }
+
+            $policyType = (string) ($failure['policy_type'] ?? 'unknown');
+            $status = is_numeric($failure['status'] ?? null) ? (int) $failure['status'] : null;
+            $errors = $failure['errors'] ?? null;
+
+            $firstErrorMessage = null;
+            if (is_array($errors) && isset($errors[0]) && is_array($errors[0])) {
+                $firstErrorMessage = $errors[0]['message'] ?? null;
+            }
+
+            $message = $status !== null
+                ? "{$policyType}: Graph returned {$status}"
+                : "{$policyType}: Graph request failed";
+
+            if (is_string($firstErrorMessage) && $firstErrorMessage !== '') {
+                $message .= ' - '.trim($firstErrorMessage);
+            }
+
+            $failureSummary[] = [
+                'code' => $status !== null ? "GRAPH_HTTP_{$status}" : 'GRAPH_ERROR',
+                'message' => $bulkOperationService->sanitizeFailureReason($message),
+            ];
+        }
+
+        if ($this->operationRun) {
+            /** @var OperationRunService $opService */
+            $opService = app(OperationRunService::class);
+            $opService->updateRun(
+                $this->operationRun,
+                'completed',
+                $outcome,
+                [
+                    'policy_types_total' => count($supported),
+                    'policies_synced' => $syncedCount,
+                    'policy_types_failed' => $failureCount,
+                ],
+                $failureSummary
+            );
+        }
     }
 }
diff --git a/app/Listeners/SyncRestoreRunToOperation.php b/app/Listeners/SyncRestoreRunToOperation.php
new file mode 100644
index 0000000..54a91db
--- /dev/null
+++ b/app/Listeners/SyncRestoreRunToOperation.php
@@ -0,0 +1,81 @@
+<?php
+
+namespace App\Listeners;
+
+use App\Models\RestoreRun;
+use App\Services\OperationRunService;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Queue\InteractsWithQueue;
+
+class SyncRestoreRunToOperation implements ShouldQueue
+{
+    use InteractsWithQueue;
+
+    public function __construct(
+        protected OperationRunService $service
+    ) {}
+
+    public function handle(object $event): void
+    {
+        // We assume we might listen to Eloquent events directly via an observer or manually dispatched events.
+        // For now, let's assume we bind this to "RestoreRunCreated" and "RestoreRunUpdated" if they exist,
+        // or we treat this class as a generic handler invoked by an Observer.
+
+        // If the event itself HAS a restore run property:
+        $restoreRun = null;
+        if (property_exists($event, 'restoreRun')) {
+            $restoreRun = $event->restoreRun;
+        } elseif ($event instanceof RestoreRun) {
+            $restoreRun = $event;
+        }
+
+        if (! $restoreRun) {
+            return;
+        }
+
+        $inputs = [
+            'restore_run_id' => $restoreRun->id,
+            'backup_set_id' => $restoreRun->backup_set_id,
+        ];
+
+        // Ensure Run (Idempotent)
+        $opRun = $this->service->ensureRun(
+            tenant: $restoreRun->tenant,
+            type: 'restore.execute',
+            inputs: $inputs,
+            initiator: $restoreRun->user ?? null, // Assuming RestoreRun has user relation
+            initiatorName: $restoreRun->user->name ?? 'System'
+        );
+
+        // Map status
+        // RestoreRun status -> OperationRun status
+        $statusMap = [
+            'pending' => 'queued',
+            'queued' => 'queued',
+            'running' => 'running',
+            'completed' => 'completed',
+            'failed' => 'completed',
+            'cancelled' => 'completed',
+            'partially_succeeded' => 'completed',
+        ];
+
+        $outcomeMap = [
+            'completed' => 'succeeded',
+            'failed' => 'failed',
+            'cancelled' => 'cancelled',
+            'partially_succeeded' => 'partially_succeeded',
+        ];
+
+        $newStatus = $statusMap[$restoreRun->status] ?? 'running';
+        $newOutcome = $outcomeMap[$restoreRun->status] ?? 'pending';
+
+        $this->service->updateRun(
+            run: $opRun,
+            status: $newStatus,
+            outcome: $newOutcome,
+            // We could map counts/failures here if available on RestoreRun
+            summaryCounts: $restoreRun->summary_counts ?? [],
+            failures: $restoreRun->failures ?? []
+        );
+    }
+}
diff --git a/app/Listeners/SyncRestoreRunToOperationRun.php b/app/Listeners/SyncRestoreRunToOperationRun.php
new file mode 100644
index 0000000..d804673
--- /dev/null
+++ b/app/Listeners/SyncRestoreRunToOperationRun.php
@@ -0,0 +1,88 @@
+<?php
+
+namespace App\Listeners;
+
+use App\Models\RestoreRun;
+use App\Services\OperationRunService;
+use App\Support\RestoreRunStatus;
+
+class SyncRestoreRunToOperationRun
+{
+    public function __construct(
+        public OperationRunService $service
+    ) {}
+
+    public function handle(RestoreRun $restoreRun): void
+    {
+        $status = RestoreRunStatus::fromString($restoreRun->status);
+
+        if (! $status) {
+            return;
+        }
+
+        // Adapter row becomes visible from "previewed" onward.
+        if (! in_array($status, [
+            RestoreRunStatus::Previewed,
+            RestoreRunStatus::Pending,
+            RestoreRunStatus::Queued,
+            RestoreRunStatus::Running,
+            RestoreRunStatus::Completed,
+            RestoreRunStatus::Partial,
+            RestoreRunStatus::Failed,
+            RestoreRunStatus::Cancelled,
+            RestoreRunStatus::Aborted,
+            RestoreRunStatus::CompletedWithErrors,
+        ], true)) {
+            return;
+        }
+
+        $inputs = [
+            'restore_run_id' => (int) $restoreRun->getKey(),
+            'backup_set_id' => (int) $restoreRun->backup_set_id,
+            'is_dry_run' => (bool) ($restoreRun->is_dry_run ?? false),
+        ];
+
+        $opRun = $this->service->ensureRun(
+            tenant: $restoreRun->tenant,
+            type: 'restore.execute',
+            inputs: $inputs,
+            initiator: null
+        );
+
+        [$opStatus, $opOutcome, $failures] = $this->mapStatus($status);
+
+        $summaryCounts = [
+            'assignments_success' => $restoreRun->getSuccessfulAssignmentsCount(),
+            'assignments_failed' => $restoreRun->getFailedAssignmentsCount(),
+            'assignments_skipped' => $restoreRun->getSkippedAssignmentsCount(),
+        ];
+
+        $this->service->updateRun(
+            $opRun,
+            status: $opStatus,
+            outcome: $opOutcome,
+            summaryCounts: $summaryCounts,
+            failures: $failures
+        );
+    }
+
+    /**
+     * @return array{0: string, 1: string, 2: array<int, array{code: string, message: string}>}
+     */
+    protected function mapStatus(RestoreRunStatus $status): array
+    {
+        return match ($status) {
+            RestoreRunStatus::Previewed => ['queued', 'pending', []],
+            RestoreRunStatus::Pending => ['queued', 'pending', []],
+            RestoreRunStatus::Queued => ['queued', 'pending', []],
+            RestoreRunStatus::Running => ['running', 'pending', []],
+            RestoreRunStatus::Completed => ['completed', 'succeeded', []],
+            RestoreRunStatus::Partial, RestoreRunStatus::CompletedWithErrors => ['completed', 'partially_succeeded', []],
+            RestoreRunStatus::Failed, RestoreRunStatus::Aborted => ['completed', 'failed', []],
+            RestoreRunStatus::Cancelled => ['completed', 'failed', [
+                ['code' => 'restore.cancelled', 'message' => 'Restore run was cancelled.'],
+            ]],
+            default => ['running', 'pending', []],
+        };
+    }
+}
diff --git a/app/Livewire/BackupSetPolicyPickerTable.php b/app/Livewire/BackupSetPolicyPickerTable.php
index 02c9461..3fb2192 100644
--- a/app/Livewire/BackupSetPolicyPickerTable.php
+++ b/app/Livewire/BackupSetPolicyPickerTable.php
@@ -2,7 +2,6 @@
 
 namespace App\Livewire;
 
-use App\Filament\Resources\BulkOperationRunResource;
 use App\Jobs\AddPoliciesToBackupSetJob;
 use App\Models\BackupSet;
 use App\Models\BulkOperationRun;
@@ -10,6 +9,8 @@
 use App\Models\Tenant;
 use App\Models\User;
 use App\Services\BulkOperationService;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
 use App\Support\RunIdempotency;
 use Filament\Actions\BulkAction;
 use Filament\Notifications\Notification;
@@ -277,6 +278,40 @@ public function table(Table $table): Table
                             ],
                         );
 
+                        // --- Phase 3: Canonical Operation Run Start ---
+                        /** @var OperationRunService $opService */
+                        $opService = app(OperationRunService::class);
+                        $opRun = $opService->ensureRun(
+                            tenant: $tenant,
+                            type: 'backup_set.add_policies',
+                            inputs: [
+                                'backup_set_id' => $backupSet->id,
+                                'policy_ids' => $policyIds,
+                                'options' => [
+                                    'include_assignments' => (bool) $this->include_assignments,
+                                    'include_scope_tags' => (bool) $this->include_scope_tags,
+                                    'include_foundations' => (bool) $this->include_foundations,
+                                ],
+                            ],
+                            initiator: $user
+                        );
+
+                        if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'])) {
+                            Notification::make()
+                                ->title('Add policies already queued')
+                                ->body('A matching run is already queued or running. Open the run to monitor progress.')
+                                ->actions([
+                                    \Filament\Actions\Action::make('view_run')
+                                        ->label('View run')
+                                        ->url(OperationRunLinks::view($opRun, $tenant)),
+                                ])
+                                ->info()
+                                ->send();
+
+                            return;
+                        }
+                        // ----------------------------------------------
+
                         $existingRun = RunIdempotency::findActiveBulkOperationRun(
                             tenantId: (int) $tenant->getKey(),
                             idempotencyKey: $idempotencyKey,
@@ -289,7 +324,7 @@ public function table(Table $table): Table
                                 ->actions([
                                     \Filament\Actions\Action::make('view_run')
                                         ->label('View run')
-                                        ->url(BulkOperationRunResource::getUrl('view', ['record' => $existingRun], tenant: $tenant)),
+                                        ->url(OperationRunLinks::view($opRun, $tenant)),
                                 ])
                                 ->info()
                                 ->send();
@@ -331,7 +366,7 @@ public function table(Table $table): Table
                                         ->actions([
                                             \Filament\Actions\Action::make('view_run')
                                                 ->label('View run')
-                                                ->url(BulkOperationRunResource::getUrl('view', ['record' => $existingRun], tenant: $tenant)),
+                                                ->url(OperationRunLinks::view($opRun, $tenant)),
                                         ])
                                         ->info()
                                         ->send();
@@ -343,13 +378,18 @@ public function table(Table $table): Table
                             throw $exception;
                         }
 
-                        AddPoliciesToBackupSetJob::dispatch(
-                            bulkRunId: (int) $run->getKey(),
-                            backupSetId: (int) $backupSet->getKey(),
-                            includeAssignments: (bool) $this->include_assignments,
-                            includeScopeTags: (bool) $this->include_scope_tags,
-                            includeFoundations: (bool) $this->include_foundations,
-                        );
+                        /** @var OperationRunService $opService */
+                        $opService = app(OperationRunService::class);
+                        $opService->dispatchOrFail($opRun, function () use ($run, $backupSet, $opRun): void {
+                            AddPoliciesToBackupSetJob::dispatch(
+                                bulkRunId: (int) $run->getKey(),
+                                backupSetId: (int) $backupSet->getKey(),
+                                includeAssignments: (bool) $this->include_assignments,
+                                includeScopeTags: (bool) $this->include_scope_tags,
+                                includeFoundations: (bool) $this->include_foundations,
+                                operationRun: $opRun
+                            );
+                        });
 
                         $notificationTitle = $this->include_foundations
                             ? 'Backup items queued'
@@ -361,13 +401,16 @@ public function table(Table $table): Table
                             ->actions([
                                 \Filament\Actions\Action::make('view_run')
                                     ->label('View run')
-                                    ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                                    ->url(OperationRunLinks::view($opRun, $tenant)),
                             ])
                             ->success()
                             ->sendToDatabase($user)
                             ->send();
 
                         $this->resetTable();
+
+                        $this->dispatch('backup-set-policy-picker:close')
+                            ->to(\App\Filament\Resources\BackupSetResource\RelationManagers\BackupItemsRelationManager::class);
                     }),
             ]);
     }
diff --git a/app/Livewire/Monitoring/OperationsDetail.php b/app/Livewire/Monitoring/OperationsDetail.php
new file mode 100644
index 0000000..3eefda5
--- /dev/null
+++ b/app/Livewire/Monitoring/OperationsDetail.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Livewire\Monitoring;
+
+use App\Models\OperationRun;
+use Filament\Forms\Concerns\InteractsWithForms;
+use Filament\Forms\Contracts\HasForms;
+use Illuminate\Contracts\View\View;
+use Livewire\Component;
+
+class OperationsDetail extends Component implements HasForms
+{
+    use InteractsWithForms;
+
+    public OperationRun $run;
+
+    public function mount(OperationRun $run): void
+    {
+        // Ensure tenant scope
+        abort_unless($run->tenant_id === filament()->getTenant()->id, 403);
+        $this->run = $run;
+    }
+
+    public function render(): View
+    {
+        return view('livewire.monitoring.operations-detail');
+    }
+}
diff --git a/app/Models/OperationRun.php b/app/Models/OperationRun.php
new file mode 100644
index 0000000..1195430
--- /dev/null
+++ b/app/Models/OperationRun.php
@@ -0,0 +1,38 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+
+class OperationRun extends Model
+{
+    use HasFactory;
+
+    protected $guarded = [];
+
+    protected $casts = [
+        'summary_counts' => 'array',
+        'failure_summary' => 'array',
+        'context' => 'array',
+        'started_at' => 'datetime',
+        'completed_at' => 'datetime',
+    ];
+
+    public function tenant(): BelongsTo
+    {
+        return $this->belongsTo(Tenant::class);
+    }
+
+    public function user(): BelongsTo
+    {
+        return $this->belongsTo(User::class);
+    }
+
+    public function scopeActive(Builder $query): Builder
+    {
+        return $query->whereIn('status', ['queued', 'running']);
+    }
+}
diff --git a/app/Notifications/OperationRunCompleted.php b/app/Notifications/OperationRunCompleted.php
new file mode 100644
index 0000000..c249a9a
--- /dev/null
+++ b/app/Notifications/OperationRunCompleted.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Notifications;
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Support\OperationRunLinks;
+use Filament\Notifications\Notification as FilamentNotification;
+use Illuminate\Bus\Queueable;
+use Illuminate\Notifications\Notification;
+
+class OperationRunCompleted extends Notification
+{
+    use Queueable;
+
+    public function __construct(
+        public OperationRun $run
+    ) {}
+
+    public function via(object $notifiable): array
+    {
+        return ['database'];
+    }
+
+    public function toDatabase(object $notifiable): array
+    {
+        $tenant = $this->run->tenant;
+
+        $status = match ((string) $this->run->outcome) {
+            'succeeded' => 'success',
+            'partially_succeeded' => 'warning',
+            default => 'danger',
+        };
+
+        return FilamentNotification::make()
+            ->title('Operation completed')
+            ->body("{$this->run->type} ({$this->run->outcome})")
+            ->status($status)
+            ->actions([
+                \Filament\Actions\Action::make('view')
+                    ->label('View run')
+                    ->url($tenant instanceof Tenant ? OperationRunLinks::view($this->run, $tenant) : null),
+            ])
+            ->getDatabaseMessage();
+    }
+}
diff --git a/app/Notifications/OperationRunQueued.php b/app/Notifications/OperationRunQueued.php
new file mode 100644
index 0000000..5e78c84
--- /dev/null
+++ b/app/Notifications/OperationRunQueued.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Notifications;
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Support\OperationRunLinks;
+use Filament\Notifications\Notification as FilamentNotification;
+use Illuminate\Bus\Queueable;
+use Illuminate\Notifications\Notification;
+
+class OperationRunQueued extends Notification
+{
+    use Queueable;
+
+    public function __construct(
+        public OperationRun $run
+    ) {}
+
+    /**
+     * @return array<int, string>
+     */
+    public function via(object $notifiable): array
+    {
+        return ['database'];
+    }
+
+    /**
+     * @return array<string, mixed>
+     */
+    public function toDatabase(object $notifiable): array
+    {
+        $tenant = $this->run->tenant;
+
+        return FilamentNotification::make()
+            ->title('Operation queued')
+            ->body($this->run->type)
+            ->info()
+            ->actions([
+                \Filament\Actions\Action::make('view_run')
+                    ->label('View run')
+                    ->url($tenant instanceof Tenant ? OperationRunLinks::view($this->run, $tenant) : null),
+            ])
+            ->getDatabaseMessage();
+    }
+}
diff --git a/app/Observers/RestoreRunObserver.php b/app/Observers/RestoreRunObserver.php
new file mode 100644
index 0000000..7803fc4
--- /dev/null
+++ b/app/Observers/RestoreRunObserver.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Observers;
+
+use App\Listeners\SyncRestoreRunToOperationRun;
+use App\Models\RestoreRun;
+
+class RestoreRunObserver
+{
+    /**
+     * Handle the RestoreRun "created" event.
+     */
+    public function created(RestoreRun $restoreRun): void
+    {
+        $this->sync($restoreRun);
+    }
+
+    /**
+     * Handle the RestoreRun "updated" event.
+     */
+    public function updated(RestoreRun $restoreRun): void
+    {
+        $this->sync($restoreRun);
+    }
+
+    protected function sync(RestoreRun $restoreRun): void
+    {
+        /** @var SyncRestoreRunToOperationRun $syncer */
+        $syncer = app(SyncRestoreRunToOperationRun::class);
+        $syncer->handle($restoreRun);
+    }
+}
diff --git a/app/Policies/OperationRunPolicy.php b/app/Policies/OperationRunPolicy.php
new file mode 100644
index 0000000..0e1e400
--- /dev/null
+++ b/app/Policies/OperationRunPolicy.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class OperationRunPolicy
+{
+    use HandlesAuthorization;
+
+    public function viewAny(User $user): bool
+    {
+        $tenant = Tenant::current();
+
+        if (! $tenant) {
+            return false;
+        }
+
+        return $user->canAccessTenant($tenant);
+    }
+
+    public function view(User $user, OperationRun $run): bool
+    {
+        $tenant = Tenant::current();
+
+        if (! $tenant) {
+            return false;
+        }
+
+        if (! $user->canAccessTenant($tenant)) {
+            return false;
+        }
+
+        return (int) $run->tenant_id === (int) $tenant->getKey();
+    }
+}
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index 614b232..5a7cae0 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -7,14 +7,18 @@
 use App\Models\EntraGroup;
 use App\Models\EntraGroupSyncRun;
 use App\Models\Finding;
+use App\Models\OperationRun;
+use App\Models\RestoreRun;
 use App\Models\Tenant;
 use App\Models\User;
 use App\Models\UserTenantPreference;
+use App\Observers\RestoreRunObserver;
 use App\Policies\BackupSchedulePolicy;
 use App\Policies\BulkOperationRunPolicy;
 use App\Policies\EntraGroupPolicy;
 use App\Policies\EntraGroupSyncRunPolicy;
 use App\Policies\FindingPolicy;
+use App\Policies\OperationRunPolicy;
 use App\Services\Graph\GraphClientInterface;
 use App\Services\Graph\MicrosoftGraphClient;
 use App\Services\Graph\NullGraphClient;
@@ -83,6 +87,8 @@ public function register(): void
      */
     public function boot(): void
     {
+        RestoreRun::observe(RestoreRunObserver::class);
+
         Event::listen(TenantSet::class, function (TenantSet $event): void {
             static $hasPreferencesTable;
 
@@ -119,5 +125,6 @@ public function boot(): void
         Gate::policy(Finding::class, FindingPolicy::class);
         Gate::policy(EntraGroupSyncRun::class, EntraGroupSyncRunPolicy::class);
         Gate::policy(EntraGroup::class, EntraGroupPolicy::class);
+        Gate::policy(OperationRun::class, OperationRunPolicy::class);
     }
 }
diff --git a/app/Providers/Filament/AdminPanelProvider.php b/app/Providers/Filament/AdminPanelProvider.php
index 351d2bd..9d90f61 100644
--- a/app/Providers/Filament/AdminPanelProvider.php
+++ b/app/Providers/Filament/AdminPanelProvider.php
@@ -40,7 +40,9 @@ public function panel(Panel $panel): Panel
             ])
             ->renderHook(
                 PanelsRenderHook::BODY_END,
-                fn () => view('livewire.bulk-operation-progress-wrapper')->render()
+                fn () => (bool) config('tenantpilot.bulk_operations.progress_widget_enabled', true)
+                    ? view('livewire.bulk-operation-progress-wrapper')->render()
+                    : ''
             )
             ->discoverResources(in: app_path('Filament/Resources'), for: 'App\Filament\Resources')
             ->discoverPages(in: app_path('Filament/Pages'), for: 'App\Filament\Pages')
diff --git a/app/Services/OperationRunService.php b/app/Services/OperationRunService.php
new file mode 100644
index 0000000..7c68c1b
--- /dev/null
+++ b/app/Services/OperationRunService.php
@@ -0,0 +1,282 @@
+<?php
+
+namespace App\Services;
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Models\User;
+use App\Notifications\OperationRunCompleted as OperationRunCompletedNotification;
+use App\Notifications\OperationRunQueued as OperationRunQueuedNotification;
+use App\Support\OperationRunOutcome;
+use App\Support\OperationRunStatus;
+use Illuminate\Database\QueryException;
+use InvalidArgumentException;
+use Throwable;
+
+class OperationRunService
+{
+    public function ensureRun(
+        Tenant $tenant,
+        string $type,
+        array $inputs,
+        ?User $initiator = null
+    ): OperationRun {
+        $hash = $this->calculateHash($tenant->id, $type, $inputs);
+
+        // Idempotency Check (Fast Path)
+        // We check specific status to match the partial unique index
+        $existing = OperationRun::query()
+            ->where('tenant_id', $tenant->id)
+            ->where('run_identity_hash', $hash)
+            ->whereIn('status', OperationRunStatus::values())
+            ->where('status', '!=', OperationRunStatus::Completed->value)
+            ->first();
+
+        if ($existing) {
+            return $existing;
+        }
+
+        // Create new run (race-safe via partial unique index)
+        try {
+            return OperationRun::create([
+                'tenant_id' => $tenant->id,
+                'user_id' => $initiator?->id,
+                'initiator_name' => $initiator?->name ?? 'System',
+                'type' => $type,
+                'status' => OperationRunStatus::Queued->value,
+                'outcome' => OperationRunOutcome::Pending->value,
+                'run_identity_hash' => $hash,
+                'context' => $inputs,
+            ]);
+        } catch (QueryException $e) {
+            // Unique violation (active-run dedupe):
+            // - PostgreSQL: 23505
+            // - SQLite (tests): 23000 (generic integrity violation; message indicates UNIQUE constraint failed)
+            if (! in_array(($e->errorInfo[0] ?? null), ['23505', '23000'], true)) {
+                throw $e;
+            }
+
+            $existing = OperationRun::query()
+                ->where('tenant_id', $tenant->id)
+                ->where('run_identity_hash', $hash)
+                ->whereIn('status', [OperationRunStatus::Queued->value, OperationRunStatus::Running->value])
+                ->first();
+
+            if ($existing) {
+                return $existing;
+            }
+
+            throw $e;
+        }
+    }
+
+    public function updateRun(
+        OperationRun $run,
+        string $status,
+        ?string $outcome = null,
+        array $summaryCounts = [],
+        array $failures = []
+    ): OperationRun {
+        $previousStatus = (string) $run->status;
+
+        if (! in_array($status, OperationRunStatus::values(), true)) {
+            throw new InvalidArgumentException('Invalid OperationRun status: '.$status);
+        }
+
+        if ($outcome !== null) {
+            if (! in_array($outcome, OperationRunOutcome::values(), true)) {
+                throw new InvalidArgumentException('Invalid OperationRun outcome: '.$outcome);
+            }
+
+            // Reserved/future: MUST NOT be produced by feature 054.
+            if ($outcome === OperationRunOutcome::Cancelled->value) {
+                $outcome = OperationRunOutcome::Failed->value;
+                $failures[] = [
+                    'code' => 'run.cancelled',
+                    'message' => 'Run cancelled (reserved outcome mapped to failed).',
+                ];
+            }
+        }
+
+        $updateData = [
+            'status' => $status,
+        ];
+
+        if ($outcome) {
+            $updateData['outcome'] = $outcome;
+        }
+
+        if (! empty($summaryCounts)) {
+            $updateData['summary_counts'] = $summaryCounts;
+        }
+
+        if (! empty($failures)) {
+            $updateData['failure_summary'] = $this->sanitizeFailures($failures);
+        }
+
+        if ($status === OperationRunStatus::Running->value && is_null($run->started_at)) {
+            $updateData['started_at'] = now();
+        }
+
+        if ($status === OperationRunStatus::Completed->value && is_null($run->completed_at)) {
+            $updateData['completed_at'] = now();
+        }
+
+        $run->update($updateData);
+
+        $run->refresh();
+
+        if ($previousStatus !== OperationRunStatus::Completed->value
+            && $run->status === OperationRunStatus::Completed->value
+            && $run->user instanceof User
+        ) {
+            $run->user->notify(new OperationRunCompletedNotification($run));
+        }
+
+        return $run;
+    }
+
+    /**
+     * Dispatch a queued operation safely.
+     *
+     * If dispatch fails synchronously (misconfiguration, serialization errors, etc.),
+     * the OperationRun is marked terminal failed so we do not leave a misleading queued run behind.
+     */
+    public function dispatchOrFail(OperationRun $run, callable $dispatcher, bool $emitQueuedNotification = true): void
+    {
+        try {
+            $dispatcher();
+
+            if ($emitQueuedNotification && $run->wasRecentlyCreated && $run->user instanceof User) {
+                $run->user->notify(new OperationRunQueuedNotification($run));
+            }
+        } catch (Throwable $e) {
+            $this->updateRun(
+                $run,
+                status: OperationRunStatus::Completed->value,
+                outcome: OperationRunOutcome::Failed->value,
+                failures: [
+                    [
+                        'code' => 'dispatch.failed',
+                        'message' => $e->getMessage(),
+                    ],
+                ],
+            );
+
+            throw $e;
+        }
+    }
+
+    public function failRun(OperationRun $run, Throwable $e): OperationRun
+    {
+        return $this->updateRun(
+            $run,
+            status: OperationRunStatus::Completed->value,
+            outcome: OperationRunOutcome::Failed->value,
+            failures: [
+                [
+                    'code' => 'exception.unhandled',
+                    'message' => $e->getMessage(),
+                ],
+            ]
+        );
+    }
+
+    protected function calculateHash(int $tenantId, string $type, array $inputs): string
+    {
+        $normalizedInputs = $this->normalizeInputs($inputs);
+
+        $json = json_encode($normalizedInputs, JSON_THROW_ON_ERROR | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+
+        return hash('sha256', $tenantId.'|'.$type.'|'.$json);
+    }
+
+    /**
+     * Normalize inputs for stable identity hashing.
+     *
+     * - Associative arrays: sorted by key.
+     * - Lists: elements normalized and then sorted by a stable JSON representation.
+     */
+    protected function normalizeInputs(array $value): array
+    {
+        if ($this->isListArray($value)) {
+            $items = array_map(function ($item) {
+                return is_array($item) ? $this->normalizeInputs($item) : $item;
+            }, $value);
+
+            usort($items, function ($a, $b): int {
+                $aJson = json_encode($a, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+                $bJson = json_encode($b, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+
+                return strcmp((string) $aJson, (string) $bJson);
+            });
+
+            return array_values($items);
+        }
+
+        ksort($value);
+
+        foreach ($value as $key => $item) {
+            if (is_array($item)) {
+                $value[$key] = $this->normalizeInputs($item);
+            }
+        }
+
+        return $value;
+    }
+
+    protected function isListArray(array $array): bool
+    {
+        if ($array === []) {
+            return true;
+        }
+
+        return array_keys($array) === range(0, count($array) - 1);
+    }
+
+    /**
+     * @param  array<int, array{code?: mixed, message?: mixed}>  $failures
+     * @return array<int, array{code: string, message: string}>
+     */
+    protected function sanitizeFailures(array $failures): array
+    {
+        $sanitized = [];
+
+        foreach ($failures as $failure) {
+            $code = (string) ($failure['code'] ?? 'unknown');
+            $message = (string) ($failure['message'] ?? '');
+
+            $sanitized[] = [
+                'code' => $this->sanitizeFailureCode($code),
+                'message' => $this->sanitizeMessage($message),
+            ];
+        }
+
+        return $sanitized;
+    }
+
+    protected function sanitizeFailureCode(string $code): string
+    {
+        $code = strtolower(trim($code));
+
+        if ($code === '') {
+            return 'unknown';
+        }
+
+        return substr($code, 0, 80);
+    }
+
+    protected function sanitizeMessage(string $message): string
+    {
+        $message = trim(str_replace(["\r", "\n"], ' ', $message));
+
+        // Redact obvious bearer tokens / secrets.
+        $message = preg_replace('/\bBearer\s+[A-Za-z0-9\-\._~\+\/]+=*\b/i', 'Bearer [REDACTED]', $message) ?? $message;
+        $message = preg_replace('/\b(access_token|refresh_token|client_secret|password)\s*[:=]\s*[^\s]+/i', '$1=[REDACTED]', $message) ?? $message;
+
+        // Redact long opaque blobs that look token-like.
+        $message = preg_replace('/\b[A-Za-z0-9\-\._~\+\/]{64,}\b/', '[REDACTED]', $message) ?? $message;
+
+        return substr($message, 0, 500);
+    }
+}
diff --git a/app/Support/OperationRunLinks.php b/app/Support/OperationRunLinks.php
new file mode 100644
index 0000000..622642a
--- /dev/null
+++ b/app/Support/OperationRunLinks.php
@@ -0,0 +1,84 @@
+<?php
+
+namespace App\Support;
+
+use App\Filament\Pages\DriftLanding;
+use App\Filament\Pages\InventoryLanding;
+use App\Filament\Resources\BackupScheduleResource;
+use App\Filament\Resources\BackupSetResource;
+use App\Filament\Resources\EntraGroupResource;
+use App\Filament\Resources\OperationRunResource;
+use App\Filament\Resources\PolicyResource;
+use App\Filament\Resources\RestoreRunResource;
+use App\Models\OperationRun;
+use App\Models\Tenant;
+
+final class OperationRunLinks
+{
+    public static function index(Tenant $tenant): string
+    {
+        return OperationRunResource::getUrl('index', tenant: $tenant);
+    }
+
+    public static function view(OperationRun|int $run, Tenant $tenant): string
+    {
+        return OperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant);
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public static function related(OperationRun $run, Tenant $tenant): array
+    {
+        $context = is_array($run->context) ? $run->context : [];
+
+        $links = [];
+
+        $links['Operations'] = self::index($tenant);
+
+        if ($run->type === 'inventory.sync') {
+            $links['Inventory'] = InventoryLanding::getUrl(tenant: $tenant);
+        }
+
+        if (in_array($run->type, ['policy.sync', 'policy.sync_one'], true)) {
+            $links['Policies'] = PolicyResource::getUrl('index', tenant: $tenant);
+
+            $policyId = $context['policy_id'] ?? null;
+            if (is_numeric($policyId)) {
+                $links['Policy'] = PolicyResource::getUrl('view', ['record' => (int) $policyId], tenant: $tenant);
+            }
+        }
+
+        if ($run->type === 'directory_groups.sync') {
+            $links['Directory Groups'] = EntraGroupResource::getUrl('index', tenant: $tenant);
+        }
+
+        if ($run->type === 'drift.generate') {
+            $links['Drift'] = DriftLanding::getUrl(tenant: $tenant);
+        }
+
+        if (in_array($run->type, ['backup_set.add_policies', 'backup_set.remove_policies'], true)) {
+            $links['Backup Sets'] = BackupSetResource::getUrl('index', tenant: $tenant);
+
+            $backupSetId = $context['backup_set_id'] ?? null;
+            if (is_numeric($backupSetId)) {
+                $links['Backup Set'] = BackupSetResource::getUrl('view', ['record' => (int) $backupSetId], tenant: $tenant);
+            }
+        }
+
+        if (in_array($run->type, ['backup_schedule.run_now', 'backup_schedule.retry'], true)) {
+            $links['Backup Schedules'] = BackupScheduleResource::getUrl('index', tenant: $tenant);
+        }
+
+        if ($run->type === 'restore.execute') {
+            $links['Restore Runs'] = RestoreRunResource::getUrl('index', tenant: $tenant);
+
+            $restoreRunId = $context['restore_run_id'] ?? null;
+            if (is_numeric($restoreRunId)) {
+                $links['Restore Run'] = RestoreRunResource::getUrl('view', ['record' => (int) $restoreRunId], tenant: $tenant);
+            }
+        }
+
+        return array_filter($links, static fn (?string $url): bool => is_string($url) && $url !== '');
+    }
+}
diff --git a/app/Support/OperationRunOutcome.php b/app/Support/OperationRunOutcome.php
new file mode 100644
index 0000000..951b0a3
--- /dev/null
+++ b/app/Support/OperationRunOutcome.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Support;
+
+enum OperationRunOutcome: string
+{
+    case Pending = 'pending';
+    case Succeeded = 'succeeded';
+    case PartiallySucceeded = 'partially_succeeded';
+    case Failed = 'failed';
+
+    /**
+     * Reserved for future use. MUST NOT be produced by feature 054.
+     */
+    case Cancelled = 'cancelled';
+
+    public static function values(bool $includeReserved = true): array
+    {
+        $cases = self::cases();
+
+        if (! $includeReserved) {
+            $cases = array_filter($cases, static fn (self $case): bool => $case !== self::Cancelled);
+        }
+
+        return array_map(static fn (self $case): string => $case->value, $cases);
+    }
+
+    public static function uiLabels(bool $includeReserved = false): array
+    {
+        $labels = [
+            self::Pending->value => 'Pending',
+            self::Succeeded->value => 'Succeeded',
+            self::PartiallySucceeded->value => 'Partially succeeded',
+            self::Failed->value => 'Failed',
+        ];
+
+        if ($includeReserved) {
+            $labels[self::Cancelled->value] = 'Cancelled';
+        }
+
+        return $labels;
+    }
+}
diff --git a/app/Support/OperationRunStatus.php b/app/Support/OperationRunStatus.php
new file mode 100644
index 0000000..c8c2e5e
--- /dev/null
+++ b/app/Support/OperationRunStatus.php
@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Support;
+
+enum OperationRunStatus: string
+{
+    case Queued = 'queued';
+    case Running = 'running';
+    case Completed = 'completed';
+
+    public static function values(): array
+    {
+        return array_map(static fn (self $case): string => $case->value, self::cases());
+    }
+}
diff --git a/app/Support/OperationRunType.php b/app/Support/OperationRunType.php
new file mode 100644
index 0000000..c2f2467
--- /dev/null
+++ b/app/Support/OperationRunType.php
@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Support;
+
+enum OperationRunType: string
+{
+    case InventorySync = 'inventory.sync';
+    case PolicySync = 'policy.sync';
+    case PolicySyncOne = 'policy.sync_one';
+    case DirectoryGroupsSync = 'directory_groups.sync';
+    case DriftGenerate = 'drift.generate';
+    case BackupSetAddPolicies = 'backup_set.add_policies';
+    case BackupSetRemovePolicies = 'backup_set.remove_policies';
+    case BackupScheduleRunNow = 'backup_schedule.run_now';
+    case BackupScheduleRetry = 'backup_schedule.retry';
+    case RestoreExecute = 'restore.execute';
+
+    public static function values(): array
+    {
+        return array_map(static fn (self $case): string => $case->value, self::cases());
+    }
+}
diff --git a/config/tenantpilot.php b/config/tenantpilot.php
index 1a14ee0..23cef34 100644
--- a/config/tenantpilot.php
+++ b/config/tenantpilot.php
@@ -318,6 +318,8 @@
     'bulk_operations' => [
         'chunk_size' => (int) env('TENANTPILOT_BULK_CHUNK_SIZE', 10),
         'poll_interval_seconds' => (int) env('TENANTPILOT_BULK_POLL_INTERVAL_SECONDS', 3),
+        'recent_finished_seconds' => (int) env('TENANTPILOT_BULK_RECENT_FINISHED_SECONDS', 12),
+        'progress_widget_enabled' => (bool) env('TENANTPILOT_BULK_PROGRESS_WIDGET_ENABLED', true),
     ],
 
     'inventory_sync' => [
diff --git a/database/factories/OperationRunFactory.php b/database/factories/OperationRunFactory.php
new file mode 100644
index 0000000..c43d725
--- /dev/null
+++ b/database/factories/OperationRunFactory.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace Database\Factories;
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Models\User;
+use App\Support\OperationRunOutcome;
+use App\Support\OperationRunStatus;
+use App\Support\OperationRunType;
+use Illuminate\Database\Eloquent\Factories\Factory;
+
+/**
+ * @extends Factory<OperationRun>
+ */
+class OperationRunFactory extends Factory
+{
+    protected $model = OperationRun::class;
+
+    public function definition(): array
+    {
+        return [
+            'tenant_id' => Tenant::factory(),
+            'user_id' => User::factory(),
+            'initiator_name' => fake()->name(),
+            'type' => fake()->randomElement(OperationRunType::values()),
+            'status' => OperationRunStatus::Queued->value,
+            'outcome' => OperationRunOutcome::Pending->value,
+            'run_identity_hash' => fake()->sha256(),
+            'summary_counts' => [],
+            'failure_summary' => [],
+            'context' => [],
+            'started_at' => null,
+            'completed_at' => null,
+        ];
+    }
+}
diff --git a/database/migrations/2026_01_16_180642_create_operation_runs_table.php b/database/migrations/2026_01_16_180642_create_operation_runs_table.php
new file mode 100644
index 0000000..880db59
--- /dev/null
+++ b/database/migrations/2026_01_16_180642_create_operation_runs_table.php
@@ -0,0 +1,46 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('operation_runs', function (Blueprint $table) {
+            $table->id();
+            $table->foreignId('tenant_id')->constrained()->cascadeOnDelete();
+            $table->foreignId('user_id')->nullable()->constrained()->nullOnDelete();
+            $table->string('initiator_name');
+            $table->string('type');
+            $table->string('status');
+            $table->string('outcome')->default('pending');
+            $table->string('run_identity_hash');
+            $table->jsonb('summary_counts')->default('{}');
+            $table->jsonb('failure_summary')->default('[]');
+            $table->jsonb('context')->default('{}');
+            $table->timestamp('started_at')->nullable();
+            $table->timestamp('completed_at')->nullable();
+            $table->timestamps();
+
+            $table->index(['tenant_id', 'type', 'created_at']);
+            $table->index(['tenant_id', 'created_at']);
+        });
+
+        // Partial unique index for idempotency
+        DB::statement("CREATE UNIQUE INDEX operation_runs_active_unique ON operation_runs (tenant_id, run_identity_hash) WHERE status IN ('queued', 'running')");
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('operation_runs');
+    }
+};
diff --git a/resources/views/filament/pages/drift-landing.blade.php b/resources/views/filament/pages/drift-landing.blade.php
index d1703ed..f1e74aa 100644
--- a/resources/views/filament/pages/drift-landing.blade.php
+++ b/resources/views/filament/pages/drift-landing.blade.php
@@ -54,10 +54,10 @@
                     Drift generation has been queued. Refresh this page once it finishes.
                 </div>
 
-                @if ($this->getBulkRunUrl())
+                @if ($this->getOperationRunUrl())
                     <div class="text-sm">
-                        <a class="text-primary-600 hover:underline" href="{{ $this->getBulkRunUrl() }}">
-                            View run #{{ $bulkOperationRunId }}
+                        <a class="text-primary-600 hover:underline" href="{{ $this->getOperationRunUrl() }}">
+                            View run #{{ $operationRunId }}
                         </a>
                     </div>
                 @endif
@@ -72,10 +72,10 @@
                     </div>
                 @endif
 
-                @if ($this->getBulkRunUrl())
+                @if ($this->getOperationRunUrl())
                     <div class="text-sm">
-                        <a class="text-primary-600 hover:underline" href="{{ $this->getBulkRunUrl() }}">
-                            View run #{{ $bulkOperationRunId }}
+                        <a class="text-primary-600 hover:underline" href="{{ $this->getOperationRunUrl() }}">
+                            View run #{{ $operationRunId }}
                         </a>
                     </div>
                 @endif
diff --git a/resources/views/filament/pages/monitoring/operations.blade.php b/resources/views/filament/pages/monitoring/operations.blade.php
new file mode 100644
index 0000000..ce096a2
--- /dev/null
+++ b/resources/views/filament/pages/monitoring/operations.blade.php
@@ -0,0 +1,3 @@
+<x-filament-panels::page>
+    {{ $this->table }}
+</x-filament-panels::page>
diff --git a/resources/views/livewire/bulk-operation-progress.blade.php b/resources/views/livewire/bulk-operation-progress.blade.php
index 864d872..f74e5d4 100644
--- a/resources/views/livewire/bulk-operation-progress.blade.php
+++ b/resources/views/livewire/bulk-operation-progress.blade.php
@@ -1,4 +1,7 @@
-<div wire:poll.{{ $pollSeconds }}s="loadRuns">
+@php($runs = $runs ?? collect())
+@php($interval = $runs->isEmpty() ? max((int) $pollSeconds, 10) : (int) $pollSeconds)
+
+<div wire:poll.{{ $interval }}s="loadRuns">
     <!-- Bulk Operation Progress Component: {{ $runs->count() }} active runs -->
     @if($runs->isNotEmpty())
         <div class="fixed bottom-4 right-4 z-[999999] w-96 space-y-2" style="pointer-events: auto;">
diff --git a/resources/views/livewire/monitoring/operations-detail.blade.php b/resources/views/livewire/monitoring/operations-detail.blade.php
new file mode 100644
index 0000000..aebedd5
--- /dev/null
+++ b/resources/views/livewire/monitoring/operations-detail.blade.php
@@ -0,0 +1,60 @@
+<div class="space-y-6">
+    <div class="grid grid-cols-1 md:grid-cols-2 gap-4">
+        <div class="bg-white p-4 rounded shadow">
+            <h3 class="font-bold text-lg mb-2">Summary</h3>
+            <dl class="grid grid-cols-2 gap-x-4 gap-y-2">
+                <dt class="text-gray-600">Type:</dt>
+                <dd>{{ $run->type }}</dd>
+                
+                <dt class="text-gray-600">Status:</dt>
+                <dd>{{ $run->status }}</dd>
+
+                <dt class="text-gray-600">Outcome:</dt>
+                <dd>{{ $run->outcome }}</dd>
+
+                <dt class="text-gray-600">Initiator:</dt>
+                <dd>{{ $run->initiator_name }}</dd>
+            </dl>
+        </div>
+
+        <div class="bg-white p-4 rounded shadow">
+            <h3 class="font-bold text-lg mb-2">Timing</h3>
+            <dl class="grid grid-cols-2 gap-x-4 gap-y-2">
+                <dt class="text-gray-600">Created:</dt>
+                <dd>{{ $run->created_at }}</dd>
+
+                <dt class="text-gray-600">Started:</dt>
+                <dd>{{ $run->started_at ?? '-' }}</dd>
+
+                <dt class="text-gray-600">Completed:</dt>
+                <dd>{{ $run->completed_at ?? '-' }}</dd>
+            </dl>
+        </div>
+    </div>
+
+    @if(!empty($run->summary_counts))
+    <div class="bg-white p-4 rounded shadow">
+        <h3 class="font-bold text-lg mb-2">Counts</h3>
+        <pre class="bg-gray-100 p-2 rounded text-sm overflow-auto">{{ json_encode($run->summary_counts, JSON_PRETTY_PRINT) }}</pre>
+    </div>
+    @endif
+
+    @if(!empty($run->failure_summary))
+    <div class="bg-white p-4 rounded shadow border-l-4 border-red-500">
+        <h3 class="font-bold text-lg mb-2 text-red-700">Failures</h3>
+        <div class="space-y-2">
+            @foreach($run->failure_summary as $failure)
+                <div class="bg-red-50 p-2 rounded">
+                    <div class="font-mono text-xs text-red-800">{{ $failure['code'] ?? 'UNKNOWN' }}</div>
+                    <div class="text-sm text-red-900">{{ $failure['message'] ?? 'Unknown error' }}</div>
+                </div>
+            @endforeach
+        </div>
+    </div>
+    @endif
+
+    <div class="bg-white p-4 rounded shadow">
+        <h3 class="font-bold text-lg mb-2">Context</h3>
+        <pre class="bg-gray-100 p-2 rounded text-sm overflow-auto">{{ json_encode($run->context, JSON_PRETTY_PRINT) }}</pre>
+    </div>
+</div>
diff --git a/routes/console.php b/routes/console.php
index 49eb3f5..de19a60 100644
--- a/routes/console.php
+++ b/routes/console.php
@@ -1,5 +1,6 @@
 <?php
 
+use App\Jobs\PruneOldOperationRunsJob;
 use Illuminate\Foundation\Inspiring;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\Schedule;
@@ -10,3 +11,8 @@
 
 Schedule::command('tenantpilot:schedules:dispatch')->everyMinute();
 Schedule::command('tenantpilot:directory-groups:dispatch')->everyMinute();
+
+Schedule::job(new PruneOldOperationRunsJob)
+    ->daily()
+    ->name(PruneOldOperationRunsJob::class)
+    ->withoutOverlapping();
diff --git a/specs/046-inventory-sync-button/research.md b/specs/046-inventory-sync-button/research.md
index f9ca3eb..f95f247 100644
--- a/specs/046-inventory-sync-button/research.md
+++ b/specs/046-inventory-sync-button/research.md
@@ -54,7 +54,7 @@ ### Decision: Default selection = “full inventory”
 
 ### Decision: Attribute initiator on run record and audit trail
 - **Chosen**: Store initiator identity on `InventorySyncRun` and also emit an audit record.
-- **Rationale**: Improves traceability and aligns with constitution principle “Automation must be Idempotent & Observable”.
+- **Rationale**: Improves traceability and aligns with constitution principle “Operations / Run Observability Standard”.
 - **Alternatives considered**:
   - Audit log only — rejected (you chose C).
 
diff --git a/specs/049-backup-restore-job-orchestration/research.md b/specs/049-backup-restore-job-orchestration/research.md
index f22e7c9..344a2f5 100644
--- a/specs/049-backup-restore-job-orchestration/research.md
+++ b/specs/049-backup-restore-job-orchestration/research.md
@@ -42,7 +42,7 @@ ### 3) Idempotency & de-duplication
 - Behavior: if an identical run is `queued`/`running`, reuse it and return/link to it; allow a new run only after terminal.
 
 **Rationale:**
-- Matches the constitution (“Automation must be Idempotent & Observable”) and aligns with existing patterns (inventory selection hash + schedule locks).
+- Matches the constitution (“Operations / Run Observability Standard”) and aligns with existing patterns (inventory selection hash + schedule locks).
 
 **Alternatives considered:**
 - **Cache-only locks** (`Cache::lock(...)`) without persisted keys.
@@ -75,4 +75,3 @@ ## Clarifications resolved
 
 - **SC-003 includes “canceled”** while Phase 1 explicitly has “no cancel”.
   - Resolution for Phase 1 planning: treat “canceled” as out-of-scope (Phase 2+) and map “aborted” (if present) into the `failed` bucket for SC accounting.
-
diff --git a/specs/053-unify-runs-monitoring/research.md b/specs/053-unify-runs-monitoring/research.md
index 1bc4cce..3afd57a 100644
--- a/specs/053-unify-runs-monitoring/research.md
+++ b/specs/053-unify-runs-monitoring/research.md
@@ -80,7 +80,7 @@ ### 6) Idempotency & de-duplication
 - Race reduction: rely on the existing partial unique index for active runs and handle collisions by finding and reusing the existing run.
 
 **Rationale:**
-- Aligns with the constitution (“Automation must be Idempotent & Observable”).
+- Aligns with the constitution (“Operations / Run Observability Standard”).
 - Durable across restarts and observable in the database.
 
 **Alternatives considered:**
diff --git a/specs/054-unify-runs-suitewide/checklists/requirements.md b/specs/054-unify-runs-suitewide/checklists/requirements.md
index 2886bac..70ccd84 100644
--- a/specs/054-unify-runs-suitewide/checklists/requirements.md
+++ b/specs/054-unify-runs-suitewide/checklists/requirements.md
@@ -6,6 +6,8 @@ ## Phase 1 Adoption Set
 - [x] `directory_groups.sync` (Directory → Groups “Sync groups”) covered in spec
 - [x] `drift.generate` (Drift “Generate drift now”) covered in spec
 - [x] `backup_set.add_policies` (Backup Sets “Add selected”) covered in spec
+- [x] `backup_schedule.run_now` (Backup Schedules “Run now”) covered in implementation
+- [x] `backup_schedule.retry` (Backup Schedules “Retry”) covered in implementation
 - [x] `restore.execute` (adapter mode) covered in spec
 
 ## Critical Clarifications (Pinned)
diff --git a/specs/054-unify-runs-suitewide/checklists/review.md b/specs/054-unify-runs-suitewide/checklists/review.md
new file mode 100644
index 0000000..0e20552
--- /dev/null
+++ b/specs/054-unify-runs-suitewide/checklists/review.md
@@ -0,0 +1,61 @@
+# Spec Review Checklist: Unified Operations Runs Suitewide (054)
+
+**Purpose**: Validate that `spec.md` is PR-reviewable and implementable by checking requirement quality (clarity, completeness, consistency, and testability), with emphasis on Audit-only vs OperationRun boundaries and tenant isolation/privacy/sanitization.
+**Created**: 2026-01-17
+**Feature**: `specs/054-unify-runs-suitewide/spec.md`
+
+**Note**: This checklist is generated by the `/speckit.checklist` command based on feature context and requirements.
+
+## Requirement Completeness
+
+- [x] CHK001 Are Phase 1 adoption-set operations explicitly enumerated and scoped? [Completeness] Evidence: `spec.md` §Scope & Assumptions (“Phase 1 adoption set”)
+- [x] CHK002 Are required Phase 1 run types explicitly listed and stable (including restore adapter and backup schedules)? [Completeness] Evidence: `spec.md` §FR-003
+- [x] CHK003 Are mandatory run record fields specified (initiator, type, status/timestamps, outcome, counts, failures, identity, context)? [Completeness] Evidence: `spec.md` §FR-001
+- [x] CHK004 Are lifecycle states and outcome buckets defined with allowed values? [Completeness] Evidence: `spec.md` §FR-011–FR-012
+- [x] CHK005 Are idempotency identity rules specified for each Phase 1 run type (effective inputs included/excluded)? [Completeness] Evidence: `spec.md` §FR-010
+- [x] CHK006 Are role/permission requirements defined for viewing runs vs starting operations? [Completeness] Evidence: `spec.md` §FR-018 + §User Story 1 (Scenario 5) + §User Story 2 (Scenario 2)
+- [x] CHK007 Are notification requirements defined for queued and terminal outcomes (recipient, summary, “View run” link)? [Completeness] Evidence: `spec.md` §FR-015 + §User Story 2 (Scenario 3)
+
+## Audit-only vs OperationRun Boundaries
+
+- [x] CHK008 Is the eligibility criteria for Audit-only actions fully specified (DB-only, ≤2s, no remote calls, no background work)? [Clarity] Evidence: `spec.md` §FR-019
+- [x] CHK009 Is it unambiguous when an action may remain Audit-only versus must be an OperationRun (e.g., operational relevance vs queued/remote)? [Clarity] Evidence: `spec.md` §FR-019 + §Rule (Run vs Audit-only)
+- [x] CHK010 Are “security-relevant” / “operational behavior change” triggers for mandatory AuditLog entries defined beyond examples (so classification is reviewable)? [Clarity] Evidence: `spec.md` §FR-019 (“Trigger guidance”)
+- [x] CHK011 Are required AuditLog fields complete and unambiguous (tenant, actor, stable action ID, target, before/after or diff, timestamp)? [Completeness] Evidence: `spec.md` §FR-019
+- [x] CHK012 Does the spec define sanitization expectations for `before/after/diff` in AuditLog (what must be excluded) rather than assuming it? [Privacy] Evidence: `spec.md` §FR-019 (“Sanitization (AuditLog before/after/diff)”)
+- [x] CHK013 Does the adoption matrix cover the required feature areas and assign a stable `run_type` or audit action id for each? [Completeness] Evidence: `spec.md` §Run vs Audit-only Adoption Matrix (Phase 1)
+- [x] CHK014 Are the adoption matrix audit action identifiers consistent with the “stable action identifier” requirement for AuditLog entries? [Consistency] Evidence: `spec.md` §FR-019 + §Run vs Audit-only Adoption Matrix
+- [x] CHK015 Are FR-019 acceptance checks sufficient and non-contradictory (no OperationRun; exactly one AuditLog; tenant-scoped; cross-tenant forbidden)? [Acceptance Criteria] Evidence: `spec.md` §FR-019 (Acceptance checks)
+
+## Tenant Isolation & Privacy / Sanitization
+
+- [x] CHK016 Are tenant isolation requirements explicitly stated for run list access and run detail access? [Completeness] Evidence: `spec.md` §FR-016 + §User Story 1 (Scenarios 1, 6)
+- [x] CHK017 Is “cross-tenant access is denied without disclosing run details” sufficiently specified to be reviewable (what must not be exposed)? [Clarity] Evidence: `spec.md` §FR-016 + §User Story 1 (Scenario 6)
+- [x] CHK018 Are start-surface authorization requirements explicit enough to prevent unauthorized run creation (especially Readonly)? [Completeness] Evidence: `spec.md` §FR-007 + §FR-018 + §User Story 2 (Scenario 2)
+- [x] CHK019 Are persisted failure requirements explicit about what MUST NOT be stored (tokens/credentials/PII/raw payload dumps)? [Clarity] Evidence: `spec.md` §FR-013 + §SC-004
+- [x] CHK020 Are “stable reason codes” and “short sanitized messages” defined enough to be objectively reviewable (format expectations or examples)? [Clarity] Evidence: `spec.md` §FR-013 (Reason codes + Messages)
+- [x] CHK021 Does the spec define what may be stored in run `context` and require it to be safe/sanitized (no secrets/PII)? [Privacy] Evidence: `spec.md` §FR-001 (“Context safety”)
+- [x] CHK022 Are Monitoring render-time constraints explicit (DB-only; no external calls; no remote fetches at render time)? [Completeness] Evidence: `spec.md` §FR-017 + §FR-008
+
+## Requirement Consistency
+
+- [x] CHK023 Are the terms “status” and “outcome bucket” used consistently (and are queued/running treated consistently across the doc)? [Consistency] Evidence: `spec.md` §FR-001 (Status/Outcome semantics) + §FR-011 (Run state presentation)
+- [x] CHK024 Are run type naming rules consistent across taxonomy, Phase 1 run list, and the adoption matrix (spelling/casing)? [Consistency] Evidence: `spec.md` §FR-002 + §FR-003 + §Run vs Audit-only Adoption Matrix
+- [x] CHK025 Is restore adapter behavior described consistently across Clarifications, Scope (“Restore visibility”), FR-003, and Key Entities? [Consistency] Evidence: `spec.md` §Clarifications (restore) + §Scope & Assumptions (“Restore visibility”) + §FR-003 + §Key Entities
+- [x] CHK026 Are retention and default monitoring window expectations consistent (retention vs default list time range)? [Consistency] Evidence: `spec.md` §Clarifications (retention) + §Assumptions + §FR-004
+
+## Acceptance Criteria Quality
+
+- [x] CHK027 Are success criteria measurable and objectively verifiable without implementation details? [Measurability] Evidence: `spec.md` §SC-001–SC-004
+- [x] CHK028 Is the ≥99% dedupe target defined with a measurement scope (what counts as an attempt; “normal conditions” definition)? [Clarity] Evidence: `spec.md` §SC-003 (Measurement scope) + §FR-009
+- [x] CHK029 Is “no secrets/PII” defined with an explicit boundary sufficient for reviewers to validate completeness? [Clarity] Evidence: `spec.md` §SC-004 + §FR-013
+
+## Scenario Coverage
+
+- [x] CHK030 Are primary, forbidden, and “background unavailable” scenarios covered with explicit, testable outcomes (including “must not claim queued”)? [Coverage] Evidence: `spec.md` §User Stories 1–3 + §User Story 2 (Scenario 4) + §Edge Cases
+
+## Notes
+
+- Check items off as completed: `[x]`
+- Add findings inline (e.g., under a checklist item) with links to the relevant spec section
+- This checklist evaluates requirements quality, not implementation correctness
diff --git a/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml b/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml
index c3d5238..28315b7 100644
--- a/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml
+++ b/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml
@@ -12,7 +12,7 @@ servers:
   - url: /
 
 paths:
-  /admin/t/{tenantExternalId}/bulk-operation-runs:
+  /admin/t/{tenantExternalId}/operations:
     get:
       operationId: monitoringOperationsIndex
       summary: Monitoring → Operations (tenant-scoped)
@@ -28,7 +28,7 @@ paths:
         '302':
           description: Redirect to login when unauthenticated.
 
-  /admin/t/{tenantExternalId}/bulk-operation-runs/{bulkOperationRunId}:
+  /admin/t/{tenantExternalId}/operations/{operationRunId}:
     get:
       operationId: monitoringOperationsView
       summary: Operation run detail (tenant-scoped)
@@ -38,7 +38,7 @@ paths:
           required: true
           schema:
             type: string
-        - name: bulkOperationRunId
+        - name: operationRunId
           in: path
           required: true
           schema:
@@ -52,4 +52,3 @@ paths:
           description: Forbidden when attempting cross-tenant access.
 
 components: {}
-
diff --git a/specs/054-unify-runs-suitewide/contracts/routes.md b/specs/054-unify-runs-suitewide/contracts/routes.md
index f139181..ec1a27d 100644
--- a/specs/054-unify-runs-suitewide/contracts/routes.md
+++ b/specs/054-unify-runs-suitewide/contracts/routes.md
@@ -3,16 +3,12 @@ # Routes & URLs
 ## Monitoring UI
 
 ### List Operations
-- **Route**: `tenant.monitoring.operations.index`
-- **URL**: `/tenants/{tenant}/monitoring/operations`
-- **Controller**: Livewire Component (`App\Livewire\Monitoring\OperationsList`)
+- **URL**: `/admin/t/{tenantExternalId}/operations`
+- **Surface**: Filament Resource `App\Filament\Resources\OperationRunResource` (index)
 
 ### View Operation
-- **Route**: `tenant.monitoring.operations.show`
-- **URL**: `/tenants/{tenant}/monitoring/operations/{run}`
-- **Controller**: Livewire Component (`App\Livewire\Monitoring\OperationsDetail`)
+- **URL**: `/admin/t/{tenantExternalId}/operations/{operationRunId}`
+- **Surface**: Filament Resource `App\Filament\Resources\OperationRunResource` (view)
 
 ## Deep Links
-- **Drift**: `/tenants/{tenant}/drift/history/{id}`
-- **Inventory**: `/tenants/{tenant}/inventory` (General, or specific timestamp if supported)
-- **Restore**: `/tenants/{tenant}/restore/{id}`
\ No newline at end of file
+- Use Filament URL helpers (`Resource::getUrl(...)`, `Page::getUrl(...)`) to generate tenant-scoped links back to owning feature surfaces/results.
diff --git a/specs/054-unify-runs-suitewide/contracts/service_interface.md b/specs/054-unify-runs-suitewide/contracts/service_interface.md
index b3db982..8540b5d 100644
--- a/specs/054-unify-runs-suitewide/contracts/service_interface.md
+++ b/specs/054-unify-runs-suitewide/contracts/service_interface.md
@@ -20,6 +20,10 @@ ### `ensureRun`
   3. If found, return it.
   4. If not found, create new `queued` run.
   5. Return run.
+  6. If an existing active run is returned (dedupe), the initiator (`user_id`, `initiator_name`) MUST NOT be replaced.
+
+- **Dispatch failure**:
+  - If queue dispatch fails after a run was created, the system MUST NOT leave misleading queued runs; instead complete the run immediately as `failed` (e.g., failure code `queue.dispatch_failed`) and show a clear UI message.
 
 ### `updateRun`
 Updates the status/outcome of a run.
@@ -44,5 +48,6 @@ ### `failRun`
 ## `App\Jobs\Middleware\TrackOperationRun`
 Middleware for Jobs to automatically handle `running` -> `completed`/`failed` transitions if bound to a run.
 
-## `App\Listeners\SyncRestoreRunToOperation`
-Listener for `RestoreRun` events to update the shadow `OperationRun`.
\ No newline at end of file
+## `App\Listeners\SyncRestoreRunToOperationRun`
+Listener for `RestoreRun` events to update the shadow `OperationRun`.
+The adapter row is created/visible only once a restore run reaches `previewed` (or later).
diff --git a/specs/054-unify-runs-suitewide/data-model.md b/specs/054-unify-runs-suitewide/data-model.md
index 589e6ac..bc18a04 100644
--- a/specs/054-unify-runs-suitewide/data-model.md
+++ b/specs/054-unify-runs-suitewide/data-model.md
@@ -16,7 +16,7 @@ ### `OperationRun`
 | `outcome` | String | Yes | Result bucket: `pending`, `succeeded`, `partially_succeeded`, `failed`, `cancelled`. |
 | `run_identity_hash` | String | Yes | Deterministic hash for idempotency. |
 | `summary_counts` | JSONB | No | `{ "total": 10, "success": 8, "failed": 2, "skipped": 0 }` |
-| `failure_summary` | JSONB | No | List of sanitized errors: `[{ "code": "GraphError", "message": "Throttled", "count": 1 }]` |
+| `failure_summary` | JSONB | No | List of sanitized errors: `[{ "code": "graph.throttled", "message": "Throttled (retrying)", "count": 1 }]` |
 | `context` | JSONB | No | Run-specific metadata. e.g., `{ "restore_run_id": 123, "selection": [...] }` |
 | `started_at` | Timestamp | No | When execution began. |
 | `completed_at` | Timestamp | No | When execution finished. |
@@ -31,7 +31,9 @@ ### `OperationRun`
 ### `RestoreRun` (Existing)
 Remains the domain source of truth for Restore.
 - Linked via `OperationRun.context['restore_run_id']`.
-- `OperationRun` mirrors `RestoreRun` status/outcome.
+- Adapter row is created/visible only once `RestoreRunStatus=previewed` (or later).
+  - When `RestoreRunStatus=previewed`, the adapter uses `OperationRun.status=queued` and `OperationRun.outcome=pending`.
+- `OperationRun` mirrors the restore execution lifecycle for Monitoring visibility (restore domain history remains owned by `RestoreRun`).
 
 ## Enums
 
@@ -45,7 +47,26 @@ ### `OperationRunOutcome`
 - `succeeded`
 - `partially_succeeded`
 - `failed`
-- `cancelled`
+- `cancelled` (reserved/future; MUST NOT be produced by 054)
+
+**UI label mapping** (display-only):
+
+- `pending` → “Pending”
+- `succeeded` → “Succeeded”
+- `partially_succeeded` → “Partially succeeded”
+- `failed` → “Failed”
+- `cancelled` → “Cancelled” (reserved)
+
+## State Transitions
+
+`OperationRun.status` transitions:
+
+- `queued` → `running` → `completed`
+
+`OperationRun.outcome` transitions:
+
+- `pending` while `status` is `queued` or `running`
+- one of `succeeded`, `partially_succeeded`, `failed`, `cancelled` when `status` is `completed`
 
 ## Relationships
 - `OperationRun` belongs to `Tenant`.
diff --git a/specs/054-unify-runs-suitewide/plan.md b/specs/054-unify-runs-suitewide/plan.md
index 0a09e67..3df874d 100644
--- a/specs/054-unify-runs-suitewide/plan.md
+++ b/specs/054-unify-runs-suitewide/plan.md
@@ -1,76 +1,98 @@
-# Implementation Plan: Unified Operations Runs Suitewide
+# Implementation Plan: Unified Operations Runs Suitewide (054)
 
-**Branch**: `feat/054-unify-operations-runs-suitewide` | **Date**: 2026-01-16 | **Spec**: [Spec Link](spec.md)
-**Input**: Feature specification from `specs/054-unify-runs-suitewide/spec.md`
+**Branch**: `feat/054-unify-operations-runs-suitewide` | **Date**: 2026-01-17 | **Spec**: `/Users/ahmeddarrazi/Documents/projects/TenantAtlas/specs/054-unify-runs-suitewide/spec.md` ([spec.md](spec.md))  
+**Input**: Feature specification from `/Users/ahmeddarrazi/Documents/projects/TenantAtlas/specs/054-unify-runs-suitewide/spec.md`
+
+**Note**: This plan is filled in by the `/speckit.plan` command. See `.specify/scripts/` for helper scripts.
 
 ## Summary
 
-This feature unifies long-running tenant operations (e.g., Inventory Sync, Drift Generation) into a single canonical `operation_runs` table. This enables a consistent "Monitoring -> Operations" view for all tenant activities. Legacy run tables will be maintained in parallel for now (Parallel Write Transition). `RestoreRun` remains a domain-specific record but will be mirrored into `operation_runs` via an adapter pattern.
+Eliminate “run sprawl” by adopting a single tenant-scoped canonical run record (`operation_runs`) for long-running and
+operationally relevant actions across the product, surfaced consistently in Monitoring → Operations (list + detail).
+
+Key behaviors:
+- Start surfaces are enqueue-only: authorize → create/reuse canonical run (dedupe) → dispatch → confirm + “View run”.
+- Legacy per-module run tables remain in parallel where they exist; Monitoring/Operations uses canonical runs.
+- Restore remains a domain workflow record, but is mirrored into canonical runs via an adapter row (`restore.execute`)
+  created from `RestoreRunStatus=previewed` onward (`status=queued`, `outcome=pending` until execution begins).
 
 ## Technical Context
 
-**Language/Version**: PHP 8.4
-**Primary Dependencies**: Filament v4, Laravel v12, Livewire v3
-**Storage**: PostgreSQL (`operation_runs` table + JSONB)
-**Testing**: Pest v4 (Feature tests for Service, Livewire tests for UI)
-**Target Platform**: Linux server (Docker/Dokploy)
-**Project Type**: Web Application (Laravel Monolith)
-**Performance Goals**: Start operation < 2s. List runs < 200ms.
-**Constraints**: Tenant isolation is paramount. No cross-tenant data leakage.
-**Scale/Scope**: ~50-100 runs/day per tenant. Retention 90 days.
+**Language/Version**: PHP 8.4.15 (Laravel 12)  
+**Primary Dependencies**: Filament v4, Livewire v3  
+**Storage**: PostgreSQL (`operation_runs` + JSONB for summary/failures/context; partial unique index for active-run dedupe)  
+**Testing**: Pest v4 (PHPUnit v12)  
+**Target Platform**: Web application (Sail-first locally, Dokploy-first deploy)  
+**Project Type**: web  
+**Performance Goals**: Start surfaces confirm within 2 seconds and provide a “View run” link; Monitoring/Operations list is usable with default last-30-days window and filters.  
+**Constraints**: Tenant isolation is non-negotiable; Monitoring is DB-only at render time; no remote work inline; failures are stable codes + sanitized messages (no secrets/tokens/raw payload dumps).  
+**Scale/Scope**: Tenant-scoped run history across modules; retention defaults to 90 days.
 
 ## Constitution Check
 
 *GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.*
 
-- [x] Inventory-first: N/A (this is about tracking operations, not inventory state itself)
-- [x] Read/write separation: Monitoring is read-only. Starts are explicit writes.
-- [x] Graph contract path: N/A (this feature tracks runs, doesn't call Graph directly)
-- [x] Deterministic capabilities: N/A
-- [x] Tenant isolation: `operation_runs` has `tenant_id`. Policies ensure scope.
-- [x] Automation: Idempotency enforced via DB index.
-- [x] Data minimization: No secrets in `failure_summary`.
+- Inventory-first: PASS (Monitoring uses persisted run records; does not redefine Inventory semantics).
+- Read/write separation: PASS (Monitoring/Operations is view-only; writes remain in their owning UIs with explicit confirmation/audit where applicable).
+- Graph contract path: PASS (Monitoring makes no Graph calls; start surfaces MUST NOT perform remote work inline).
+- Deterministic capabilities: N/A (no new capability resolver introduced in this feature).
+- Tenant isolation: PASS (all run access is tenant-scoped; cross-tenant access is forbidden).
+- Run observability: PASS (queued/remote/scheduled work is tracked as canonical runs and links to a single Monitoring hub).
+- Automation: PASS (active-run de-duplication via deterministic identity + partial unique index).
+- Data minimization: PASS (failure summaries are sanitized and stable; no secrets/tokens/raw payload dumps in persisted failures/notifications).
+
+**Gate status (pre-Phase 0)**: PASS (no violations).  
+**Gate status (post-Phase 1)**: PASS (design artifacts present: `research.md`, `data-model.md`, `contracts/`, `quickstart.md`).
 
 ## Project Structure
 
 ### Documentation (this feature)
 
 ```text
-specs/054-unify-runs-suitewide/
-├── plan.md              # This file
-├── research.md          # Research findings
-├── data-model.md        # Database schema
-├── quickstart.md        # Dev guide
-├── contracts/           # Service interfaces & routes
-└── tasks.md             # Task breakdown
+/Users/ahmeddarrazi/Documents/projects/TenantAtlas/specs/054-unify-runs-suitewide/
+├── plan.md                     # This file (/speckit.plan command output)
+├── spec.md                     # Feature specification (input)
+├── checklists/
+│   └── requirements.md         # Spec quality checklist
+├── research.md                 # Phase 0 output
+├── data-model.md               # Phase 1 output
+├── quickstart.md               # Phase 1 output
+├── contracts/                  # Phase 1 output
+└── tasks.md                    # Phase 2 output (/speckit.tasks command - NOT created by /speckit.plan)
 ```
 
 ### Source Code (repository root)
 
 ```text
 app/
-├── Models/
-│   └── OperationRun.php
-├── Services/
-│   └── OperationRunService.php
-├── Livewire/
-│   └── Monitoring/
-│       ├── OperationsList.php
-│       └── OperationsDetail.php
+├── Filament/
+│   ├── Pages/
+│   └── Resources/
 ├── Jobs/
 │   └── Middleware/
-│       └── TrackOperationRun.php
-└── Listeners/
-    └── SyncRestoreRunToOperation.php
+├── Listeners/
+├── Models/
+├── Notifications/
+├── Observers/
+├── Policies/
+├── Services/
+└── Support/
 
-database/migrations/
-└── YYYY_MM_DD_create_operation_runs_table.php
+database/
+└── migrations/
+
+routes/
+└── console.php
+
+tests/
+├── Feature/
+└── Unit/
 ```
 
-**Structure Decision**: Standard Laravel Service/Model/Livewire pattern.
+**Structure Decision**: Laravel web application. Implement canonical runs via Eloquent (`OperationRun`) + a small service layer for idempotent creation and lifecycle updates, instrument background jobs via middleware, and surface runs in Filament Monitoring/Operations (tenant-scoped, view-only).
 
 ## Complexity Tracking
 
 | Violation | Why Needed | Simpler Alternative Rejected Because |
 |-----------|------------|-------------------------------------|
-| None | | |
\ No newline at end of file
+| None | | |
diff --git a/specs/054-unify-runs-suitewide/quickstart.md b/specs/054-unify-runs-suitewide/quickstart.md
index 9a99384..eaf8e35 100644
--- a/specs/054-unify-runs-suitewide/quickstart.md
+++ b/specs/054-unify-runs-suitewide/quickstart.md
@@ -1,7 +1,7 @@
 # Quickstart: Adding a New Operation
 
 ## 1. Register Run Type
-Add your new type constant to `App\Enums\OperationRunType` (if using Enums) or just use the string convention `resource.action`.
+Add your new type constant to `App\Support\OperationRunType` (if using Enums) or just use the string convention `resource.action`.
 
 ## 2. Implement Idempotency Inputs
 Define what makes a run "unique" for your feature.
@@ -16,34 +16,36 @@ ## 3. Use `OperationRunService`
 
 // 2. Dispatch Job (if new)
 if ($run->wasRecentlyCreated) {
-    MyJob::dispatch($run, $inputs);
+    $service->dispatchOrFail($run, function () use ($run, $inputs): void {
+        MyJob::dispatch($run, $inputs);
+    });
 }
 
 // 3. Return View Link
-return redirect()->route('tenant.monitoring.operations.show', [$tenant, $run]);
+return redirect(\App\Support\OperationRunLinks::viewUrl($tenant, $run));
 ```
 
 ## 4. Instrument Job
 In your Job:
 
 ```php
-public function handle()
+public function handle(\App\Services\OperationRunService $service)
 {
-    // Update to Running
-    $this->run->updateStatus(status: 'running');
-
     try {
         // ... do work ...
         
         // Success
-        $this->run->updateStatus(
-            status: 'completed', 
-            outcome: 'succeeded', 
-            summary: ['processed' => 100]
-        );
+        $service->updateRun($this->run, status: 'completed', outcome: 'succeeded', summaryCounts: [
+            'processed' => 100,
+        ]);
     } catch (\Throwable $e) {
         // Failure
-        $this->run->fail($e);
+        $service->failRun($this->run, $e);
     }
 }
 ```
+
+## Notes: Monitoring & Run-Standard (Graph safety)
+
+- **RBAC Wizard** (`TenantResource`): group search is **delegated-Graph-based** and the picker is **disabled without a delegated token**.
+- **Restore Wizard** (`RestoreRunResource`): group mapping stays **DB-only** (Directory Cache / `entra_groups`) during the mapping phase — **no Graph calls** there; fallback helper text is always visible.
diff --git a/specs/054-unify-runs-suitewide/research.md b/specs/054-unify-runs-suitewide/research.md
index 679092c..0a50c51 100644
--- a/specs/054-unify-runs-suitewide/research.md
+++ b/specs/054-unify-runs-suitewide/research.md
@@ -4,9 +4,11 @@ ## 1. Technical Context & Unknowns
 
 **Unknowns Resolved**:
 - **Transition Strategy**: Parallel write. We will maintain existing legacy tables (e.g., `inventory_sync_runs`, `restore_runs`) for now but strictly use `operation_runs` for the Monitoring UI.
-- **Restore Adapter**: `RestoreRun` remains the domain source of truth. An `OperationRun` record will be created as a "shadow" or "adapter" record. This requires hooking into `RestoreRun` lifecycle events or the service layer to keep them in sync.
+- **Restore Adapter**: `RestoreRun` remains the domain source of truth. An `OperationRun` adapter row will be created once a restore run reaches `previewed` (and later statuses), and will be kept in sync via `RestoreRun` lifecycle events or service-layer wrapping.
 - **Run Logic Location**: Existing jobs like `RunInventorySyncJob` will be updated to manage the `OperationRun` state.
 - **Concurrency**: Enforced by partial unique index on `(tenant_id, run_identity_hash)` where status is active (`queued`, `running`).
+- **Dispatch Failure Semantics**: If queue dispatch fails, the system will immediately complete the run as `failed` (e.g., `queue.dispatch_failed`) and show a clear UI message (never leaving misleading queued runs).
+- **Notifications on Dedupe**: Only the original initiator (`operation_runs.user_id`) receives queued/terminal notifications; reusers of an active run do not get additional notifications.
 
 ## 2. Technology Choices
 
@@ -22,16 +24,24 @@ ## 3. Implementation Patterns
 ### Canonical Run Lifecycle
 1.  **Start Request**:
     -   Compute `run_identity_hash` from inputs.
-    -   Attempt `INSERT` into `operation_runs` (ignore conflict if active).
-    -   If active run exists, return it (Idempotency).
-    -   If new, dispatch Job.
+    -   Attempt `INSERT` into `operation_runs` (idempotent; enforced by partial unique index for active runs).
+    -   If an active run exists, return it (Idempotency).
+    -   If new, dispatch the background Job.
+    -   If dispatch fails, immediately mark the run `status=completed`, `outcome=failed` with a safe failure code such as `queue.dispatch_failed`.
 2.  **Job Execution**:
     -   Update status to `running`.
     -   Perform work.
-    -   Update status to `succeeded`/`failed`.
+    -   Update status to `completed` and set terminal outcome (`succeeded` / `partially_succeeded` / `failed` / `cancelled`).
 3.  **Restore Adapter**:
-    -   When `RestoreRun` is created, create `OperationRun` (queued/running).
-    -   When `RestoreRun` updates (status change), update `OperationRun`.
+    -   Create the adapter row only once `RestoreRunStatus=previewed` (or later) is reached.
+    -   Map `RestoreRunStatus=previewed` to `OperationRun.status=queued` and `OperationRun.outcome=pending`.
+    -   Keep the adapter updated as the restore progresses:
+        - `queued` → `status=queued`, `outcome=pending`
+        - `running` → `status=running`, `outcome=pending`
+        - `completed` → `status=completed`, `outcome=succeeded`
+        - `partial` → `status=completed`, `outcome=partially_succeeded`
+        - `failed` → `status=completed`, `outcome=failed`
+        - `cancelled` → `status=completed`, `outcome=cancelled`
 
 ### Data Model
 ```sql
@@ -63,3 +73,5 @@ ## 4. Risks & Mitigations
     -   **Mitigation**: Use model observers or service-layer wrapping to ensure atomic-like updates, or accept slight eventual consistency (Monitoring might lag ms behind Restore UI).
 -   **Risk**: Legacy runs not appearing.
     -   **Mitigation**: We are NOT backfilling legacy runs. Only new runs after deployment will appear in the new Monitoring UI. This is acceptable for "Phase 1".
+-   **Risk**: Confusion about `queued` for restore `previewed`.
+    -   **Mitigation**: Document that `restore.execute` appears from `previewed` onward and uses `queued/pending` until execution begins; Monitoring remains view-only and links to the restore domain detail.
diff --git a/specs/054-unify-runs-suitewide/spec.md b/specs/054-unify-runs-suitewide/spec.md
index b54f7a3..c97330f 100644
--- a/specs/054-unify-runs-suitewide/spec.md
+++ b/specs/054-unify-runs-suitewide/spec.md
@@ -12,9 +12,19 @@ ### Session 2026-01-16
 - Q: Welche Default-Retention soll 054 für canonical Operation Runs festlegen? → A: 90 days
 - Q: Transition-Strategie in 054: schreiben wir canonical Runs parallel zu Legacy-Run-Tabellen, oder ersetzen wir sofort? → A: Parallel write (canonical + legacy)
 - Q: For `restore.execute`, the spec mentions it acts as an "adapter entry" linking to the restore domain record. How should this be implemented? → A: Physical Row (Create a physical row in `operation_runs` that points to the restore record).
-- Q: How should concurrency and deduplication (FR-009) be enforced at the database level? → A: Partial Unique Index (unique constraint on `tenant_id, run_identity_hash` where outcome is `queued` or `running`).
+- Q: How should concurrency and deduplication (FR-009) be enforced at the database level? → A: Partial Unique Index (unique constraint on `tenant_id, run_identity_hash` where status is `queued` or `running`).
 - Q: How should the `initiator` be modeled to support both users and system processes (FR-001)? → A: Nullable FK + Name Snapshot (`user_id` nullable FK + required `initiator_name` string).
 
+### Session 2026-01-17
+
+- Q: Sollen `backup_schedule.run_now` und `backup_schedule.retry` in 054 zur Phase-1-Adoption (must be implemented) gehören? → A: Yes — both are Phase 1 in 054 (OperationRun producers + worker tracking).
+- Q: Wenn Queue-Dispatch fehlschlägt (Background Processing unavailable), sollen wir trotzdem einen `OperationRun` anlegen und ihn sofort als fehlgeschlagen abschließen? → A: Yes — create an `OperationRun` and immediately complete it as `failed` (e.g., failure code `queue.dispatch_failed`); show a clear error and MAY include a “View run” link.
+- Q: Wenn ein Start deduped wird (Run wird wiederverwendet), wer soll die In‑App Notifications (“queued” + terminal outcome) bekommen? → A: Only the original initiator (`operation_runs.user_id`); no additional notifications are sent to the second starter on reuse.
+- Q: Für `restore.execute`: In welchen `RestoreRunStatus`-Phasen soll überhaupt ein `OperationRun`-Adapter‑Row erzeugt/angezeigt werden? → A: From `previewed` onwards (previewed + execution statuses); no adapter row for `draft`/`scoped`/`checked`.
+- Q: Wenn der `restore.execute` Adapter bereits ab `RestoreRunStatus=previewed` sichtbar ist: welchen `OperationRun`-State sollen wir für diese Phase setzen? → A: `status=queued`, `outcome=pending` (until `running`, then `completed` + terminal outcome).
+- Q: RBAC Wizard (`TenantResource`) – wie funktioniert Group Search? → A: Group search is delegated-Graph-based and the picker MUST be disabled without delegated auth.
+- Q: Restore Wizard (`RestoreRunResource`) – Group Mapping Phase: Graph oder DB-only? → A: DB-only via Directory Cache (`entra_groups`), no Graph calls during mapping; helper text is always shown (fallback included).
+
 ## User Scenarios & Testing *(mandatory)*
 
 ### User Story 1 - See Every Supported Operation in Monitoring (Priority: P1)
@@ -27,10 +37,10 @@ ### User Story 1 - See Every Supported Operation in Monitoring (Priority: P1)
 
 **Acceptance Scenarios**:
 
-1. **Given** I am signed into tenant A, **When** I open Monitoring → Operations, **Then** I see only tenant A runs and can filter by run type, outcome bucket, time range, and initiator.
+1. **Given** I am signed into tenant A, **When** I open Monitoring → Operations, **Then** I see only tenant A runs and can filter by run type, run state (queued/running/terminal outcome), time range, and initiator.
 2. **Given** multiple run types exist, **When** I filter to `inventory.sync`, **Then** only inventory sync runs are shown.
-3. **Given** a run exists, **When** I open its detail view, **Then** I can see initiator, run type, outcome bucket, timestamps, summary counts (if applicable), sanitized failures (if any), and links to relevant feature context/results.
-4. **Given** restore execution exists, **When** I open Monitoring → Operations, **Then** I can see a `restore.execute` entry that links to the existing restore record (restore history remains owned by the restore domain record).
+3. **Given** a run exists, **When** I open its detail view, **Then** I can see initiator, run type, run state (queued/running/terminal outcome), timestamps, summary counts (if applicable), sanitized failures (if any), and links to relevant feature context/results.
+4. **Given** a restore run has reached `previewed` or later, **When** I open Monitoring → Operations, **Then** I can see a `restore.execute` entry that links to the existing restore record (restore history remains owned by the restore domain record).
 5. **Given** I am a `Readonly` user in tenant A, **When** I view Monitoring → Operations, **Then** I can view runs and details but I do not see any start/rerun/cancel/delete controls.
 6. **Given** I attempt to access a run from another tenant (direct link or list), **When** I request it, **Then** access is denied and no run details are disclosed.
 
@@ -50,6 +60,7 @@ ### User Story 2 - Start Operations Without Blocking (Priority: P2)
 2. **Given** I am a `Readonly` user in tenant A, **When** I attempt to start any Phase 1 operation, **Then** the system denies the request and does not create a new run.
 3. **Given** the run reaches a terminal outcome, **When** that occurs, **Then** the initiating user receives an in-app notification including a short summary and a “View run” link.
 4. **Given** background processing is unavailable, **When** I attempt to start an operation, **Then** I receive a clear message and the system MUST NOT claim it was queued.
+   - If an `OperationRun` record was created during the attempt, it MUST be completed immediately with outcome `failed` (never left `queued`) and MAY be linked via “View run”.
 
 ---
 
@@ -68,7 +79,7 @@ ### User Story 3 - Duplicate Starts Reuse the Same Active Run (Priority: P3)
 
 ### Edge Cases
 
-- Background execution unavailable: start fails fast with a clear message; the system MUST NOT create misleading “queued” runs.
+- Background execution unavailable: start fails fast with a clear message; if an `OperationRun` record was created, it MUST be immediately completed as `failed` (e.g., `queue.dispatch_failed`) and MUST NOT be left `queued`.
 - Partial processing: at least one success and at least one failure yields “partially succeeded”, with per-item failures when applicable.
 - Large run history: Monitoring remains usable with filters and defaults (recent runs, last 30 days).
 - Permissions revoked mid-run: the run continues; visibility is evaluated at time of access.
@@ -87,10 +98,14 @@ ### Scope & Assumptions
 - `directory_groups.sync` (Directory → Groups “Sync groups”)
 - `drift.generate` (Drift “Generate drift now” / auto-on-open when eligible)
 - `backup_set.add_policies` (Backup Sets “Add selected” / “Add policies”)
+- `backup_schedule.run_now` (Backup Schedules “Run now”)
+- `backup_schedule.retry` (Backup Schedules “Retry”)
 
 **Restore visibility (adapter only):**
 
 - `restore.execute` appears as a canonical run entry that links to an existing restore domain record.
+- The adapter row MUST be created/visible only once a restore run reaches `previewed` (or later) and MUST NOT be created for `draft`, `scoped`, or `checked`.
+- When the restore run is `previewed`, the adapter `OperationRun` MUST use `status=queued` and `outcome=pending`.
 - Restore execution history remains owned by the restore domain record (not replaced in Phase 1).
 
 **Out of scope for 054 (explicit):**
@@ -100,6 +115,7 @@ ### Scope & Assumptions
 - Cancel/rerun/delete controls inside Monitoring hub (hub stays view-only)
 - Replacing restore domain records with canonical runs
 - A full settings UI for retention/notifications/etc.
+- Implementing or validating `AuditLog` behavior for audit-only actions (FR-019) beyond actions explicitly changed by 054
 
 **Assumptions (defaults to remove ambiguity in Phase 1):**
 
@@ -107,35 +123,104 @@ ### Scope & Assumptions
 - System-initiated runs (if any) do not notify users by default in Phase 1.
 - Transition strategy: write canonical runs in parallel with any existing legacy per-module run tables (where they exist); Monitoring uses canonical runs as the source of truth immediately.
 
+**Run vs Audit-only Adoption Matrix (Phase 1):**
+
+| Feature Area | Action | Tracking | run_type / audit action |
+|-------------|--------|----------|--------------------------|
+| Policies | Sync now | OperationRun | `policy.sync` |
+| Policies | Ignore policy | Audit-only | `policy.ignore` |
+| Policies | Export to backup | OperationRun (queued) | `policy.export_backup` |
+| Policy Versions | Capture snapshot | OperationRun | `policy.capture_snapshot` |
+| Policy Versions | Prune versions | Audit-only | `policy_versions.prune` |
+| Policy Versions | Archive versions | Audit-only | `policy_versions.archive` |
+| Inventory | Sync now | OperationRun | `inventory.sync` |
+| Directory Groups | Sync groups | OperationRun | `directory_groups.sync` |
+| Drift | Generate drift | OperationRun | `drift.generate` |
+| Backup Sets | Add policies | OperationRun | `backup_set.add_policies` |
+| Backup Sets | Archive | Audit-only (DB-only) | `backup_set.archive` |
+| Backup Sets | Restore (bulk) | OperationRun | `backup_set.restore` |
+| Backup Sets | Force delete | Audit-only (admin-only) | `backup_set.force_delete` |
+| Backup Schedules | Run now | OperationRun | `backup_schedule.run_now` |
+| Backup Schedules | Retry | OperationRun | `backup_schedule.retry` |
+| Backup Schedules | Edit | Audit-only | `backup_schedule.edit` |
+| Backup Schedules | Delete | Audit-only | `backup_schedule.delete` |
+| Tenants | Sync tenant | OperationRun | `tenant.sync` |
+| Tenants | Admin consent | Audit-only | `tenant.admin_consent` |
+| Tenants | Verify configuration | Audit-only | `tenant.verify_config` |
+| Tenants | Setup Intune RBAC | Audit-only | `tenant.setup_rbac` |
+| Tenants | Deactivate | Audit-only | `tenant.deactivate` |
+| Restore | Execute restore | OperationRun (adapter) | `restore.execute` (context → `restore_run_id`) |
+
+**Rule**: If an action is queued/background, long-running, or requires remote/external calls (e.g., Microsoft Graph),
+it MUST be tracked as an OperationRun. Only fast DB-only changes MAY be Audit-only.
+
 ### Functional Requirements
 
-- **FR-001 Canonical Operation Run**: System MUST represent each supported operation execution as a canonical, tenant-scoped operation run record that captures initiator (nullable `user_id` FK + `initiator_name` string), run type, lifecycle status/timestamps, outcome bucket, summary counts (when applicable), safe failure summaries, an idempotency identity for dedupe, and a safe context payload referencing “what this run was about”.
+- **FR-001 Canonical Operation Run**: System MUST represent each supported operation execution as a canonical, tenant-scoped operation run record that captures initiator (nullable `user_id` FK + `initiator_name` string), run type, lifecycle status/timestamps, terminal outcome (pending while active), summary counts (when applicable), safe failure summaries, an idempotency identity for dedupe, and a safe context payload referencing “what this run was about”.
+  - **Status semantics**: `status` represents lifecycle stage (`queued` → `running` → `completed`).
+  - **Outcome semantics (stored tokens)**: `outcome` stores machine tokens: `pending` while active, otherwise `succeeded` / `partially_succeeded` / `failed`.
+    - **UI labels**: Monitoring displays human labels derived from stored tokens (e.g., `partially_succeeded` → “Partially succeeded”).
+    - **Reserved**: `cancelled` is reserved for future use and MUST NOT be produced by 054 (Monitoring hub has no cancel controls).
+  - **Context safety**: `context` MUST be sanitized and MUST include only safe references (e.g., stable IDs, selection scope keys, correlation IDs). It MUST NOT include secrets/tokens/credentials, personal data, or full external payload dumps.
 - **FR-002 Run taxonomy**: Run type MUST be stable and follow `"<resource>.<action>"`.
-- **FR-003 Phase 1 run types**: Phase 1 run types MUST include `inventory.sync`, `policy.sync`, `directory_groups.sync`, `drift.generate`, `backup_set.add_policies`, plus `restore.execute` implemented as a physical `operation_runs` record (adapter) pointing to the domain entity.
-- **FR-004 Monitoring lists all canonical runs**: Monitoring → Operations MUST list canonical runs for the active tenant with filters for run type, outcome bucket, time range, and initiator; default sort is most recent first; default time window is last 30 days.
-- **FR-005 Run detail**: Run detail MUST show initiator, run type, outcome bucket, timestamps (created/started/finished), summary counts (when applicable), sanitized failures (including per-item failures when applicable), and contextual links to owning feature surfaces/results.
+- **FR-003 Phase 1 run types**: Phase 1 run types MUST include `inventory.sync`, `policy.sync`, `directory_groups.sync`, `drift.generate`, `backup_set.add_policies`, `backup_schedule.run_now`, `backup_schedule.retry`, plus `restore.execute` implemented as a physical `operation_runs` record (adapter) pointing to the domain entity.
+- **FR-004 Monitoring lists all canonical runs**: Monitoring → Operations MUST list canonical runs for the active tenant with filters for run type, run state (queued/running/terminal outcome), time range, and initiator; default sort is most recent first; default time window is last 30 days.
+- **FR-005 Run detail**: Run detail MUST show initiator, run type, run state (queued/running/terminal outcome), timestamps (created/started/finished), summary counts (when applicable), sanitized failures (including per-item failures when applicable), and contextual links to owning feature surfaces/results.
 - **FR-006 View-only hub**: Monitoring hub MUST be view-only (no start/rerun/cancel/delete controls) and MUST link back to owning feature surfaces.
 - **FR-007 Start surfaces always enqueue**: Every Phase 1 start surface MUST authorize start, create/reuse a canonical run (dedupe), dispatch background execution, and return immediately with confirmation + “View run”.
 - **FR-008 No remote work in interactive request**: Start surfaces MUST NOT perform remote work inline; long-running work happens in background execution.
-- **FR-009 Deterministic idempotency**: For each run type, the system MUST define a deterministic identity for “identical run” based on tenant + effective inputs; initiator MUST NOT be part of identity. **Enforcement**: Uniqueness MUST be enforced via a partial unique index on `(tenant_id, run_identity_hash)` where outcome is `queued` or `running`.
+- **FR-009 Deterministic idempotency**: For each run type, the system MUST define a deterministic identity for “identical run” based on tenant + effective inputs; initiator MUST NOT be part of identity. **Enforcement**: Uniqueness MUST be enforced via a partial unique index on `(tenant_id, run_identity_hash)` where status is `queued` or `running`.
 - **FR-010 Phase 1 identity rules**: Identity rules MUST be defined at least as follows:
   - `inventory.sync`: tenant + selection scope
   - `policy.sync`: tenant + effective policy scope
   - `directory_groups.sync`: tenant + selection (Phase 1 default: “all groups”)
   - `backup_set.add_policies`: tenant + backup set + selected policies + option flags (if exposed)
+  - `backup_schedule.run_now`: tenant + backup schedule id
+  - `backup_schedule.retry`: tenant + backup schedule id
   - `drift.generate`: tenant + scope key + baseline/current comparison inputs
-- **FR-011 Outcome buckets**: Monitoring MUST present consistent outcome buckets: `queued`, `running`, `succeeded`, `partially succeeded`, `failed`.
-- **FR-012 Partial vs failed**: “Partially succeeded” means at least one success and at least one failure; “Failed” means zero successes or cannot proceed.
+- **FR-011 Run state presentation**: Monitoring MUST present a consistent run state using a single display bucket derived from lifecycle status and terminal outcome:
+  - If status is `queued` or `running`, display that status.
+  - If status is `completed`, display the terminal outcome derived from the stored token (`succeeded`, `partially_succeeded`, or `failed`) using the UI label mapping.
+- **FR-012 Partial vs failed (terminal outcomes)**: “Partially succeeded” (`partially_succeeded`) means at least one success and at least one failure; “Failed” (`failed`) means zero successes or cannot proceed.
 - **FR-013 Failure details are safe + useful**: Failures MUST be persisted and displayed as stable reason codes and short sanitized messages; failures MUST NOT include secrets/tokens/credentials/PII or full external payload dumps.
+  - **Reason codes** MUST be stable, machine-readable identifiers (lowercase, dot-separated), e.g. `graph.throttled`, `auth.forbidden`, `validation.invalid_input`, `unexpected.exception`.
+  - **Messages** MUST be short (≤ 200 characters), sanitized, and written for operators (no secrets/tokens/credentials/PII; no raw external payloads). If needed, messages MAY include a non-sensitive correlation identifier.
 - **FR-014 Related links**: Run detail MUST include contextual links where applicable (e.g., drift findings, backup set, inventory results, directory groups, restore detail for `restore.execute`).
 - **FR-015 Notifications**: System MUST emit in-app notifications for “queued” (after start) and terminal outcomes for Phase 1 runs; notifications MUST include a short summary and a “View run” link; recipients are the initiating user only.
+  - If a start request reuses an existing active run (dedupe), the run initiator (as stored on the `OperationRun`) remains the sole notification recipient; the second starter receives no additional notifications.
 - **FR-016 Tenant isolation**: All run list/detail access MUST be tenant-scoped; cross-tenant access MUST be denied without disclosing run details.
 - **FR-017 No render-time remote calls**: Monitoring pages MUST be render-safe and MUST NOT depend on external service calls during render.
 - **FR-018 Roles & permissions**: Roles `Owner`, `Manager`, `Operator`, and `Readonly` MUST be able to view runs; only `Owner`, `Manager`, `Operator` may start operations; `Readonly` is strictly view-only.
+- **FR-019 Audit-only actions (no OperationRun)**: Actions that are DB-only and complete within ≤2 seconds under normal
+  conditions MAY be executed without an OperationRun, as long as they do not start long-running background execution and
+  do not require any remote/external calls.
+  - **054 scope note**: 054 does not implement or modify audit-only actions. If any audit-only action is touched as part
+    of implementing 054 in the future, it MUST comply with this requirement and MUST be covered by tests.
+  If such an action is security-relevant or changes operational behavior (e.g., “Ignore policy”, “Deactivate tenant”,
+  “Admin consent”, “Prune versions”, “Force delete”), it MUST write exactly one tenant-scoped AuditLog entry with, at minimum:
+  - `tenant_id`
+  - `actor_user_id`
+  - `action` (stable action identifier, e.g., `policy.ignore`)
+  - `target_type`, `target_id`
+  - `before` / `after` (sanitized JSON) **or** `diff` (sanitized JSON)
+  - `created_at`
+  **Trigger guidance (to make classification reviewable)**:
+  - “Security-relevant” includes actions that grant/revoke access, change authorization posture, change admin consent, or otherwise modify who/what can read/write tenant data.
+  - “Operational behavior change” includes actions that change what the system will do in future runs (e.g., ignore/exclude resources, enable/disable schedules, retention/prune/archive actions, force deletes).
+  - If unclear whether an Audit-only action is security/ops-relevant, the default is to treat it as such and write an AuditLog entry.
+  **Sanitization (AuditLog before/after/diff)**:
+  - AuditLog payloads MUST include only the minimum fields needed to understand the change.
+  - AuditLog payloads MUST NOT include secrets/tokens/credentials, personal data, or full external payload dumps.
+  - If a field is sensitive, it MUST be omitted or replaced with a non-sensitive placeholder (e.g., `"[REDACTED]"`).
+  Monitoring/Operations remains reserved for OperationRun-tracked long-running/queued operations.
+  **Acceptance checks (testable)**:
+  - Audit-only action creates no OperationRun.
+  - Audit-only action creates exactly one AuditLog event containing the required fields.
+  - Audit-only action is tenant-scoped; cross-tenant access is forbidden and MUST NOT create AuditLog entries.
 
 ### Key Entities *(include if feature involves data)*
 
-- **Canonical Operation Run**: A tenant-scoped record representing the lifecycle of a long-running operation, including run type, initiator (nullable `user_id` FK + `initiator_name` string), lifecycle state/timestamps, outcome bucket, summary counts, safe failure summaries, idempotency identity (uniqueness enforced by DB index on active runs), and safe context references.
+- **Canonical Operation Run**: A tenant-scoped record representing the lifecycle of a long-running operation, including run type, initiator (nullable `user_id` FK + `initiator_name` string), lifecycle state/timestamps, terminal outcome, summary counts, safe failure summaries, idempotency identity (uniqueness enforced by DB index on active runs), and safe context references.
 - **Restore domain record (exception)**: Restore remains a domain workflow record with richer semantics and history. Monitoring shows restore activity through a physical `operation_runs` row (adapter) that links back to the restore record, without replacing it.
 
 ## Success Criteria *(mandatory)*
@@ -145,4 +230,5 @@ ### Measurable Outcomes
 - **SC-001**: Operators can answer “what ran, when, and did it succeed?” for any Phase 1 run in under 1 minute using Monitoring → Operations.
 - **SC-002**: Starting a Phase 1 operation returns confirmation + “View run” link within 2 seconds under normal conditions.
 - **SC-003**: Duplicate starts reuse the same active run in at least 99% of attempts under normal conditions.
+- **SC-003 Measurement scope (definition)**: An “attempt” counts when a start request is made for an operation with identical effective inputs while an identical run is already `queued` or `running`. The success condition is that the system reuses the existing active run reference rather than creating a second active run. “Normal conditions” exclude infrastructure outages (e.g., database unavailable) that prevent either run creation or dedupe evaluation.
 - **SC-004**: No secrets/tokens/credentials/PII appear in persisted failures or notifications (verified by tests).
diff --git a/specs/054-unify-runs-suitewide/tasks.md b/specs/054-unify-runs-suitewide/tasks.md
index fd8b909..41f51b7 100644
--- a/specs/054-unify-runs-suitewide/tasks.md
+++ b/specs/054-unify-runs-suitewide/tasks.md
@@ -1,64 +1,209 @@
-# Tasks: Unified Operations Runs Suitewide
+---
+description: "Task list for feature implementation"
+---
 
-**Feature**: `054-unify-runs-suitewide`
-**Spec**: `specs/054-unify-runs-suitewide/spec.md`
+# Tasks: Unified Operations Runs Suitewide (054)
 
-## Phase 1: Foundation (DB & Service)
+**Input**: Design documents from `/Users/ahmeddarrazi/Documents/projects/TenantAtlas/specs/054-unify-runs-suitewide/`  
+**Prerequisites**: `specs/054-unify-runs-suitewide/plan.md`, `specs/054-unify-runs-suitewide/spec.md`, `specs/054-unify-runs-suitewide/data-model.md`, `specs/054-unify-runs-suitewide/research.md`, `specs/054-unify-runs-suitewide/quickstart.md`, `specs/054-unify-runs-suitewide/contracts/`
 
-- [ ] **Migration**: Create `operation_runs` table with partial unique index on `(tenant_id, run_identity_hash)` where status in `queued, running`.
-- [ ] **Model**: Create `OperationRun` model with casts (JSONB for summaries/context), relationship to `Tenant` and `User`.
-- [ ] **Service**: Implement `OperationRunService::ensureRun()` (idempotent creation) and `updateRun()` methods.
-- [ ] **Test**: Feature test for `ensureRun` verifying idempotency (same hash = same run) and concurrency safety (simulated).
-- [ ] **Test**: Feature test for `updateRun` verifying status transitions and history logging (if any).
-- [ ] **Job Middleware**: Create `TrackOperationRun` middleware to automatically handle job success/failure updates for jobs using this system.
-- [ ] **Retention**: Create a daily scheduled job to prune `operation_runs` older than 90 days.
+**Tests**: Required (Pest) for runtime behavior changes.  
+**Operations**: Long-running/queued/remote/scheduled actions MUST create/reuse a canonical `OperationRun` and link to Monitoring → Operations. Monitoring pages MUST be DB-only at render time (no remote calls).
 
-## Phase 2: Monitoring UI (Read-Only)
+## Format: `[ID] [P?] [Story?] Description`
 
-- [ ] **Page**: Create Filament Page `Monitoring/Operations` (List) strictly scoped to current tenant.
-- [ ] **Table**: Implement `OperationRun` table with columns: Status (Badge), Operation Type, Initiator, Started At, Duration, Outcome.
-- [ ] **Filters**: Add table filters for `Type`, `Outcome`, `Date Range`, `Initiator`.
-- [ ] **Detail View**: Create "View Run" modal or separate page showing:
-    - Summary counts (Success/Fail/Total)
-    - Failure list (Sanitized codes/messages)
-    - Context JSON (Debug info)
-    - Timeline (Created/Started/Finished)
-- [ ] **Test**: Livewire test verifying `Readonly` users can see table but no actions.
-- [ ] **Test**: Verify cross-tenant access is blocked.
+- **[P]**: Can run in parallel (different files, no blocking dependencies)
+- **[Story]**: User story label (e.g., `[US1]`, `[US2]`, `[US3]`) — REQUIRED for story phases only
+- Each task includes at least one concrete file path
 
-## Phase 3: Producer Migration (Parallel Write)
+## Path Conventions (Laravel Monolith)
 
-### Inventory Sync (`inventory.sync`)
-- [ ] **Refactor**: Update `RunInventorySyncJob` dispatch logic to call `OperationRunService::ensureRun()` first.
-- [ ] **Refactor**: Update Job to use `TrackOperationRun` middleware (or manual updates) to sync status to `operation_runs`.
-- [ ] **Verify**: Ensure legacy `inventory_sync_runs` is still written to (if legacy UI depends on it) OR confirm legacy UI is replaced. *Decision: Parallel write as per spec.*
+- Source: `app/`, `routes/`, `resources/`, `config/`, `database/`
+- Tests: `tests/Feature/`, `tests/Unit/`
 
-### Policy Sync (`policy.sync`)
-- [ ] **Refactor**: Update Policy Sync start logic to use `OperationRunService`.
-- [ ] **Refactor**: Instrument Policy Sync job to update `operation_runs`.
+---
 
-### Directory Groups Sync (`directory_groups.sync`)
-- [ ] **Refactor**: Update Group Sync start logic to use `OperationRunService`.
-- [ ] **Refactor**: Instrument Group Sync job to update `operation_runs`.
+## Phase 1: Setup (Spec + Contract Alignment)
 
-### Drift Generation (`drift.generate`)
-- [ ] **Refactor**: Update Drift Generation start logic to use `OperationRunService`.
-- [ ] **Refactor**: Instrument Drift job to update `operation_runs`.
+**Purpose**: Resolve ambiguity before implementation starts
 
-### Backup Set (`backup_set.add_policies`)
-- [ ] **Refactor**: Update "Add Policies" action to use `OperationRunService`.
+- [x] T001 Validate Phase 1 run type set is consistent (adoption set + FR-003 + identity rules) in `specs/054-unify-runs-suitewide/spec.md`
+- [x] T002 Validate Monitoring Operations routes match Filament surface + OpenAPI contract in `specs/054-unify-runs-suitewide/contracts/routes.md` and `specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml`
+- [x] T003 Validate `OperationRunService` contract + quickstart usage examples align with intended API in `specs/054-unify-runs-suitewide/contracts/service_interface.md` and `specs/054-unify-runs-suitewide/quickstart.md`
+- [x] T004 Confirm FR-019 (Audit-only) is out-of-scope for 054 unless an audit-only action is touched; if touched, add AuditLog implementation + tests per `specs/054-unify-runs-suitewide/spec.md` in `specs/054-unify-runs-suitewide/tasks.md`
 
-## Phase 4: Restore Adapter
+---
 
-- [ ] **Listener**: Create `SyncRestoreRunToOperation` listener observing `RestoreRun` events (`created`, `updated`).
-- [ ] **Logic**: Map `RestoreRun` status/outcomes to `OperationRun` schema.
-    - `RestoreRun` created -> `OperationRun` created (queued/running).
-    - `RestoreRun` updated -> `OperationRun` updated.
-- [ ] **Context**: Store `{"restore_run_id": <id>}` in `OperationRun.context`.
-- [ ] **Test**: Verify creating a `RestoreRun` automatically spawns a shadow `OperationRun`.
+## Phase 2: Foundational (Canonical Run Primitive)
 
-## Phase 5: Notifications & Polish
+**Purpose**: Core infrastructure that MUST be complete before ANY user story can be implemented
+
+- [x] T005 Create `operation_runs` migration (columns + indexes + partial unique index) in `database/migrations/*_create_operation_runs_table.php`
+- [x] T006 Create `OperationRun` Eloquent model (casts + relationships + helpers) in `app/Models/OperationRun.php`
+- [x] T007 [P] Add `OperationRunStatus` enum in `app/Support/OperationRunStatus.php`
+- [x] T008 [P] Add `OperationRunOutcome` enum (stored tokens vs UI labels; `cancelled` reserved) in `app/Support/OperationRunOutcome.php`
+- [x] T009 [P] Add `OperationRunType` enum (Phase 1 run types) in `app/Support/OperationRunType.php`
+- [x] T010 [P] Add `OperationRunFactory` for tests in `database/factories/OperationRunFactory.php`
+- [x] T011 Implement idempotent create/reuse + lifecycle updates + failure sanitization in `app/Services/OperationRunService.php` (depends on T005–T010)
+- [x] T012 Centralize “View run” + deep links in `app/Support/OperationRunLinks.php` (depends on T011)
+- [x] T013 [P] Implement tenant-scoped authorization policy in `app/Policies/OperationRunPolicy.php`
+- [x] T014 Register `OperationRun` policy with Gate in `app/Providers/AppServiceProvider.php`
+- [x] T015 Implement job middleware lifecycle tracking in `app/Jobs/Middleware/TrackOperationRun.php` (depends on T011)
+- [x] T016 Implement 90-day retention pruning job in `app/Jobs/PruneOldOperationRunsJob.php`
+- [x] T017 Schedule pruning job daily with non-overlapping lock (`withoutOverlapping` or equivalent cache lock) in `routes/console.php`
+- [x] T018 Add scheduled pruning non-overlap regression test (if feasible) in `tests/Feature/Scheduling/PruneOldOperationRunsScheduleTest.php`
+- [x] T019 Add `OperationRunService` tests (hash stability, idempotency, unique-index race, sanitization) in `tests/Feature/OperationRunServiceTest.php`
+- [x] T020 Add `TrackOperationRun` middleware lifecycle tests in `tests/Feature/TrackOperationRunMiddlewareTest.php`
+
+---
+
+## Phase 3: User Story 1 - See Every Supported Operation in Monitoring (Priority: P1)
+
+**Goal**: Monitoring → Operations shows all canonical runs (tenant-scoped) with list + detail, filters, and safe failures.
+
+**Independent Test**: Trigger at least one run of each Phase 1 run producer, then verify list/detail in Monitoring render DB-only and are tenant-scoped per `specs/054-unify-runs-suitewide/spec.md`.
+
+### Tests for User Story 1
+
+- [x] T021 [US1] Add Monitoring list/detail authorization + tenant isolation tests in `tests/Feature/MonitoringOperationsTest.php`
+- [x] T022 [P] [US1] Add Monitoring DB-only render test (mock Graph client; assert never called) in `tests/Feature/MonitoringOperationsTest.php`
+- [x] T023 [P] [US1] Add restore adapter visibility tests (created/visible from `previewed` onward; `previewed` maps to `queued/pending`) in `tests/Feature/RestoreAdapterTest.php`
+
+### Implementation for User Story 1
+
+- [x] T024 [US1] Create Filament Monitoring resource (list + view-only) in `app/Filament/Resources/OperationRunResource.php`
+- [x] T025 [US1] Implement list columns + default sort + default last-30-days window in `app/Filament/Resources/OperationRunResource.php`
+- [x] T026 [US1] Implement list filters (type, state bucket, time range, initiator) in `app/Filament/Resources/OperationRunResource.php`
+- [x] T027 [US1] Implement run detail view (meta, summary_counts, failures, context, links) in `app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php`
+- [x] T028 [US1] Implement related links for each Phase 1 run type in `app/Support/OperationRunLinks.php`
+- [x] T029 [US1] Implement RestoreRun → OperationRun adapter create/update (from `previewed` onward; `previewed` maps to `status=queued`, `outcome=pending`) in `app/Listeners/SyncRestoreRunToOperationRun.php`
+- [x] T030 [US1] Wire RestoreRun lifecycle events to adapter in `app/Observers/RestoreRunObserver.php`
+- [x] T031 [US1] Register RestoreRun observer in `app/Providers/AppServiceProvider.php`
+
+---
+
+## Phase 4: User Story 2 - Start Operations Without Blocking (Priority: P2)
+
+**Goal**: Start surfaces are enqueue-only, return immediate confirmation + “View run”, and jobs update canonical run lifecycle.
+
+**Independent Test**: Start each Phase 1 operation from its owning UI and confirm the request returns quickly, includes “View run”, and the run progresses queued → running → terminal outcome.
+
+### Tests for User Story 2
+
+- [x] T032 [P] [US2] Add Inventory “Sync now” start-surface tests in `tests/Feature/Inventory/InventorySyncStartSurfaceTest.php`
+- [x] T033 [P] [US2] Add Policies “Sync now” start-surface tests in `tests/Feature/PolicySyncStartSurfaceTest.php`
+- [x] T034 [P] [US2] Add Directory Groups “Sync groups” start-surface tests in `tests/Feature/DirectoryGroups/StartSyncFromGroupsPageTest.php`
+- [x] T035 [P] [US2] Add Drift “Generate drift” start-surface tests in `tests/Feature/Drift/DriftGenerationDispatchTest.php`
+- [x] T036 [P] [US2] Add Backup Set “Add policies” start-surface tests in `tests/Feature/BackupSets/AddPoliciesStartSurfaceTest.php`
+- [x] T037 [P] [US2] Add Backup Schedule “Run now/Retry” start-surface tests in `tests/Feature/BackupScheduling/RunNowRetryActionsTest.php`
+- [x] T067 [P] [US2] Add Backup Set “Remove policies” (row + bulk) start-surface tests in `tests/Feature/BackupSets/RemovePoliciesStartSurfaceTest.php` and `tests/Feature/Filament/BackupItemsBulkRemoveTest.php`
+- [x] T038 [P] [US2] Add “queued + terminal” notification tests (initiator only; safe content) in `tests/Feature/Notifications/OperationRunNotificationTest.php`
+
+### Implementation for User Story 2
+
+- [x] T039 [P] [US2] Refactor Inventory “Sync now” to ensure run + dispatch + “View run” in `app/Filament/Pages/InventoryLanding.php`
+- [x] T040 [P] [US2] Refactor Policies “Sync now” to ensure run + dispatch + “View run” in `app/Filament/Resources/PolicyResource/Pages/ListPolicies.php`
+- [x] T041 [P] [US2] Refactor Directory Groups “Sync groups” to ensure run + dispatch + “View run” in `app/Filament/Resources/EntraGroupResource/Pages/ListEntraGroups.php`
+- [x] T042 [P] [US2] Refactor Drift “Generate drift” (manual + auto-on-open) to ensure run + dispatch + “View run” in `app/Filament/Pages/DriftLanding.php`
+- [x] T043 [P] [US2] Refactor Backup Set “Add policies” Livewire action to ensure run + dispatch + “View run” in `app/Livewire/BackupSetPolicyPickerTable.php`
+- [x] T044 [P] [US2] Refactor Backup Schedule “Run now/Retry” actions to ensure run + dispatch + “View run” in `app/Filament/Resources/BackupScheduleResource.php`
+- [x] T068 [P] [US2] Refactor Backup Set “Remove policies” actions (row + bulk) to ensure run + dispatch + “View run” in `app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php` and `app/Jobs/RemovePoliciesFromBackupSetJob.php`
+- [x] T045 [P] [US2] Instrument inventory sync job run lifecycle + summary/failures in `app/Jobs/RunInventorySyncJob.php`
+- [x] T046 [P] [US2] Instrument policy sync job run lifecycle + summary/failures in `app/Jobs/SyncPoliciesJob.php`
+- [x] T047 [P] [US2] Instrument groups sync job run lifecycle + summary/failures in `app/Jobs/EntraGroupSyncJob.php`
+- [x] T048 [P] [US2] Instrument drift generation job run lifecycle + summary/failures in `app/Jobs/GenerateDriftFindingsJob.php`
+- [x] T049 [P] [US2] Instrument backup set “add policies” job run lifecycle + summary/failures in `app/Jobs/AddPoliciesToBackupSetJob.php`
+- [x] T050 [P] [US2] Instrument backup schedule job run lifecycle + summary/failures in `app/Jobs/RunBackupScheduleJob.php`
+- [x] T051 [US2] Implement queued notification (after successful dispatch) in `app/Notifications/OperationRunQueued.php`
+- [x] T052 [US2] Implement terminal outcome notification (succeeded/partial/failed) in `app/Notifications/OperationRunCompleted.php`
+- [x] T053 [US2] Emit notifications from canonical lifecycle updates (initiator only) in `app/Services/OperationRunService.php`
+- [x] T054 [US2] Handle queue dispatch failures (fail fast; no misleading queued runs) in `app/Services/OperationRunService.php`
+
+---
+
+## Phase 5: User Story 3 - Duplicate Starts Reuse the Same Active Run (Priority: P3)
+
+**Goal**: Duplicate starts reuse the same active run (dedupe), enforced at DB level and validated by tests.
+
+**Independent Test**: Start the same operation twice with identical effective inputs while the first is queued/running and verify the system reuses the active run.
+
+### Tests for User Story 3
+
+- [x] T055 [US3] Add service-level dedupe + race-collision tests in `tests/Feature/OperationRunServiceTest.php`
+- [x] T056 [US3] Add end-to-end “reuse active run” test for at least one producer in `tests/Feature/PolicySyncStartSurfaceTest.php`
+
+### Implementation for User Story 3
+
+- [x] T057 [US3] Normalize identity inputs before hashing (stable JSON; ignore initiator) in `app/Services/OperationRunService.php`
+- [x] T058 [P] [US3] Ensure `inventory.sync` identity inputs follow FR-010 in `app/Filament/Pages/InventoryLanding.php`
+- [x] T059 [P] [US3] Ensure `policy.sync` identity inputs follow FR-010 in `app/Filament/Resources/PolicyResource/Pages/ListPolicies.php`
+- [x] T060 [P] [US3] Ensure `directory_groups.sync` identity inputs follow FR-010 in `app/Filament/Resources/EntraGroupResource/Pages/ListEntraGroups.php`
+- [x] T061 [P] [US3] Ensure `drift.generate` identity inputs follow FR-010 in `app/Filament/Pages/DriftLanding.php`
+- [x] T062 [P] [US3] Ensure `backup_set.add_policies` identity inputs follow FR-010 in `app/Livewire/BackupSetPolicyPickerTable.php`
+- [x] T063 [P] [US3] Ensure `backup_schedule.run_now`/`backup_schedule.retry` identity inputs follow FR-010 in `app/Filament/Resources/BackupScheduleResource.php`
+
+---
+
+## Phase 6: Polish & Cross-Cutting Concerns
+
+- [x] T064 [P] Run formatter on changed files via `./vendor/bin/pint --dirty`
+- [x] T065 Run targeted tests for this feature via `./vendor/bin/sail artisan test tests/Feature/MonitoringOperationsTest.php`
+- [x] T066 Run quickstart scenarios and update docs if needed in `specs/054-unify-runs-suitewide/quickstart.md`
+
+---
+
+## Dependencies & Execution Order
+
+### Phase Dependencies
+
+- Setup (Phase 1) → blocks Foundational
+- Foundational (Phase 2) → blocks US1/US2/US3
+- US1/US2/US3 can proceed after Phase 2 (parallel if staffed, or sequential P1 → P2 → P3)
+- Polish (Phase 6) depends on the desired user stories being complete
+
+### User Story Dependencies (Graph)
+
+```text
+Foundational
+  ├─ US1 (Monitoring UI)
+  ├─ US2 (Start surfaces + lifecycle + notifications)
+  └─ US3 (Dedupe + identity + race handling)
+```
+
+---
+
+## Parallel Execution Examples
+
+After Phase 2, these can run in parallel (different files/modules):
+
+### US1 (Monitoring UI)
+
+- `T023` (restore adapter tests) + `T024` (resource scaffold) + `T029` (restore adapter listener)
+
+### US2 (Start surfaces + lifecycle + notifications)
+
+- Tests: `T032`–`T038`
+- Producers/start surfaces: `T039`–`T044`
+- Workers/job instrumentation: `T045`–`T050`
+- Notification classes: `T051` + `T052`
+
+### US3 (Dedupe + identity + race handling)
+
+- Identity review per producer: `T058`–`T063`
+
+---
+
+## Implementation Strategy
+
+### MVP First (US1 Only)
+
+1. Complete Phase 1–2 (canonical run primitive)
+2. Complete US1 (Monitoring list/detail + tenant isolation)
+3. Validate Monitoring renders DB-only and is tenant-scoped
+
+### Incremental Delivery
+
+1. Add US2 producers/workers + notifications
+2. Add US3 dedupe + race validation
+3. Polish (formatting, targeted tests, quickstart validation)
 
-- [ ] **Notifications**: Implement Database Notifications for "Run Started" (with link) and "Run Completed" (with outcome).
-- [ ] **Frontend**: Ensure "View Run" link in Toast notifications correctly opens the Monitoring Detail view.
-- [ ] **Final Verify**: Run through the `requirements.md` checklist manually.
\ No newline at end of file
diff --git a/tests/Feature/BackupScheduling/RunBackupScheduleJobTest.php b/tests/Feature/BackupScheduling/RunBackupScheduleJobTest.php
index b6e1af6..2157638 100644
--- a/tests/Feature/BackupScheduling/RunBackupScheduleJobTest.php
+++ b/tests/Feature/BackupScheduling/RunBackupScheduleJobTest.php
@@ -7,6 +7,7 @@
 use App\Services\BulkOperationService;
 use App\Services\Intune\BackupService;
 use App\Services\Intune\PolicySyncService;
+use App\Services\OperationRunService;
 use Carbon\CarbonImmutable;
 use Illuminate\Support\Facades\Cache;
 
@@ -37,6 +38,170 @@
         'status' => BackupScheduleRun::STATUS_RUNNING,
     ]);
 
+    /** @var OperationRunService $operationRunService */
+    $operationRunService = app(OperationRunService::class);
+    $operationRun = $operationRunService->ensureRun(
+        tenant: $tenant,
+        type: 'backup_schedule.run_now',
+        inputs: ['backup_schedule_id' => (int) $schedule->id],
+        initiator: $user,
+    );
+
+    app()->bind(PolicySyncService::class, fn () => new class extends PolicySyncService
+    {
+        public function __construct() {}
+
+        public function syncPoliciesWithReport($tenant, ?array $supportedTypes = null): array
+        {
+            return ['synced' => [], 'failures' => []];
+        }
+    });
+
+    $backupSet = BackupSet::factory()->create([
+        'tenant_id' => $tenant->id,
+        'status' => 'completed',
+        'item_count' => 0,
+    ]);
+
+    app()->bind(BackupService::class, fn () => new class($backupSet) extends BackupService
+    {
+        public function __construct(private readonly BackupSet $backupSet) {}
+
+        public function createBackupSet($tenant, $policyIds, ?string $actorEmail = null, ?string $actorName = null, ?string $name = null, bool $includeAssignments = false, bool $includeScopeTags = false, bool $includeFoundations = false): BackupSet
+        {
+            return $this->backupSet;
+        }
+    });
+
+    Cache::flush();
+
+    (new RunBackupScheduleJob($run->id, null, $operationRun))->handle(
+        app(PolicySyncService::class),
+        app(BackupService::class),
+        app(\App\Services\BackupScheduling\PolicyTypeResolver::class),
+        app(\App\Services\BackupScheduling\ScheduleTimeService::class),
+        app(\App\Services\Intune\AuditLogger::class),
+        app(\App\Services\BackupScheduling\RunErrorMapper::class),
+        app(BulkOperationService::class),
+    );
+
+    $run->refresh();
+    expect($run->status)->toBe(BackupScheduleRun::STATUS_SUCCESS);
+    expect($run->backup_set_id)->toBe($backupSet->id);
+
+    $operationRun->refresh();
+    expect($operationRun->status)->toBe('completed');
+    expect($operationRun->outcome)->toBe('succeeded');
+    expect($operationRun->summary_counts)->toMatchArray([
+        'backup_schedule_id' => (int) $schedule->id,
+        'backup_schedule_run_id' => (int) $run->id,
+        'backup_set_id' => (int) $backupSet->id,
+    ]);
+});
+
+it('skips runs when all policy types are unknown', function () {
+    CarbonImmutable::setTestNow(CarbonImmutable::create(2026, 1, 5, 10, 0, 30, 'UTC'));
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $schedule = BackupSchedule::query()->create([
+        'tenant_id' => $tenant->id,
+        'name' => 'Daily 10:00',
+        'is_enabled' => true,
+        'timezone' => 'UTC',
+        'frequency' => 'daily',
+        'time_of_day' => '10:00:00',
+        'days_of_week' => null,
+        'policy_types' => ['definitelyNotARealPolicyType'],
+        'include_foundations' => true,
+        'retention_keep_last' => 30,
+        'next_run_at' => null,
+    ]);
+
+    $run = BackupScheduleRun::query()->create([
+        'backup_schedule_id' => $schedule->id,
+        'tenant_id' => $tenant->id,
+        'scheduled_for' => CarbonImmutable::now('UTC')->startOfMinute(),
+        'status' => BackupScheduleRun::STATUS_RUNNING,
+    ]);
+
+    Cache::flush();
+
+    /** @var OperationRunService $operationRunService */
+    $operationRunService = app(OperationRunService::class);
+    $operationRun = $operationRunService->ensureRun(
+        tenant: $tenant,
+        type: 'backup_schedule.run_now',
+        inputs: ['backup_schedule_id' => (int) $schedule->id],
+        initiator: $user,
+    );
+
+    (new RunBackupScheduleJob($run->id, null, $operationRun))->handle(
+        app(PolicySyncService::class),
+        app(BackupService::class),
+        app(\App\Services\BackupScheduling\PolicyTypeResolver::class),
+        app(\App\Services\BackupScheduling\ScheduleTimeService::class),
+        app(\App\Services\Intune\AuditLogger::class),
+        app(\App\Services\BackupScheduling\RunErrorMapper::class),
+        app(BulkOperationService::class),
+    );
+
+    $run->refresh();
+    expect($run->status)->toBe(BackupScheduleRun::STATUS_SKIPPED);
+    expect($run->error_code)->toBe('UNKNOWN_POLICY_TYPE');
+    expect($run->backup_set_id)->toBeNull();
+
+    $operationRun->refresh();
+    expect($operationRun->status)->toBe('completed');
+    expect($operationRun->outcome)->toBe('failed');
+    expect($operationRun->failure_summary)->toMatchArray([
+        ['code' => 'unknown_policy_type', 'message' => $run->error_message],
+    ]);
+});
+
+it('updates the operation run based on the backup schedule run id when not passed into the job', function () {
+    CarbonImmutable::setTestNow(CarbonImmutable::create(2026, 1, 5, 10, 0, 30, 'UTC'));
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $schedule = BackupSchedule::query()->create([
+        'tenant_id' => $tenant->id,
+        'name' => 'Daily 10:00',
+        'is_enabled' => true,
+        'timezone' => 'UTC',
+        'frequency' => 'daily',
+        'time_of_day' => '10:00:00',
+        'days_of_week' => null,
+        'policy_types' => ['deviceConfiguration'],
+        'include_foundations' => true,
+        'retention_keep_last' => 30,
+        'next_run_at' => null,
+    ]);
+
+    $run = BackupScheduleRun::query()->create([
+        'backup_schedule_id' => $schedule->id,
+        'tenant_id' => $tenant->id,
+        'scheduled_for' => CarbonImmutable::now('UTC')->startOfMinute(),
+        'status' => BackupScheduleRun::STATUS_RUNNING,
+    ]);
+
+    /** @var OperationRunService $operationRunService */
+    $operationRunService = app(OperationRunService::class);
+    $operationRun = $operationRunService->ensureRun(
+        tenant: $tenant,
+        type: 'backup_schedule.run_now',
+        inputs: ['backup_schedule_id' => (int) $schedule->id],
+        initiator: $user,
+    );
+
+    $operationRun->update([
+        'context' => array_merge($operationRun->context ?? [], [
+            'backup_schedule_run_id' => (int) $run->getKey(),
+        ]),
+    ]);
+
     app()->bind(PolicySyncService::class, fn () => new class extends PolicySyncService
     {
         public function __construct() {}
@@ -75,52 +240,12 @@ public function createBackupSet($tenant, $policyIds, ?string $actorEmail = null,
         app(BulkOperationService::class),
     );
 
-    $run->refresh();
-    expect($run->status)->toBe(BackupScheduleRun::STATUS_SUCCESS);
-    expect($run->backup_set_id)->toBe($backupSet->id);
-});
-
-it('skips runs when all policy types are unknown', function () {
-    CarbonImmutable::setTestNow(CarbonImmutable::create(2026, 1, 5, 10, 0, 30, 'UTC'));
-
-    [$user, $tenant] = createUserWithTenant(role: 'owner');
-    $this->actingAs($user);
-
-    $schedule = BackupSchedule::query()->create([
-        'tenant_id' => $tenant->id,
-        'name' => 'Daily 10:00',
-        'is_enabled' => true,
-        'timezone' => 'UTC',
-        'frequency' => 'daily',
-        'time_of_day' => '10:00:00',
-        'days_of_week' => null,
-        'policy_types' => ['definitelyNotARealPolicyType'],
-        'include_foundations' => true,
-        'retention_keep_last' => 30,
-        'next_run_at' => null,
+    $operationRun->refresh();
+    expect($operationRun->status)->toBe('completed');
+    expect($operationRun->outcome)->toBe('succeeded');
+    expect($operationRun->summary_counts)->toMatchArray([
+        'backup_schedule_id' => (int) $schedule->id,
+        'backup_schedule_run_id' => (int) $run->id,
+        'backup_set_id' => (int) $backupSet->id,
     ]);
-
-    $run = BackupScheduleRun::query()->create([
-        'backup_schedule_id' => $schedule->id,
-        'tenant_id' => $tenant->id,
-        'scheduled_for' => CarbonImmutable::now('UTC')->startOfMinute(),
-        'status' => BackupScheduleRun::STATUS_RUNNING,
-    ]);
-
-    Cache::flush();
-
-    (new RunBackupScheduleJob($run->id))->handle(
-        app(PolicySyncService::class),
-        app(BackupService::class),
-        app(\App\Services\BackupScheduling\PolicyTypeResolver::class),
-        app(\App\Services\BackupScheduling\ScheduleTimeService::class),
-        app(\App\Services\Intune\AuditLogger::class),
-        app(\App\Services\BackupScheduling\RunErrorMapper::class),
-        app(BulkOperationService::class),
-    );
-
-    $run->refresh();
-    expect($run->status)->toBe(BackupScheduleRun::STATUS_SKIPPED);
-    expect($run->error_code)->toBe('UNKNOWN_POLICY_TYPE');
-    expect($run->backup_set_id)->toBeNull();
 });
diff --git a/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php b/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php
index 807fc5b..6e7b808 100644
--- a/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php
+++ b/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php
@@ -5,14 +5,29 @@
 use App\Models\BackupSchedule;
 use App\Models\BackupScheduleRun;
 use App\Models\BulkOperationRun;
+use App\Models\OperationRun;
 use App\Models\User;
+use App\Notifications\OperationRunQueued;
+use App\Services\Graph\GraphClientInterface;
+use App\Support\OperationRunLinks;
 use Carbon\CarbonImmutable;
 use Filament\Facades\Filament;
 use Illuminate\Support\Facades\Queue;
 use Livewire\Livewire;
 
+beforeEach(function () {
+    $this->mock(GraphClientInterface::class, function ($mock): void {
+        $mock->shouldReceive('listPolicies')->never();
+        $mock->shouldReceive('getPolicy')->never();
+        $mock->shouldReceive('getOrganization')->never();
+        $mock->shouldReceive('applyPolicy')->never();
+        $mock->shouldReceive('getServicePrincipalPermissions')->never();
+        $mock->shouldReceive('request')->never();
+    });
+});
+
 test('operator can run now and it persists a database notification', function () {
-    Queue::fake();
+    Queue::fake([RunBackupScheduleJob::class]);
 
     [$user, $tenant] = createUserWithTenant(role: 'operator');
 
@@ -42,6 +57,17 @@
     expect($run)->not->toBeNull();
     expect($run->user_id)->toBe($user->id);
 
+    $operationRun = OperationRun::query()
+        ->where('tenant_id', $tenant->id)
+        ->where('type', 'backup_schedule.run_now')
+        ->first();
+
+    expect($operationRun)->not->toBeNull();
+    expect($operationRun->context)->toMatchArray([
+        'backup_schedule_id' => (int) $schedule->id,
+        'backup_schedule_run_id' => (int) $run->id,
+    ]);
+
     expect(BulkOperationRun::query()
         ->where('tenant_id', $tenant->id)
         ->where('user_id', $user->id)
@@ -50,19 +76,29 @@
         ->count())
         ->toBe(1);
 
-    Queue::assertPushed(RunBackupScheduleJob::class);
+    Queue::assertPushed(RunBackupScheduleJob::class, function (RunBackupScheduleJob $job) use ($run, $operationRun): bool {
+        return $job->backupScheduleRunId === (int) $run->id
+            && $job->operationRun instanceof OperationRun
+            && $job->operationRun->is($operationRun);
+    });
 
     $this->assertDatabaseCount('notifications', 1);
     $this->assertDatabaseHas('notifications', [
         'notifiable_id' => $user->id,
         'notifiable_type' => User::class,
+        'type' => OperationRunQueued::class,
         'data->format' => 'filament',
-        'data->title' => 'Run dispatched',
+        'data->title' => 'Operation queued',
     ]);
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($operationRun, $tenant));
 });
 
 test('operator can retry and it persists a database notification', function () {
-    Queue::fake();
+    Queue::fake([RunBackupScheduleJob::class]);
 
     [$user, $tenant] = createUserWithTenant(role: 'operator');
 
@@ -92,6 +128,17 @@
     expect($run)->not->toBeNull();
     expect($run->user_id)->toBe($user->id);
 
+    $operationRun = OperationRun::query()
+        ->where('tenant_id', $tenant->id)
+        ->where('type', 'backup_schedule.retry')
+        ->first();
+
+    expect($operationRun)->not->toBeNull();
+    expect($operationRun->context)->toMatchArray([
+        'backup_schedule_id' => (int) $schedule->id,
+        'backup_schedule_run_id' => (int) $run->id,
+    ]);
+
     expect(BulkOperationRun::query()
         ->where('tenant_id', $tenant->id)
         ->where('user_id', $user->id)
@@ -100,13 +147,24 @@
         ->count())
         ->toBe(1);
 
-    Queue::assertPushed(RunBackupScheduleJob::class);
+    Queue::assertPushed(RunBackupScheduleJob::class, function (RunBackupScheduleJob $job) use ($run, $operationRun): bool {
+        return $job->backupScheduleRunId === (int) $run->id
+            && $job->operationRun instanceof OperationRun
+            && $job->operationRun->is($operationRun);
+    });
     $this->assertDatabaseCount('notifications', 1);
     $this->assertDatabaseHas('notifications', [
         'notifiable_id' => $user->id,
+        'notifiable_type' => User::class,
+        'type' => OperationRunQueued::class,
         'data->format' => 'filament',
-        'data->title' => 'Retry dispatched',
+        'data->title' => 'Operation queued',
     ]);
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($operationRun, $tenant));
 });
 
 test('readonly cannot dispatch run now or retry', function () {
@@ -144,10 +202,16 @@
 
     expect(BackupScheduleRun::query()->where('backup_schedule_id', $schedule->id)->count())
         ->toBe(0);
+
+    expect(OperationRun::query()
+        ->where('tenant_id', $tenant->id)
+        ->whereIn('type', ['backup_schedule.run_now', 'backup_schedule.retry'])
+        ->count())
+        ->toBe(0);
 });
 
 test('operator can bulk run now and it persists a database notification', function () {
-    Queue::fake();
+    Queue::fake([RunBackupScheduleJob::class]);
 
     [$user, $tenant] = createUserWithTenant(role: 'operator');
 
@@ -189,6 +253,12 @@
     expect(BackupScheduleRun::query()->where('backup_schedule_id', $scheduleA->id)->value('user_id'))->toBe($user->id);
     expect(BackupScheduleRun::query()->where('backup_schedule_id', $scheduleB->id)->value('user_id'))->toBe($user->id);
 
+    expect(OperationRun::query()
+        ->where('tenant_id', $tenant->id)
+        ->where('type', 'backup_schedule.run_now')
+        ->count())
+        ->toBe(2);
+
     expect(BulkOperationRun::query()
         ->where('tenant_id', $tenant->id)
         ->where('user_id', $user->id)
@@ -204,10 +274,15 @@
         'data->format' => 'filament',
         'data->title' => 'Runs dispatched',
     ]);
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::index($tenant));
 });
 
 test('operator can bulk retry and it persists a database notification', function () {
-    Queue::fake();
+    Queue::fake([RunBackupScheduleJob::class]);
 
     [$user, $tenant] = createUserWithTenant(role: 'operator');
 
@@ -249,6 +324,12 @@
     expect(BackupScheduleRun::query()->where('backup_schedule_id', $scheduleA->id)->value('user_id'))->toBe($user->id);
     expect(BackupScheduleRun::query()->where('backup_schedule_id', $scheduleB->id)->value('user_id'))->toBe($user->id);
 
+    expect(OperationRun::query()
+        ->where('tenant_id', $tenant->id)
+        ->where('type', 'backup_schedule.retry')
+        ->count())
+        ->toBe(2);
+
     expect(BulkOperationRun::query()
         ->where('tenant_id', $tenant->id)
         ->where('user_id', $user->id)
@@ -264,10 +345,15 @@
         'data->format' => 'filament',
         'data->title' => 'Retries dispatched',
     ]);
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::index($tenant));
 });
 
 test('operator can bulk retry even if a run already exists for this minute', function () {
-    Queue::fake();
+    Queue::fake([RunBackupScheduleJob::class]);
 
     [$user, $tenant] = createUserWithTenant(role: 'operator');
 
diff --git a/tests/Feature/BackupSets/AddPoliciesStartSurfaceTest.php b/tests/Feature/BackupSets/AddPoliciesStartSurfaceTest.php
new file mode 100644
index 0000000..f6c82cd
--- /dev/null
+++ b/tests/Feature/BackupSets/AddPoliciesStartSurfaceTest.php
@@ -0,0 +1,70 @@
+<?php
+
+use App\Jobs\AddPoliciesToBackupSetJob;
+use App\Livewire\BackupSetPolicyPickerTable;
+use App\Models\BackupSet;
+use App\Models\OperationRun;
+use App\Models\Policy;
+use App\Services\Graph\GraphClientInterface;
+use App\Support\OperationRunLinks;
+use Filament\Facades\Filament;
+use Illuminate\Support\Facades\Queue;
+use Livewire\Livewire;
+
+it('enqueues backup set add-policies via canonical operation run (no Graph calls in request)', function () {
+    Queue::fake();
+
+    $this->mock(GraphClientInterface::class, function ($mock): void {
+        $mock->shouldReceive('listPolicies')->never();
+        $mock->shouldReceive('getPolicy')->never();
+        $mock->shouldReceive('getOrganization')->never();
+        $mock->shouldReceive('applyPolicy')->never();
+        $mock->shouldReceive('getServicePrincipalPermissions')->never();
+        $mock->shouldReceive('request')->never();
+    });
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $backupSet = BackupSet::factory()->create([
+        'tenant_id' => $tenant->id,
+        'name' => 'Test backup',
+    ]);
+
+    $policies = Policy::factory()->count(2)->create([
+        'tenant_id' => $tenant->id,
+        'ignored_at' => null,
+        'last_synced_at' => now(),
+    ]);
+
+    Livewire::actingAs($user)
+        ->test(BackupSetPolicyPickerTable::class, [
+            'backupSetId' => $backupSet->id,
+        ])
+        ->callTableBulkAction('add_selected_to_backup_set', $policies)
+        ->assertHasNoTableBulkActionErrors();
+
+    $opRun = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'backup_set.add_policies')
+        ->latest('id')
+        ->first();
+
+    expect($opRun)->not->toBeNull();
+    expect($opRun?->status)->toBe('queued');
+    expect($opRun?->outcome)->toBe('pending');
+    expect($opRun?->context['backup_set_id'] ?? null)->toBe((int) $backupSet->getKey());
+
+    $notifications = session('filament.notifications', []);
+    expect($notifications)->not->toBeEmpty();
+    expect(collect($notifications)->last()['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($opRun, $tenant));
+
+    Queue::assertPushed(AddPoliciesToBackupSetJob::class, function (AddPoliciesToBackupSetJob $job) use ($opRun): bool {
+        return $job->operationRun instanceof OperationRun
+            && (int) $job->operationRun->getKey() === (int) $opRun?->getKey();
+    });
+});
diff --git a/tests/Feature/BackupSets/RemovePoliciesJobNotificationTest.php b/tests/Feature/BackupSets/RemovePoliciesJobNotificationTest.php
new file mode 100644
index 0000000..7ecdb52
--- /dev/null
+++ b/tests/Feature/BackupSets/RemovePoliciesJobNotificationTest.php
@@ -0,0 +1,65 @@
+<?php
+
+use App\Jobs\RemovePoliciesFromBackupSetJob;
+use App\Models\BackupItem;
+use App\Models\BackupSet;
+use App\Models\OperationRun;
+use App\Services\BulkOperationService;
+use App\Services\Intune\AuditLogger;
+use App\Support\OperationRunLinks;
+use Filament\Notifications\DatabaseNotification;
+
+it('remove policies job sends completion notification with view link', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+
+    $backupSet = BackupSet::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'name' => 'Test backup',
+        'item_count' => 0,
+    ]);
+
+    $item = BackupItem::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'backup_set_id' => $backupSet->getKey(),
+    ]);
+
+    $backupSet->update(['item_count' => $backupSet->items()->count()]);
+
+    $opRun = OperationRun::create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'backup_set.remove_policies',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'run_identity_hash' => 'remove-hash-1',
+        'context' => [
+            'backup_set_id' => (int) $backupSet->getKey(),
+            'backup_item_ids' => [(int) $item->getKey()],
+        ],
+    ]);
+
+    $this->mock(AuditLogger::class, function ($mock): void {
+        $mock->shouldReceive('log')->zeroOrMoreTimes();
+    });
+
+    $job = new RemovePoliciesFromBackupSetJob(
+        backupSetId: (int) $backupSet->getKey(),
+        backupItemIds: [(int) $item->getKey()],
+        initiatorUserId: (int) $user->getKey(),
+        operationRun: $opRun,
+    );
+
+    $job->handle(app(AuditLogger::class), app(BulkOperationService::class));
+
+    $this->assertDatabaseHas('notifications', [
+        'notifiable_id' => $user->getKey(),
+        'notifiable_type' => $user->getMorphClass(),
+        'type' => DatabaseNotification::class,
+    ]);
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($opRun, $tenant));
+});
diff --git a/tests/Feature/BackupSets/RemovePoliciesStartSurfaceTest.php b/tests/Feature/BackupSets/RemovePoliciesStartSurfaceTest.php
new file mode 100644
index 0000000..585b93d
--- /dev/null
+++ b/tests/Feature/BackupSets/RemovePoliciesStartSurfaceTest.php
@@ -0,0 +1,60 @@
+<?php
+
+use App\Filament\Resources\BackupSetResource\Pages\EditBackupSet;
+use App\Filament\Resources\BackupSetResource\RelationManagers\BackupItemsRelationManager;
+use App\Jobs\RemovePoliciesFromBackupSetJob;
+use App\Models\BackupItem;
+use App\Models\BackupSet;
+use App\Models\OperationRun;
+use App\Services\Graph\GraphClientInterface;
+use Filament\Facades\Filament;
+use Illuminate\Support\Facades\Queue;
+use Livewire\Livewire;
+
+it('queues a canonical operation run for row remove and does not call Graph during the request', function () {
+    Queue::fake();
+
+    $this->mock(GraphClientInterface::class, function ($mock): void {
+        $mock->shouldReceive('listPolicies')->never();
+        $mock->shouldReceive('getPolicy')->never();
+        $mock->shouldReceive('getOrganization')->never();
+        $mock->shouldReceive('applyPolicy')->never();
+        $mock->shouldReceive('getServicePrincipalPermissions')->never();
+        $mock->shouldReceive('request')->never();
+    });
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $backupSet = BackupSet::factory()->create([
+        'tenant_id' => $tenant->id,
+        'name' => 'Test backup',
+    ]);
+
+    $backupItem = BackupItem::factory()->for($backupSet)->for($tenant)->create();
+
+    Livewire::test(BackupItemsRelationManager::class, [
+        'ownerRecord' => $backupSet,
+        'pageClass' => EditBackupSet::class,
+    ])
+        ->callTableAction('remove', $backupItem);
+
+    Queue::assertPushed(RemovePoliciesFromBackupSetJob::class, function (RemovePoliciesFromBackupSetJob $job) use ($backupSet, $backupItem, $user) {
+        return $job->backupSetId === (int) $backupSet->getKey()
+            && $job->backupItemIds === [(int) $backupItem->getKey()]
+            && $job->initiatorUserId === (int) $user->getKey();
+    });
+
+    $run = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'backup_set.remove_policies')
+        ->latest('id')
+        ->first();
+
+    expect($run)->not->toBeNull();
+    expect($run->status)->toBe('queued');
+    expect($run->context['backup_set_id'] ?? null)->toBe((int) $backupSet->getKey());
+});
diff --git a/tests/Feature/Console/ReconcileBackupScheduleOperationRunsCommandTest.php b/tests/Feature/Console/ReconcileBackupScheduleOperationRunsCommandTest.php
new file mode 100644
index 0000000..105ab0c
--- /dev/null
+++ b/tests/Feature/Console/ReconcileBackupScheduleOperationRunsCommandTest.php
@@ -0,0 +1,88 @@
+<?php
+
+use App\Models\BackupSchedule;
+use App\Models\BackupScheduleRun;
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use Carbon\CarbonImmutable;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+
+uses(RefreshDatabase::class);
+
+it('reconciles completed backup schedule runs into operation runs', function () {
+    $tenant = Tenant::factory()->create();
+
+    $schedule = BackupSchedule::create([
+        'tenant_id' => $tenant->id,
+        'name' => 'Daily',
+        'is_enabled' => true,
+        'timezone' => 'UTC',
+        'frequency' => 'daily',
+        'time_of_day' => '10:00:00',
+        'days_of_week' => null,
+        'policy_types' => ['deviceConfiguration'],
+        'include_foundations' => true,
+        'retention_keep_last' => 30,
+        'last_run_at' => null,
+        'last_run_status' => null,
+        'next_run_at' => null,
+    ]);
+
+    $startedAt = CarbonImmutable::parse('2026-01-01 00:00:00', 'UTC');
+    $finishedAt = CarbonImmutable::parse('2026-01-01 00:00:05', 'UTC');
+
+    $scheduleRun = BackupScheduleRun::create([
+        'backup_schedule_id' => $schedule->id,
+        'tenant_id' => $tenant->id,
+        'scheduled_for' => CarbonImmutable::parse('2026-01-01 00:00:00', 'UTC'),
+        'started_at' => $startedAt,
+        'finished_at' => $finishedAt,
+        'status' => BackupScheduleRun::STATUS_SUCCESS,
+        'summary' => [
+            'policies_total' => 5,
+            'policies_backed_up' => 18,
+            'sync_failures' => [],
+        ],
+        'error_code' => null,
+        'error_message' => null,
+        'backup_set_id' => null,
+    ]);
+
+    $operationRun = OperationRun::create([
+        'tenant_id' => $tenant->id,
+        'user_id' => null,
+        'initiator_name' => 'System',
+        'type' => 'backup_schedule.run_now',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'run_identity_hash' => hash('sha256', 'backup_schedule.run_now|'.$scheduleRun->id),
+        'summary_counts' => [],
+        'failure_summary' => [],
+        'context' => [
+            'backup_schedule_id' => (int) $schedule->id,
+            'backup_schedule_run_id' => (int) $scheduleRun->id,
+        ],
+    ]);
+
+    $this->artisan('tenantpilot:operation-runs:reconcile-backup-schedules', [
+        '--tenant' => [$tenant->id],
+        '--older-than' => 0,
+    ])->assertSuccessful();
+
+    $operationRun->refresh();
+
+    expect($operationRun->status)->toBe('completed');
+    expect($operationRun->outcome)->toBe('succeeded');
+    expect($operationRun->failure_summary)->toBe([]);
+
+    expect($operationRun->started_at?->format('Y-m-d H:i:s'))->toBe($startedAt->format('Y-m-d H:i:s'));
+    expect($operationRun->completed_at?->format('Y-m-d H:i:s'))->toBe($finishedAt->format('Y-m-d H:i:s'));
+
+    expect($operationRun->summary_counts)->toMatchArray([
+        'backup_schedule_id' => (int) $schedule->id,
+        'backup_schedule_run_id' => (int) $scheduleRun->id,
+        'policies_total' => 5,
+        'policies_backed_up' => 18,
+        'sync_failures' => 0,
+    ]);
+});
diff --git a/tests/Feature/DirectoryGroups/StartSyncFromGroupsPageTest.php b/tests/Feature/DirectoryGroups/StartSyncFromGroupsPageTest.php
new file mode 100644
index 0000000..d93ea1b
--- /dev/null
+++ b/tests/Feature/DirectoryGroups/StartSyncFromGroupsPageTest.php
@@ -0,0 +1,72 @@
+<?php
+
+use App\Filament\Resources\EntraGroupResource\Pages\ListEntraGroups;
+use App\Jobs\EntraGroupSyncJob;
+use App\Models\EntraGroupSyncRun;
+use App\Models\OperationRun;
+use App\Services\Graph\GraphClientInterface;
+use Filament\Facades\Filament;
+use Illuminate\Support\Facades\Queue;
+use Livewire\Livewire;
+
+it('enqueues group sync and creates a canonical operation run', function () {
+    Queue::fake();
+
+    $this->mock(GraphClientInterface::class, function ($mock): void {
+        $mock->shouldReceive('listPolicies')->never();
+        $mock->shouldReceive('getPolicy')->never();
+        $mock->shouldReceive('getOrganization')->never();
+        $mock->shouldReceive('applyPolicy')->never();
+        $mock->shouldReceive('getServicePrincipalPermissions')->never();
+        $mock->shouldReceive('request')->never();
+    });
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    Livewire::test(ListEntraGroups::class)
+        ->callAction('sync_groups');
+
+    $run = EntraGroupSyncRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->latest('id')
+        ->first();
+
+    expect($run)->not->toBeNull();
+    expect($run?->status)->toBe(EntraGroupSyncRun::STATUS_PENDING);
+    expect($run?->selection_key)->toBe('groups-v1:all');
+
+    $opRun = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'directory_groups.sync')
+        ->latest('id')
+        ->first();
+
+    expect($opRun)->not->toBeNull();
+    expect($opRun?->status)->toBe('queued');
+
+    Queue::assertPushed(EntraGroupSyncJob::class, function (EntraGroupSyncJob $job) use ($tenant, $run, $opRun): bool {
+        return $job->tenantId === (int) $tenant->getKey()
+            && $job->runId === (int) $run?->getKey()
+            && $job->operationRun instanceof OperationRun
+            && (int) $job->operationRun->getKey() === (int) $opRun?->getKey();
+    });
+});
+
+it('hides group sync start action for readonly users', function () {
+    Queue::fake();
+
+    [$user, $tenant] = createUserWithTenant(role: 'readonly');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    Livewire::test(ListEntraGroups::class)
+        ->assertActionHidden('sync_groups');
+
+    Queue::assertNothingPushed();
+});
diff --git a/tests/Feature/Drift/DriftGenerationDispatchTest.php b/tests/Feature/Drift/DriftGenerationDispatchTest.php
index 5807cc4..5e3f748 100644
--- a/tests/Feature/Drift/DriftGenerationDispatchTest.php
+++ b/tests/Feature/Drift/DriftGenerationDispatchTest.php
@@ -1,16 +1,28 @@
 <?php
 
 use App\Filament\Pages\DriftLanding;
-use App\Filament\Resources\BulkOperationRunResource;
 use App\Jobs\GenerateDriftFindingsJob;
 use App\Models\BulkOperationRun;
 use App\Models\InventorySyncRun;
-use App\Notifications\RunStatusChangedNotification;
+use App\Models\OperationRun;
+use App\Services\Graph\GraphClientInterface;
+use App\Support\OperationRunLinks;
 use App\Support\RunIdempotency;
 use Filament\Facades\Filament;
 use Illuminate\Support\Facades\Queue;
 use Livewire\Livewire;
 
+beforeEach(function () {
+    $this->mock(GraphClientInterface::class, function ($mock): void {
+        $mock->shouldReceive('listPolicies')->never();
+        $mock->shouldReceive('getPolicy')->never();
+        $mock->shouldReceive('getOrganization')->never();
+        $mock->shouldReceive('applyPolicy')->never();
+        $mock->shouldReceive('getServicePrincipalPermissions')->never();
+        $mock->shouldReceive('request')->never();
+    });
+});
+
 test('opening Drift dispatches generation when findings are missing', function () {
     Queue::fake();
 
@@ -61,24 +73,30 @@
         'current_run_id' => (int) $current->getKey(),
     ]);
 
-    $this->assertDatabaseHas('notifications', [
-        'notifiable_id' => $user->getKey(),
-        'notifiable_type' => $user->getMorphClass(),
-        'type' => RunStatusChangedNotification::class,
-    ]);
+    $opRun = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'drift.generate')
+        ->latest('id')
+        ->first();
 
-    $notification = $user->notifications()->latest('id')->first();
-    expect($notification)->not->toBeNull();
-    expect($notification->data['actions'][0]['url'] ?? null)
-        ->toBe(BulkOperationRunResource::getUrl('view', ['record' => $bulkRun->getKey()], tenant: $tenant));
+    expect($opRun)->not->toBeNull();
+    expect($opRun?->status)->toBe('queued');
 
-    Queue::assertPushed(GenerateDriftFindingsJob::class, function (GenerateDriftFindingsJob $job) use ($tenant, $user, $baseline, $current, $scopeKey, $bulkRun): bool {
+    $notifications = session('filament.notifications', []);
+
+    expect($notifications)->not->toBeEmpty();
+    expect(collect($notifications)->last()['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($opRun, $tenant));
+
+    Queue::assertPushed(GenerateDriftFindingsJob::class, function (GenerateDriftFindingsJob $job) use ($tenant, $user, $baseline, $current, $scopeKey, $bulkRun, $opRun): bool {
         return $job->tenantId === (int) $tenant->getKey()
             && $job->userId === (int) $user->getKey()
             && $job->baselineRunId === (int) $baseline->getKey()
             && $job->currentRunId === (int) $current->getKey()
             && $job->scopeKey === $scopeKey
-            && $job->bulkOperationRunId === (int) $bulkRun->getKey();
+            && $job->bulkOperationRunId === (int) $bulkRun->getKey()
+            && $job->operationRun instanceof OperationRun
+            && (int) $job->operationRun->getKey() === (int) $opRun?->getKey();
     });
 });
 
@@ -123,6 +141,11 @@
         ->where('tenant_id', $tenant->getKey())
         ->where('idempotency_key', $idempotencyKey)
         ->count())->toBe(1);
+
+    expect(OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'drift.generate')
+        ->count())->toBe(1);
 });
 
 test('opening Drift does not dispatch generation when fewer than two successful runs exist', function () {
@@ -144,6 +167,7 @@
 
     Queue::assertNothingPushed();
     expect(BulkOperationRun::query()->where('tenant_id', $tenant->getKey())->count())->toBe(0);
+    expect(OperationRun::query()->where('tenant_id', $tenant->getKey())->count())->toBe(0);
 });
 
 test('opening Drift does not dispatch generation for readonly users', function () {
@@ -171,4 +195,5 @@
 
     Queue::assertNothingPushed();
     expect(BulkOperationRun::query()->where('tenant_id', $tenant->getKey())->count())->toBe(0);
+    expect(OperationRun::query()->where('tenant_id', $tenant->getKey())->count())->toBe(0);
 });
diff --git a/tests/Feature/Drift/GenerateDriftFindingsJobNotificationTest.php b/tests/Feature/Drift/GenerateDriftFindingsJobNotificationTest.php
index 0100470..4cdf501 100644
--- a/tests/Feature/Drift/GenerateDriftFindingsJobNotificationTest.php
+++ b/tests/Feature/Drift/GenerateDriftFindingsJobNotificationTest.php
@@ -1,12 +1,13 @@
 <?php
 
-use App\Filament\Resources\BulkOperationRunResource;
 use App\Jobs\GenerateDriftFindingsJob;
 use App\Models\BulkOperationRun;
 use App\Models\InventorySyncRun;
-use App\Notifications\RunStatusChangedNotification;
+use App\Models\OperationRun;
 use App\Services\BulkOperationService;
 use App\Services\Drift\DriftFindingGenerator;
+use App\Support\OperationRunLinks;
+use Filament\Notifications\DatabaseNotification;
 use Mockery\MockInterface;
 
 test('drift generation job sends completion notification with view link', function () {
@@ -40,6 +41,21 @@
         'failures' => [],
     ]);
 
+    $opRun = OperationRun::create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'drift.generate',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'run_identity_hash' => 'drift-hash-1',
+        'context' => [
+            'scope_key' => $scopeKey,
+            'baseline_run_id' => (int) $baseline->getKey(),
+            'current_run_id' => (int) $current->getKey(),
+        ],
+    ]);
+
     $this->mock(DriftFindingGenerator::class, function (MockInterface $mock) {
         $mock->shouldReceive('generate')->once()->andReturn(0);
     });
@@ -51,6 +67,7 @@
         currentRunId: (int) $current->getKey(),
         scopeKey: $scopeKey,
         bulkOperationRunId: (int) $run->getKey(),
+        operationRun: $opRun,
     );
 
     $job->handle(app(DriftFindingGenerator::class), app(BulkOperationService::class));
@@ -60,13 +77,13 @@
     $this->assertDatabaseHas('notifications', [
         'notifiable_id' => $user->getKey(),
         'notifiable_type' => $user->getMorphClass(),
-        'type' => RunStatusChangedNotification::class,
+        'type' => DatabaseNotification::class,
     ]);
 
     $notification = $user->notifications()->latest('id')->first();
     expect($notification)->not->toBeNull();
     expect($notification->data['actions'][0]['url'] ?? null)
-        ->toBe(BulkOperationRunResource::getUrl('view', ['record' => $run->getKey()], tenant: $tenant));
+        ->toBe(OperationRunLinks::view($opRun, $tenant));
 });
 
 test('drift generation job sends failure notification with view link', function () {
@@ -100,6 +117,21 @@
         'failures' => [],
     ]);
 
+    $opRun = OperationRun::create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'drift.generate',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'run_identity_hash' => 'drift-hash-2',
+        'context' => [
+            'scope_key' => $scopeKey,
+            'baseline_run_id' => (int) $baseline->getKey(),
+            'current_run_id' => (int) $current->getKey(),
+        ],
+    ]);
+
     $this->mock(DriftFindingGenerator::class, function (MockInterface $mock) {
         $mock->shouldReceive('generate')->once()->andThrow(new RuntimeException('boom'));
     });
@@ -111,6 +143,7 @@
         currentRunId: (int) $current->getKey(),
         scopeKey: $scopeKey,
         bulkOperationRunId: (int) $run->getKey(),
+        operationRun: $opRun,
     );
 
     try {
@@ -133,11 +166,11 @@
     $this->assertDatabaseHas('notifications', [
         'notifiable_id' => $user->getKey(),
         'notifiable_type' => $user->getMorphClass(),
-        'type' => RunStatusChangedNotification::class,
+        'type' => DatabaseNotification::class,
     ]);
 
     $notification = $user->notifications()->latest('id')->first();
     expect($notification)->not->toBeNull();
     expect($notification->data['actions'][0]['url'] ?? null)
-        ->toBe(BulkOperationRunResource::getUrl('view', ['record' => $run->getKey()], tenant: $tenant));
+        ->toBe(OperationRunLinks::view($opRun, $tenant));
 });
diff --git a/tests/Feature/Filament/BackupItemsBulkRemoveTest.php b/tests/Feature/Filament/BackupItemsBulkRemoveTest.php
index a1a0ae6..a2cecee 100644
--- a/tests/Feature/Filament/BackupItemsBulkRemoveTest.php
+++ b/tests/Feature/Filament/BackupItemsBulkRemoveTest.php
@@ -1,21 +1,25 @@
 <?php
 
 use App\Filament\Resources\BackupSetResource\RelationManagers\BackupItemsRelationManager;
+use App\Jobs\RemovePoliciesFromBackupSetJob;
 use App\Models\BackupItem;
 use App\Models\BackupSet;
+use App\Models\OperationRun;
 use App\Models\Policy;
 use App\Models\Tenant;
-use App\Models\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Support\Facades\Queue;
 use Livewire\Livewire;
 
 uses(RefreshDatabase::class);
 
 test('backup items table can bulk remove selected items', function () {
+    Queue::fake();
+
     $tenant = Tenant::factory()->create();
     $tenant->makeCurrent();
 
-    $user = User::factory()->create();
+    [$user] = createUserWithTenant(tenant: $tenant, role: 'owner');
 
     $backupSet = BackupSet::factory()->create([
         'tenant_id' => $tenant->id,
@@ -64,11 +68,21 @@
         ->callTableBulkAction('bulk_remove', collect([$itemA, $itemB]))
         ->assertHasNoTableBulkActionErrors();
 
+    Queue::assertPushed(RemovePoliciesFromBackupSetJob::class);
+
+    $run = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'backup_set.remove_policies')
+        ->latest('id')
+        ->first();
+
+    expect($run)->not->toBeNull();
+    expect($run?->status)->toBe('queued');
+    expect($run?->outcome)->toBe('pending');
+    expect($run?->context['backup_set_id'] ?? null)->toBe((int) $backupSet->getKey());
+
+    // Enqueue-only: deletion happens in the job.
     $backupSet->refresh();
-
-    expect($backupSet->items()->count())->toBe(0);
-    expect($backupSet->item_count)->toBe(0);
-
-    $this->assertSoftDeleted('backup_items', ['id' => $itemA->id]);
-    $this->assertSoftDeleted('backup_items', ['id' => $itemB->id]);
+    expect($backupSet->items()->count())->toBe(2);
+    expect($backupSet->item_count)->toBe(2);
 });
diff --git a/tests/Feature/Inventory/InventorySyncStartSurfaceTest.php b/tests/Feature/Inventory/InventorySyncStartSurfaceTest.php
new file mode 100644
index 0000000..681266a
--- /dev/null
+++ b/tests/Feature/Inventory/InventorySyncStartSurfaceTest.php
@@ -0,0 +1,58 @@
+<?php
+
+use App\Filament\Pages\InventoryLanding;
+use App\Jobs\RunInventorySyncJob;
+use App\Models\OperationRun;
+use App\Services\Graph\GraphClientInterface;
+use App\Services\Inventory\InventorySyncService;
+use App\Support\OperationRunLinks;
+use Filament\Facades\Filament;
+use Illuminate\Support\Facades\Queue;
+use Livewire\Livewire;
+
+it('enqueues inventory sync and creates a canonical operation run without calling Graph in request', function () {
+    Queue::fake();
+
+    $this->mock(GraphClientInterface::class, function ($mock): void {
+        $mock->shouldReceive('listPolicies')->never();
+        $mock->shouldReceive('getPolicy')->never();
+        $mock->shouldReceive('getOrganization')->never();
+        $mock->shouldReceive('applyPolicy')->never();
+        $mock->shouldReceive('getServicePrincipalPermissions')->never();
+        $mock->shouldReceive('request')->never();
+    });
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $sync = app(InventorySyncService::class);
+    $policyTypes = $sync->defaultSelectionPayload()['policy_types'] ?? [];
+
+    Livewire::test(InventoryLanding::class)
+        ->callAction('run_inventory_sync', data: ['policy_types' => $policyTypes]);
+
+    $opRun = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'inventory.sync')
+        ->latest('id')
+        ->first();
+
+    expect($opRun)->not->toBeNull();
+    expect($opRun?->status)->toBe('queued');
+    expect($opRun?->outcome)->toBe('pending');
+
+    $notifications = session('filament.notifications', []);
+    expect($notifications)->not->toBeEmpty();
+    expect(collect($notifications)->last()['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($opRun, $tenant));
+
+    Queue::assertPushed(RunInventorySyncJob::class, function (RunInventorySyncJob $job) use ($tenant, $user, $opRun): bool {
+        return $job->tenantId === (int) $tenant->getKey()
+            && $job->userId === (int) $user->getKey()
+            && $job->operationRun instanceof OperationRun
+            && (int) $job->operationRun->getKey() === (int) $opRun?->getKey();
+    });
+});
diff --git a/tests/Feature/Inventory/RunInventorySyncJobTest.php b/tests/Feature/Inventory/RunInventorySyncJobTest.php
index d560269..b0ed7da 100644
--- a/tests/Feature/Inventory/RunInventorySyncJobTest.php
+++ b/tests/Feature/Inventory/RunInventorySyncJobTest.php
@@ -23,7 +23,7 @@
     $selectionPayload = $sync->defaultSelectionPayload();
     $computed = $sync->normalizeAndHashSelection($selectionPayload);
     $policyTypes = $computed['selection']['policy_types'];
-    $run = $sync->createPendingRunForUser($tenant, $user, $selectionPayload);
+    $run = $sync->createPendingRunForUser($tenant, $user, $computed['selection']);
 
     $bulkRun = app(BulkOperationService::class)->createRun(
         tenant: $tenant,
@@ -52,8 +52,10 @@
     expect($run->finished_at)->not->toBeNull();
 
     expect($bulkRun->status)->toBe('completed');
-    expect($bulkRun->processed_items)->toBe(count($policyTypes));
-    expect($bulkRun->succeeded)->toBe(count($policyTypes));
+    expect($bulkRun->failed)->toBe(0);
+    expect($bulkRun->skipped)->toBe(0);
+    expect($bulkRun->processed_items)->toBeGreaterThan(0);
+    expect($bulkRun->processed_items)->toBe($bulkRun->succeeded);
 });
 
 it('maps skipped inventory sync runs to bulk progress as skipped with reason', function () {
@@ -66,6 +68,8 @@
     $computed = $sync->normalizeAndHashSelection($selectionPayload);
     $policyTypes = $computed['selection']['policy_types'];
 
+    $run->update(['selection_payload' => $computed['selection']]);
+
     $bulkRun = app(BulkOperationService::class)->createRun(
         tenant: $tenant,
         user: $user,
diff --git a/tests/Feature/MonitoringOperationsTest.php b/tests/Feature/MonitoringOperationsTest.php
new file mode 100644
index 0000000..4571262
--- /dev/null
+++ b/tests/Feature/MonitoringOperationsTest.php
@@ -0,0 +1,140 @@
+<?php
+
+use App\Filament\Resources\OperationRunResource;
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Models\User;
+use App\Services\Graph\GraphClientInterface;
+
+it('allows access to monitoring page for tenant members', function () {
+    $tenant = Tenant::factory()->create();
+    $user = User::factory()->create();
+    $tenant->users()->attach($user);
+
+    $run = OperationRun::create([
+        'tenant_id' => $tenant->id,
+        'type' => 'test.run',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'initiator_name' => 'System',
+        'run_identity_hash' => 'hash123',
+    ]);
+
+    $this->actingAs($user)
+        ->get(OperationRunResource::getUrl('index', tenant: $tenant))
+        ->assertSuccessful()
+        ->assertSee('test.run');
+});
+
+it('renders monitoring pages DB-only (never calls Graph)', function () {
+    $tenant = Tenant::factory()->create();
+    $user = User::factory()->create();
+    $tenant->users()->attach($user);
+
+    $run = OperationRun::create([
+        'tenant_id' => $tenant->id,
+        'type' => 'test.run',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'initiator_name' => 'System',
+        'run_identity_hash' => 'hash123',
+    ]);
+
+    $this->mock(GraphClientInterface::class, function ($mock): void {
+        $mock->shouldReceive('listPolicies')->never();
+        $mock->shouldReceive('getPolicy')->never();
+        $mock->shouldReceive('getOrganization')->never();
+        $mock->shouldReceive('applyPolicy')->never();
+        $mock->shouldReceive('getServicePrincipalPermissions')->never();
+        $mock->shouldReceive('request')->never();
+    });
+
+    $this->actingAs($user)
+        ->get(OperationRunResource::getUrl('index', tenant: $tenant))
+        ->assertSuccessful();
+
+    $this->actingAs($user)
+        ->get(OperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant))
+        ->assertSuccessful();
+});
+
+it('shows runs only for current tenant', function () {
+    $tenantA = Tenant::factory()->create();
+    $tenantB = Tenant::factory()->create();
+    $user = User::factory()->create();
+    $tenantA->users()->attach($user);
+
+    // We must simulate being in tenant context
+    $this->actingAs($user);
+    // Filament::setTenant($tenantA); // This is usually handled by middleware on routes, but in Livewire test we might need manual set or route visit.
+
+    // Easier approach: visit the page for tenantA
+
+    OperationRun::create([
+        'tenant_id' => $tenantA->id,
+        'type' => 'tenantA.run',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'initiator_name' => 'System',
+        'run_identity_hash' => 'hashA',
+    ]);
+
+    OperationRun::create([
+        'tenant_id' => $tenantB->id,
+        'type' => 'tenantB.run',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'initiator_name' => 'System',
+        'run_identity_hash' => 'hashB',
+    ]);
+
+    // Livewire::test needs to know the tenant if the component relies on it.
+    // However, the component relies on `Filament::getTenant()`.
+    // The cleanest way is to just GET the page URL, which runs middleware.
+
+    $this->get(OperationRunResource::getUrl('index', tenant: $tenantA))
+        ->assertSee('tenantA.run')
+        ->assertDontSee('tenantB.run');
+});
+
+it('allows readonly users to view operations list and detail', function () {
+    $tenant = Tenant::factory()->create();
+    $user = User::factory()->create();
+    $tenant->users()->attach($user, ['role' => 'readonly']);
+
+    $run = OperationRun::create([
+        'tenant_id' => $tenant->id,
+        'type' => 'test.run',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'initiator_name' => 'System',
+        'run_identity_hash' => 'hash123',
+    ]);
+
+    $this->actingAs($user)
+        ->get(OperationRunResource::getUrl('index', tenant: $tenant))
+        ->assertSuccessful()
+        ->assertSee('test.run');
+
+    $this->actingAs($user)
+        ->get(OperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant))
+        ->assertSuccessful()
+        ->assertSee('test.run');
+});
+
+it('denies access to unauthorized users', function () {
+    $tenant = Tenant::factory()->create();
+    $user = User::factory()->create();
+    // Not attached to tenant
+
+    // In a multitenant app, if you try to access a tenant route you are not part of,
+    // Filament typically returns 404 (Not Found) if it can't find the tenant-user relationship, or 403.
+    // The previous fail said "Received 404". This confirms Filament couldn't find the tenant for this user scope or just hides it.
+    // We should accept 404 or 403.
+
+    $response = $this->actingAs($user)
+        ->get(OperationRunResource::getUrl('index', tenant: $tenant));
+
+    // Allow either 403 or 404 as "Denied"
+    $this->assertTrue(in_array($response->status(), [403, 404]));
+});
diff --git a/tests/Feature/Notifications/OperationRunNotificationTest.php b/tests/Feature/Notifications/OperationRunNotificationTest.php
new file mode 100644
index 0000000..5371c39
--- /dev/null
+++ b/tests/Feature/Notifications/OperationRunNotificationTest.php
@@ -0,0 +1,131 @@
+<?php
+
+use App\Models\OperationRun;
+use App\Notifications\OperationRunCompleted;
+use App\Notifications\OperationRunQueued;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
+use Filament\Facades\Filament;
+
+it('emits a queued notification after successful dispatch (initiator only) with view link', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $service = app(OperationRunService::class);
+    $run = $service->ensureRun(
+        tenant: $tenant,
+        type: 'policy.sync',
+        inputs: ['scope' => 'all'],
+        initiator: $user,
+    );
+
+    $service->dispatchOrFail($run, function (): void {
+        // no-op (dispatch succeeded)
+    });
+
+    $this->assertDatabaseHas('notifications', [
+        'notifiable_id' => $user->getKey(),
+        'notifiable_type' => $user->getMorphClass(),
+        'type' => OperationRunQueued::class,
+        'data->format' => 'filament',
+        'data->title' => 'Operation queued',
+    ]);
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($run, $tenant));
+});
+
+it('does not emit queued notifications for runs without an initiator', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $service = app(OperationRunService::class);
+
+    $run = $service->ensureRun(
+        tenant: $tenant,
+        type: 'policy.sync',
+        inputs: ['scope' => 'all'],
+        initiator: null,
+    );
+
+    $service->dispatchOrFail($run, function (): void {
+        // no-op
+    });
+
+    expect($user->notifications()->count())->toBe(0);
+});
+
+it('emits a terminal notification when an operation run transitions to completed', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $run = OperationRun::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'inventory.sync',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'context' => ['policy_types' => ['deviceConfiguration']],
+    ]);
+
+    $service = app(OperationRunService::class);
+
+    $service->updateRun(
+        $run,
+        status: 'completed',
+        outcome: 'succeeded',
+        summaryCounts: ['observed' => 1],
+        failures: [],
+    );
+
+    $this->assertDatabaseHas('notifications', [
+        'notifiable_id' => $user->getKey(),
+        'notifiable_type' => $user->getMorphClass(),
+        'type' => OperationRunCompleted::class,
+        'data->format' => 'filament',
+        'data->title' => 'Operation completed',
+    ]);
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($run, $tenant));
+});
+
+it('marks a run failed if dispatch throws synchronously', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $service = app(OperationRunService::class);
+
+    $run = $service->ensureRun(
+        tenant: $tenant,
+        type: 'policy.sync',
+        inputs: ['scope' => 'all'],
+        initiator: $user,
+    );
+
+    expect(fn () => $service->dispatchOrFail($run, function (): void {
+        throw new RuntimeException('Queue misconfigured');
+    }))
+        ->toThrow(RuntimeException::class);
+
+    $run->refresh();
+    expect($run->status)->toBe('completed');
+    expect($run->outcome)->toBe('failed');
+});
diff --git a/tests/Feature/OperationRunServiceTest.php b/tests/Feature/OperationRunServiceTest.php
new file mode 100644
index 0000000..998b1eb
--- /dev/null
+++ b/tests/Feature/OperationRunServiceTest.php
@@ -0,0 +1,171 @@
+<?php
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Models\User;
+use App\Services\OperationRunService;
+
+it('creates a new operation run', function () {
+    $tenant = Tenant::factory()->create();
+    $user = User::factory()->create();
+
+    $service = new OperationRunService;
+
+    $run = $service->ensureRun($tenant, 'test.action', ['scope' => 'full'], $user);
+
+    expect($run)->toBeInstanceOf(OperationRun::class);
+
+    $this->assertDatabaseHas('operation_runs', [
+        'id' => $run->getKey(),
+        'tenant_id' => $tenant->getKey(),
+        'type' => 'test.action',
+        'status' => 'queued',
+        'initiator_name' => $user->name,
+    ]);
+});
+
+it('reuses an active run (idempotent)', function () {
+    $tenant = Tenant::factory()->create();
+
+    $service = new OperationRunService;
+
+    $runA = $service->ensureRun($tenant, 'test.action', ['scope' => 'full']);
+    $runB = $service->ensureRun($tenant, 'test.action', ['scope' => 'full']);
+
+    expect($runA->getKey())->toBe($runB->getKey());
+    expect(OperationRun::query()->count())->toBe(1);
+});
+
+it('does not replace the initiator when deduping', function () {
+    $tenant = Tenant::factory()->create();
+    $userA = User::factory()->create();
+    $userB = User::factory()->create();
+
+    $service = new OperationRunService;
+
+    $runA = $service->ensureRun($tenant, 'test.action', ['scope' => 'full'], $userA);
+    $runB = $service->ensureRun($tenant, 'test.action', ['scope' => 'full'], $userB);
+
+    expect($runA->getKey())->toBe($runB->getKey());
+    expect($runB->fresh()?->user_id)->toBe($userA->getKey());
+    expect($runB->fresh()?->initiator_name)->toBe($userA->name);
+});
+
+it('hashes inputs deterministically regardless of key order', function () {
+    $tenant = Tenant::factory()->create();
+    $service = new OperationRunService;
+
+    $runA = $service->ensureRun($tenant, 'test.action', ['b' => 2, 'a' => 1]);
+    $runB = $service->ensureRun($tenant, 'test.action', ['a' => 1, 'b' => 2]);
+
+    expect($runA->getKey())->toBe($runB->getKey());
+});
+
+it('hashes list inputs deterministically regardless of list order', function () {
+    $tenant = Tenant::factory()->create();
+    $service = new OperationRunService;
+
+    $runA = $service->ensureRun($tenant, 'test.action', ['ids' => [2, 1]]);
+    $runB = $service->ensureRun($tenant, 'test.action', ['ids' => [1, 2]]);
+
+    expect($runA->getKey())->toBe($runB->getKey());
+});
+
+it('handles unique-index race collisions by returning the active run', function () {
+    $tenant = Tenant::factory()->create();
+    $service = new OperationRunService;
+
+    $fired = false;
+
+    $dispatcher = OperationRun::getEventDispatcher();
+
+    OperationRun::creating(function (OperationRun $model) use (&$fired): void {
+        if ($fired) {
+            return;
+        }
+
+        $fired = true;
+
+        OperationRun::withoutEvents(function () use ($model): void {
+            OperationRun::query()->create([
+                'tenant_id' => $model->tenant_id,
+                'user_id' => $model->user_id,
+                'initiator_name' => $model->initiator_name,
+                'type' => $model->type,
+                'status' => $model->status,
+                'outcome' => $model->outcome,
+                'run_identity_hash' => $model->run_identity_hash,
+                'context' => $model->context,
+            ]);
+        });
+    });
+
+    try {
+        $run = $service->ensureRun($tenant, 'test.race', ['scope' => 'full']);
+    } finally {
+        OperationRun::flushEventListeners();
+        OperationRun::setEventDispatcher($dispatcher);
+    }
+
+    expect($run)->toBeInstanceOf(OperationRun::class);
+    expect(OperationRun::query()->where('tenant_id', $tenant->getKey())->where('type', 'test.race')->count())
+        ->toBe(1);
+});
+
+it('creates a new run after the previous one completed', function () {
+    $tenant = Tenant::factory()->create();
+
+    $service = new OperationRunService;
+
+    $runA = $service->ensureRun($tenant, 'test.action', ['scope' => 'full']);
+    $runA->update(['status' => 'completed']);
+
+    $runB = $service->ensureRun($tenant, 'test.action', ['scope' => 'full']);
+
+    expect($runA->getKey())->not->toBe($runB->getKey());
+    expect(OperationRun::query()->count())->toBe(2);
+});
+
+it('updates run lifecycle fields and summaries', function () {
+    $tenant = Tenant::factory()->create();
+
+    $service = new OperationRunService;
+
+    $run = $service->ensureRun($tenant, 'test.action', []);
+
+    $service->updateRun($run, 'running');
+
+    $fresh = $run->fresh();
+    expect($fresh?->status)->toBe('running');
+    expect($fresh?->started_at)->not->toBeNull();
+
+    $service->updateRun($run, 'completed', 'succeeded', ['success' => 1]);
+
+    $fresh = $run->fresh();
+    expect($fresh?->status)->toBe('completed');
+    expect($fresh?->outcome)->toBe('succeeded');
+    expect($fresh?->completed_at)->not->toBeNull();
+    expect($fresh?->summary_counts)->toBe(['success' => 1]);
+});
+
+it('sanitizes failure messages and redacts obvious secrets', function () {
+    $tenant = Tenant::factory()->create();
+    $service = new OperationRunService;
+
+    $run = $service->ensureRun($tenant, 'test.action', []);
+
+    try {
+        throw new RuntimeException('Authorization: Bearer abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789');
+    } catch (Throwable $e) {
+        $service->failRun($run, $e);
+    }
+
+    $fresh = $run->fresh();
+    expect($fresh?->status)->toBe('completed');
+    expect($fresh?->outcome)->toBe('failed');
+    expect($fresh?->failure_summary)->toBeArray();
+
+    $message = (string) (($fresh?->failure_summary[0]['message'] ?? ''));
+    expect($message)->not->toContain('abcdefghijklmnopqrstuvwxyz');
+    expect($message)->toContain('[REDACTED]');
+});
diff --git a/tests/Feature/PolicySyncStartSurfaceTest.php b/tests/Feature/PolicySyncStartSurfaceTest.php
new file mode 100644
index 0000000..c457e3e
--- /dev/null
+++ b/tests/Feature/PolicySyncStartSurfaceTest.php
@@ -0,0 +1,181 @@
+<?php
+
+use App\Filament\Resources\PolicyResource\Pages\ListPolicies;
+use App\Jobs\SyncPoliciesJob;
+use App\Models\OperationRun;
+use App\Models\Policy;
+use Filament\Facades\Filament;
+use Illuminate\Support\Facades\Queue;
+use Livewire\Livewire;
+
+it('queues policy sync and creates a canonical operation run (no Graph calls in request)', function () {
+    Queue::fake();
+    bindFailHardGraphClient();
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    Livewire::test(ListPolicies::class)
+        ->mountAction('sync')
+        ->callMountedAction()
+        ->assertHasNoActionErrors();
+
+    $requestedTypes = array_map(
+        static fn (array $typeConfig): string => (string) $typeConfig['type'],
+        config('tenantpilot.supported_policy_types', [])
+    );
+
+    sort($requestedTypes);
+
+    $run = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'policy.sync')
+        ->latest('id')
+        ->first();
+
+    expect($run)->not->toBeNull();
+    expect($run?->status)->toBe('queued');
+    expect($run?->context)->toMatchArray([
+        'scope' => 'all',
+        'types' => $requestedTypes,
+    ]);
+
+    Queue::assertPushed(SyncPoliciesJob::class, function (SyncPoliciesJob $job) use ($tenant, $run, $requestedTypes): bool {
+        return $job->tenantId === (int) $tenant->getKey()
+            && $job->types === $requestedTypes
+            && $job->operationRun instanceof OperationRun
+            && (int) $job->operationRun->getKey() === (int) $run?->getKey();
+    });
+});
+
+it('reuses an active policy sync run and does not enqueue twice', function () {
+    Queue::fake();
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    Livewire::test(ListPolicies::class)
+        ->mountAction('sync')
+        ->callMountedAction();
+
+    Livewire::test(ListPolicies::class)
+        ->mountAction('sync')
+        ->callMountedAction();
+
+    Queue::assertPushed(SyncPoliciesJob::class, 1);
+
+    expect(OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'policy.sync')
+        ->count())->toBe(1);
+});
+
+it('queues row policy sync and creates a canonical operation run (no Graph calls in request)', function () {
+    Queue::fake();
+    bindFailHardGraphClient();
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $policy = Policy::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'ignored_at' => null,
+    ]);
+
+    Livewire::test(ListPolicies::class)
+        ->callTableAction('sync', $policy)
+        ->assertHasNoTableActionErrors();
+
+    $run = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'policy.sync_one')
+        ->latest('id')
+        ->first();
+
+    expect($run)->not->toBeNull();
+    expect($run?->status)->toBe('queued');
+    expect($run?->context)->toMatchArray([
+        'scope' => 'one',
+        'policy_id' => (int) $policy->getKey(),
+    ]);
+
+    Queue::assertPushed(SyncPoliciesJob::class, function (SyncPoliciesJob $job) use ($tenant, $run, $policy): bool {
+        return $job->tenantId === (int) $tenant->getKey()
+            && $job->types === null
+            && $job->policyIds === [(int) $policy->getKey()]
+            && $job->operationRun instanceof OperationRun
+            && (int) $job->operationRun->getKey() === (int) $run?->getKey();
+    });
+});
+
+it('queues bulk policy sync and creates a canonical operation run (no Graph calls in request)', function () {
+    Queue::fake();
+    bindFailHardGraphClient();
+
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    $policies = Policy::factory()->count(2)->create([
+        'tenant_id' => $tenant->getKey(),
+        'ignored_at' => null,
+    ]);
+
+    Livewire::test(ListPolicies::class)
+        ->callTableBulkAction('bulk_sync', $policies)
+        ->assertHasNoTableBulkActionErrors();
+
+    $selectedIds = $policies
+        ->pluck('id')
+        ->map(static fn ($id): int => (int) $id)
+        ->sort()
+        ->values()
+        ->all();
+
+    $run = OperationRun::query()
+        ->where('tenant_id', $tenant->getKey())
+        ->where('type', 'policy.sync')
+        ->latest('id')
+        ->first();
+
+    expect($run)->not->toBeNull();
+    expect($run?->status)->toBe('queued');
+    expect($run?->context)->toMatchArray([
+        'scope' => 'subset',
+        'policy_ids' => $selectedIds,
+    ]);
+
+    Queue::assertPushed(SyncPoliciesJob::class, function (SyncPoliciesJob $job) use ($tenant, $run, $selectedIds): bool {
+        return $job->tenantId === (int) $tenant->getKey()
+            && $job->types === null
+            && $job->policyIds === $selectedIds
+            && $job->operationRun instanceof OperationRun
+            && (int) $job->operationRun->getKey() === (int) $run?->getKey();
+    });
+});
+
+it('hides policy sync start action for readonly users', function () {
+    Queue::fake();
+
+    [$user, $tenant] = createUserWithTenant(role: 'readonly');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    Livewire::test(ListPolicies::class)
+        ->assertActionHidden('sync');
+
+    Queue::assertNothingPushed();
+});
diff --git a/tests/Feature/RestoreAdapterTest.php b/tests/Feature/RestoreAdapterTest.php
new file mode 100644
index 0000000..5fa645f
--- /dev/null
+++ b/tests/Feature/RestoreAdapterTest.php
@@ -0,0 +1,93 @@
+<?php
+
+use App\Models\OperationRun;
+use App\Models\RestoreRun;
+use App\Support\RestoreRunStatus;
+
+it('creates an operation run only from previewed onward', function () {
+    $restoreRun = RestoreRun::factory()->create([
+        'status' => RestoreRunStatus::Checked->value,
+    ]);
+
+    expect(OperationRun::query()
+        ->where('tenant_id', $restoreRun->tenant_id)
+        ->where('type', 'restore.execute')
+        ->count())->toBe(0);
+
+    $restoreRun->update(['status' => RestoreRunStatus::Previewed->value]);
+
+    $opRun = OperationRun::query()
+        ->where('tenant_id', $restoreRun->tenant_id)
+        ->where('type', 'restore.execute')
+        ->latest('id')
+        ->first();
+
+    expect($opRun)->not->toBeNull();
+    expect($opRun?->status)->toBe('queued');
+    expect($opRun?->outcome)->toBe('pending');
+    expect($opRun?->context)->toMatchArray([
+        'restore_run_id' => (int) $restoreRun->getKey(),
+        'backup_set_id' => (int) $restoreRun->backup_set_id,
+        'is_dry_run' => (bool) $restoreRun->is_dry_run,
+    ]);
+});
+
+it('updates the operation run when restore completes', function () {
+    $restoreRun = RestoreRun::factory()->create([
+        'status' => RestoreRunStatus::Previewed->value,
+    ]);
+
+    $opRun = OperationRun::query()
+        ->where('tenant_id', $restoreRun->tenant_id)
+        ->where('type', 'restore.execute')
+        ->latest('id')
+        ->first();
+
+    expect($opRun)->not->toBeNull();
+    expect($opRun?->status)->toBe('queued');
+
+    $restoreRun->update([
+        'status' => RestoreRunStatus::Completed->value,
+        'results' => [
+            'assignment_outcomes' => [
+                ['status' => 'success'],
+                ['status' => 'failed'],
+                ['status' => 'skipped'],
+            ],
+        ],
+    ]);
+
+    $opRun->refresh();
+
+    expect($opRun->status)->toBe('completed');
+    expect($opRun->outcome)->toBe('succeeded');
+    expect($opRun->summary_counts)->toMatchArray([
+        'assignments_success' => 1,
+        'assignments_failed' => 1,
+        'assignments_skipped' => 1,
+    ]);
+    expect($opRun->completed_at)->not->toBeNull();
+});
+
+it('maps cancelled restore runs to failed outcome (cancelled is reserved)', function () {
+    $restoreRun = RestoreRun::factory()->create([
+        'status' => RestoreRunStatus::Previewed->value,
+    ]);
+
+    $opRun = OperationRun::query()
+        ->where('tenant_id', $restoreRun->tenant_id)
+        ->where('type', 'restore.execute')
+        ->latest('id')
+        ->first();
+
+    expect($opRun)->not->toBeNull();
+
+    $restoreRun->update(['status' => RestoreRunStatus::Cancelled->value]);
+
+    $opRun->refresh();
+
+    expect($opRun->status)->toBe('completed');
+    expect($opRun->outcome)->toBe('failed');
+    expect($opRun->failure_summary)->toBeArray();
+    expect($opRun->failure_summary[0]['code'] ?? null)->toBe('restore.cancelled');
+});
diff --git a/tests/Feature/Scheduling/PruneOldOperationRunsScheduleTest.php b/tests/Feature/Scheduling/PruneOldOperationRunsScheduleTest.php
new file mode 100644
index 0000000..370df03
--- /dev/null
+++ b/tests/Feature/Scheduling/PruneOldOperationRunsScheduleTest.php
@@ -0,0 +1,15 @@
+<?php
+
+use App\Jobs\PruneOldOperationRunsJob;
+use Illuminate\Console\Scheduling\Schedule;
+
+it('schedules pruning job daily without overlapping', function () {
+    /** @var Schedule $schedule */
+    $schedule = app(Schedule::class);
+
+    $event = collect($schedule->events())
+        ->first(fn ($event) => ($event->description ?? null) === PruneOldOperationRunsJob::class);
+
+    expect($event)->not->toBeNull();
+    expect($event->withoutOverlapping)->toBeTrue();
+});
diff --git a/tests/Feature/TrackOperationRunMiddlewareTest.php b/tests/Feature/TrackOperationRunMiddlewareTest.php
new file mode 100644
index 0000000..20e4c6e
--- /dev/null
+++ b/tests/Feature/TrackOperationRunMiddlewareTest.php
@@ -0,0 +1,43 @@
+<?php
+
+use App\Jobs\Middleware\TrackOperationRun;
+use App\Models\OperationRun;
+use App\Services\OperationRunService;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+
+it('does not mark an operation run completed when the job is released', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+
+    /** @var OperationRunService $operationRunService */
+    $operationRunService = app(OperationRunService::class);
+    $operationRun = $operationRunService->ensureRun(
+        tenant: $tenant,
+        type: 'test.release',
+        inputs: ['foo' => 'bar'],
+        initiator: $user,
+    );
+
+    $job = new class($operationRun) implements ShouldQueue
+    {
+        use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
+
+        public function __construct(public OperationRun $operationRun)
+        {
+            $this->withFakeQueueInteractions();
+        }
+    };
+
+    $middleware = new TrackOperationRun;
+
+    $middleware->handle($job, function ($job): void {
+        $job->release(60);
+    });
+
+    $operationRun->refresh();
+    expect($operationRun->status)->toBe('running');
+    expect($operationRun->outcome)->toBe('pending');
+});
-- 
2.45.2


From 8b9ab5213848580a2fa0475e6f169dc38734d5f5 Mon Sep 17 00:00:00 2001
From: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Date: Sun, 18 Jan 2026 14:44:16 +0100
Subject: [PATCH 3/4] feat(ops-ux): constitution rollout v1.3.0

---
 app/Filament/Pages/DriftLanding.php           |   9 +-
 app/Filament/Pages/InventoryLanding.php       |  48 ++--
 app/Filament/Pages/Monitoring/Operations.php  |   8 +-
 .../Resources/BackupScheduleResource.php      |  45 ++--
 app/Filament/Resources/BackupSetResource.php  |  43 ++--
 .../BackupItemsRelationManager.php            |  10 +-
 .../Resources/OperationRunResource.php        |  37 ++-
 .../Pages/ViewOperationRun.php                |   2 +
 app/Filament/Resources/PolicyResource.php     |  20 +-
 .../PolicyResource/Pages/ListPolicies.php     |  11 +-
 .../PolicyResource/Pages/ViewPolicy.php       |   6 +-
 .../Resources/PolicyVersionResource.php       |  43 ++--
 app/Filament/Resources/RestoreRunResource.php |  15 +-
 app/Filament/Resources/TenantResource.php     |  13 +-
 app/Jobs/ExecuteRestoreRunJob.php             |  12 +
 app/Livewire/BackupSetPolicyPickerTable.php   |  13 +-
 app/Livewire/BulkOperationProgress.php        | 168 +++++-------
 app/Notifications/OperationRunCompleted.php   |  22 +-
 app/Notifications/OperationRunQueued.php      |   9 +-
 app/Providers/Filament/AdminPanelProvider.php |   3 +-
 app/Services/OperationRunService.php          |  21 +-
 app/Support/OperationCatalog.php              |  64 +++++
 app/Support/OpsUx/OperationRunUrl.php         |  22 ++
 .../OpsUx/OperationStatusNormalizer.php       |  49 ++++
 app/Support/OpsUx/OperationSummaryKeys.php    |  26 ++
 app/Support/OpsUx/OperationUxPresenter.php    | 111 ++++++++
 app/Support/OpsUx/OpsUxBrowserEvents.php      |  31 +++
 app/Support/OpsUx/RunDetailPolling.php        |  35 +++
 app/Support/OpsUx/RunDurationInsights.php     | 145 +++++++++++
 app/Support/OpsUx/SummaryCountsNormalizer.php |  69 +++++
 .../bulk-operation-progress.blade.php         | 240 +++++++++++++-----
 .../checklists/requirements.md                |  34 +++
 .../contracts/ux-contracts.md                 |  73 ++++++
 specs/055-ops-ux-rollout/data-model.md        | 104 ++++++++
 specs/055-ops-ux-rollout/plan.md              | 110 ++++++++
 specs/055-ops-ux-rollout/quickstart.md        |  48 ++++
 specs/055-ops-ux-rollout/research.md          |  72 ++++++
 specs/055-ops-ux-rollout/spec.md              | 213 ++++++++++++++++
 specs/055-ops-ux-rollout/tasks.md             | 208 +++++++++++++++
 .../RunNowRetryActionsTest.php                |   4 +-
 .../Inventory/InventorySyncButtonTest.php     |   5 +-
 .../OperationRunNotificationTest.php          |  20 +-
 tests/Feature/OperationRunServiceTest.php     |   4 +-
 .../OpsUx/NoQueuedDbNotificationsTest.php     |  30 +++
 .../OpsUx/NotificationViewRunLinkTest.php     |  42 +++
 .../OpsUx/OperationSummaryKeysSpecTest.php    |  18 ++
 tests/Feature/OpsUx/OpsUxSmokeTest.php        |   5 +
 .../OpsUx/ProgressWidgetFiltersTest.php       |  47 ++++
 .../OpsUx/ProgressWidgetOverflowTest.php      |  25 ++
 .../ProgressWidgetPollerRegistrationTest.php  |  16 ++
 tests/Feature/OpsUx/QueuedToastCopyTest.php   |  22 ++
 .../RestoreExecutionOperationRunSyncTest.php  |  69 +++++
 .../RunDetailPollingStopsOnTerminalTest.php   |  27 ++
 .../OpsUx/RunEnqueuedBrowserEventTest.php     |  50 ++++
 .../OpsUx/SummaryCountsWhitelistTest.php      |  51 ++++
 ...TerminalNotificationFailureMessageTest.php |  53 ++++
 .../TerminalNotificationIdempotencyTest.php   |  50 ++++
 tests/Support/OpsUxTestSupport.php            |  22 ++
 58 files changed, 2388 insertions(+), 384 deletions(-)
 create mode 100644 app/Support/OperationCatalog.php
 create mode 100644 app/Support/OpsUx/OperationRunUrl.php
 create mode 100644 app/Support/OpsUx/OperationStatusNormalizer.php
 create mode 100644 app/Support/OpsUx/OperationSummaryKeys.php
 create mode 100644 app/Support/OpsUx/OperationUxPresenter.php
 create mode 100644 app/Support/OpsUx/OpsUxBrowserEvents.php
 create mode 100644 app/Support/OpsUx/RunDetailPolling.php
 create mode 100644 app/Support/OpsUx/RunDurationInsights.php
 create mode 100644 app/Support/OpsUx/SummaryCountsNormalizer.php
 create mode 100644 specs/055-ops-ux-rollout/checklists/requirements.md
 create mode 100644 specs/055-ops-ux-rollout/contracts/ux-contracts.md
 create mode 100644 specs/055-ops-ux-rollout/data-model.md
 create mode 100644 specs/055-ops-ux-rollout/plan.md
 create mode 100644 specs/055-ops-ux-rollout/quickstart.md
 create mode 100644 specs/055-ops-ux-rollout/research.md
 create mode 100644 specs/055-ops-ux-rollout/spec.md
 create mode 100644 specs/055-ops-ux-rollout/tasks.md
 create mode 100644 tests/Feature/OpsUx/NoQueuedDbNotificationsTest.php
 create mode 100644 tests/Feature/OpsUx/NotificationViewRunLinkTest.php
 create mode 100644 tests/Feature/OpsUx/OperationSummaryKeysSpecTest.php
 create mode 100644 tests/Feature/OpsUx/OpsUxSmokeTest.php
 create mode 100644 tests/Feature/OpsUx/ProgressWidgetFiltersTest.php
 create mode 100644 tests/Feature/OpsUx/ProgressWidgetOverflowTest.php
 create mode 100644 tests/Feature/OpsUx/ProgressWidgetPollerRegistrationTest.php
 create mode 100644 tests/Feature/OpsUx/QueuedToastCopyTest.php
 create mode 100644 tests/Feature/OpsUx/RestoreExecutionOperationRunSyncTest.php
 create mode 100644 tests/Feature/OpsUx/RunDetailPollingStopsOnTerminalTest.php
 create mode 100644 tests/Feature/OpsUx/RunEnqueuedBrowserEventTest.php
 create mode 100644 tests/Feature/OpsUx/SummaryCountsWhitelistTest.php
 create mode 100644 tests/Feature/OpsUx/TerminalNotificationFailureMessageTest.php
 create mode 100644 tests/Feature/OpsUx/TerminalNotificationIdempotencyTest.php
 create mode 100644 tests/Support/OpsUxTestSupport.php

diff --git a/app/Filament/Pages/DriftLanding.php b/app/Filament/Pages/DriftLanding.php
index 5aee73d..3b9a715 100644
--- a/app/Filament/Pages/DriftLanding.php
+++ b/app/Filament/Pages/DriftLanding.php
@@ -15,6 +15,8 @@
 use App\Services\Drift\DriftRunSelector;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use App\Support\RunIdempotency;
 use BackedEnum;
 use Filament\Actions\Action;
@@ -270,16 +272,13 @@ public function mount(): void
             );
         });
 
-        Notification::make()
-            ->title('Drift generation queued')
-            ->body('Drift generation has been queued. Monitor progress in Monitoring → Operations.')
-            ->success()
+        $this->dispatch(OpsUxBrowserEvents::RunEnqueued);
+        OperationUxPresenter::queuedToast((string) $opRun->type)
             ->actions([
                 Action::make('view_run')
                     ->label('View run')
                     ->url(OperationRunLinks::view($opRun, $tenant)),
             ])
-            ->sendToDatabase($user)
             ->send();
     }
 
diff --git a/app/Filament/Pages/InventoryLanding.php b/app/Filament/Pages/InventoryLanding.php
index 132484e..05cfd9e 100644
--- a/app/Filament/Pages/InventoryLanding.php
+++ b/app/Filament/Pages/InventoryLanding.php
@@ -13,6 +13,8 @@
 use App\Services\Inventory\InventorySyncService;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use BackedEnum;
 use Filament\Actions\Action;
 use Filament\Actions\Action as HintAction;
@@ -83,14 +85,6 @@ protected function getHeaderActions(): array
                                 })
                                 ->all();
                         })
-                        ->default([])
-                        ->dehydrated()
-                        ->required()
-                        ->rules([
-                            'array',
-                            'min:1',
-                            new \App\Rules\SupportedPolicyTypesRule,
-                        ])
                         ->columnSpanFull(),
                     Toggle::make('include_foundations')
                         ->label('Include foundation types')
@@ -118,7 +112,7 @@ protected function getHeaderActions(): array
 
                     return $user->canSyncTenant(Tenant::current());
                 })
-                ->action(function (array $data, BulkOperationService $bulkOperationService, InventorySyncService $inventorySyncService, AuditLogger $auditLogger): void {
+                ->action(function (array $data, self $livewire, BulkOperationService $bulkOperationService, InventorySyncService $inventorySyncService, AuditLogger $auditLogger): void {
                     $tenant = Tenant::current();
 
                     $user = auth()->user();
@@ -152,7 +146,6 @@ protected function getHeaderActions(): array
                     }
                     $computed = $inventorySyncService->normalizeAndHashSelection($selectionPayload);
 
-                    // --- Phase 3: Canonical Operation Run Start ---
                     /** @var OperationRunService $opService */
                     $opService = app(OperationRunService::class);
                     $opRun = $opService->ensureRun(
@@ -162,13 +155,8 @@ protected function getHeaderActions(): array
                         initiator: $user
                     );
 
-                    // If run is already active (was recently created or re-used), and we want to enforce re-use:
-                    if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'])) {
-                        // Just notify and exit (Idempotency)
-                        Notification::make()
-                            ->title('Inventory sync already active')
-                            ->body('This operation is already queued or running.')
-                            ->warning()
+                    if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'], true)) {
+                        OperationUxPresenter::queuedToast((string) $opRun->type)
                             ->actions([
                                 Action::make('view_run')
                                     ->label('View Run')
@@ -176,6 +164,8 @@ protected function getHeaderActions(): array
                             ])
                             ->send();
 
+                        OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+
                         return;
                     }
                     // ----------------------------------------------
@@ -236,20 +226,6 @@ protected function getHeaderActions(): array
                         resourceId: (string) $run->id,
                     );
 
-                    Notification::make()
-                        ->title('Inventory sync started')
-                        ->body('Sync dispatched. Check the progress widget or Monitoring.')
-                        ->icon('heroicon-o-arrow-path')
-                        ->iconColor('warning')
-                        ->success()
-                        ->actions([
-                            Action::make('view_run')
-                                ->label('View Run')
-                                ->url(OperationRunLinks::view($opRun, $tenant)),
-                        ])
-                        ->sendToDatabase($user)
-                        ->send();
-
                     $opService->dispatchOrFail($opRun, function () use ($tenant, $user, $run, $bulkRun, $opRun): void {
                         RunInventorySyncJob::dispatch(
                             tenantId: (int) $tenant->getKey(),
@@ -259,6 +235,16 @@ protected function getHeaderActions(): array
                             operationRun: $opRun
                         );
                     });
+
+                    OperationUxPresenter::queuedToast((string) $opRun->type)
+                        ->actions([
+                            Action::make('view_run')
+                                ->label('View run')
+                                ->url(OperationRunLinks::view($opRun, $tenant)),
+                        ])
+                        ->send();
+
+                    OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
                 }),
         ];
     }
diff --git a/app/Filament/Pages/Monitoring/Operations.php b/app/Filament/Pages/Monitoring/Operations.php
index 8c7a1ec..a8bc8ee 100644
--- a/app/Filament/Pages/Monitoring/Operations.php
+++ b/app/Filament/Pages/Monitoring/Operations.php
@@ -3,6 +3,7 @@
 namespace App\Filament\Pages\Monitoring;
 
 use App\Models\OperationRun;
+use App\Support\OperationCatalog;
 use BackedEnum;
 use Filament\Facades\Filament;
 use Filament\Forms\Components\DatePicker;
@@ -44,15 +45,16 @@ public function table(Table $table): Table
             )
             ->columns([
                 TextColumn::make('type')
+                    ->formatStateUsing(fn (?string $state): string => OperationCatalog::label((string) $state))
                     ->searchable()
                     ->sortable(),
 
                 TextColumn::make('status')
                     ->badge()
                     ->colors([
-                        'secondary' => 'queued',
-                        'warning' => 'running',
-                        'success' => 'completed',
+                        'warning' => 'queued',
+                        'info' => 'running',
+                        'secondary' => 'completed',
                     ]),
 
                 TextColumn::make('outcome')
diff --git a/app/Filament/Resources/BackupScheduleResource.php b/app/Filament/Resources/BackupScheduleResource.php
index 2a97863..0249fd4 100644
--- a/app/Filament/Resources/BackupScheduleResource.php
+++ b/app/Filament/Resources/BackupScheduleResource.php
@@ -17,6 +17,8 @@
 use App\Services\Intune\AuditLogger;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use App\Support\TenantRole;
 use BackedEnum;
 use Carbon\CarbonImmutable;
@@ -38,6 +40,7 @@
 use Filament\Schemas\Schema;
 use Filament\Tables\Columns\IconColumn;
 use Filament\Tables\Columns\TextColumn;
+use Filament\Tables\Contracts\HasTable;
 use Filament\Tables\Filters\SelectFilter;
 use Filament\Tables\Table;
 use Illuminate\Database\Eloquent\Builder;
@@ -288,7 +291,7 @@ public static function table(Table $table): Table
                         ->icon('heroicon-o-play')
                         ->color('success')
                         ->visible(fn (): bool => static::currentTenantRole()?->canRunBackupSchedules() ?? false)
-                        ->action(function (BackupSchedule $record): void {
+                        ->action(function (BackupSchedule $record, HasTable $livewire): void {
                             abort_unless(static::currentTenantRole()?->canRunBackupSchedules() ?? false, 403);
 
                             $tenant = Tenant::current();
@@ -413,24 +416,21 @@ public static function table(Table $table): Table
                                 Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRunId, $operationRun));
                             });
 
-                            $notification = Notification::make()
-                                ->title('Run dispatched')
-                                ->body('The backup run has been queued.')
-                                ->success()
+                            OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            OperationUxPresenter::queuedToast((string) $operationRun->type)
                                 ->actions([
                                     Action::make('view_run')
                                         ->label('View run')
                                         ->url(OperationRunLinks::view($operationRun, $tenant)),
-                                ]);
-
-                            $notification->send();
+                                ])
+                                ->send();
                         }),
                     Action::make('retry')
                         ->label('Retry')
                         ->icon('heroicon-o-arrow-path')
                         ->color('warning')
                         ->visible(fn (): bool => static::currentTenantRole()?->canRunBackupSchedules() ?? false)
-                        ->action(function (BackupSchedule $record): void {
+                        ->action(function (BackupSchedule $record, HasTable $livewire): void {
                             abort_unless(static::currentTenantRole()?->canRunBackupSchedules() ?? false, 403);
 
                             $tenant = Tenant::current();
@@ -555,17 +555,14 @@ public static function table(Table $table): Table
                                 Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRunId, $operationRun));
                             });
 
-                            $notification = Notification::make()
-                                ->title('Retry dispatched')
-                                ->body('A new backup run has been queued.')
-                                ->success()
+                            OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            OperationUxPresenter::queuedToast((string) $operationRun->type)
                                 ->actions([
                                     Action::make('view_run')
                                         ->label('View run')
                                         ->url(OperationRunLinks::view($operationRun, $tenant)),
-                                ]);
-
-                            $notification->send();
+                                ])
+                                ->send();
                         }),
                     EditAction::make()
                         ->visible(fn (): bool => static::currentTenantRole()?->canManageBackupSchedules() ?? false),
@@ -580,7 +577,7 @@ public static function table(Table $table): Table
                         ->icon('heroicon-o-play')
                         ->color('success')
                         ->visible(fn (): bool => static::currentTenantRole()?->canRunBackupSchedules() ?? false)
-                        ->action(function (Collection $records): void {
+                        ->action(function (Collection $records, HasTable $livewire): void {
                             abort_unless(static::currentTenantRole()?->canRunBackupSchedules() ?? false, 403);
 
                             if ($records->isEmpty()) {
@@ -688,7 +685,7 @@ public static function table(Table $table): Table
 
                                 $operationRunService->dispatchOrFail($operationRun, function () use ($run, $bulkRun, $operationRun): void {
                                     Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRun?->id, $operationRun));
-                                }, emitQueuedNotification: false);
+                                });
                             }
 
                             $notification = Notification::make()
@@ -710,13 +707,17 @@ public static function table(Table $table): Table
                             }
 
                             $notification->send();
+
+                            if (count($createdRunIds) > 0) {
+                                OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            }
                         }),
                     BulkAction::make('bulk_retry')
                         ->label('Retry')
                         ->icon('heroicon-o-arrow-path')
                         ->color('warning')
                         ->visible(fn (): bool => static::currentTenantRole()?->canRunBackupSchedules() ?? false)
-                        ->action(function (Collection $records): void {
+                        ->action(function (Collection $records, HasTable $livewire): void {
                             abort_unless(static::currentTenantRole()?->canRunBackupSchedules() ?? false, 403);
 
                             if ($records->isEmpty()) {
@@ -824,7 +825,7 @@ public static function table(Table $table): Table
 
                                 $operationRunService->dispatchOrFail($operationRun, function () use ($run, $bulkRun, $operationRun): void {
                                     Bus::dispatch(new RunBackupScheduleJob($run->id, $bulkRun?->id, $operationRun));
-                                }, emitQueuedNotification: false);
+                                });
                             }
 
                             $notification = Notification::make()
@@ -846,6 +847,10 @@ public static function table(Table $table): Table
                             }
 
                             $notification->send();
+
+                            if (count($createdRunIds) > 0) {
+                                OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            }
                         }),
                     DeleteBulkAction::make('bulk_delete')
                         ->visible(fn (): bool => static::currentTenantRole()?->canManageBackupSchedules() ?? false),
diff --git a/app/Filament/Resources/BackupSetResource.php b/app/Filament/Resources/BackupSetResource.php
index 22796c4..b60236f 100644
--- a/app/Filament/Resources/BackupSetResource.php
+++ b/app/Filament/Resources/BackupSetResource.php
@@ -12,6 +12,7 @@
 use App\Services\BulkOperationService;
 use App\Services\Intune\AuditLogger;
 use App\Services\Intune\BackupService;
+use App\Support\OpsUx\OperationUxPresenter;
 use BackedEnum;
 use Filament\Actions;
 use Filament\Actions\ActionGroup;
@@ -201,14 +202,12 @@ public static function table(Table $table): Table
                             $run = $service->createRun($tenant, $user, 'backup_set', 'delete', $ids, $count);
 
                             if ($count >= 10) {
-                                Notification::make()
-                                    ->title('Bulk archive started')
-                                    ->body("Archiving {$count} backup sets in the background. Check the progress bar in the bottom right corner.")
-                                    ->icon('heroicon-o-arrow-path')
-                                    ->iconColor('warning')
-                                    ->info()
-                                    ->duration(8000)
-                                    ->sendToDatabase($user)
+                                OperationUxPresenter::queuedToast('backup_set.delete')
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                                    ])
                                     ->send();
 
                                 BulkBackupSetDeleteJob::dispatch($run->id);
@@ -243,14 +242,12 @@ public static function table(Table $table): Table
                             $run = $service->createRun($tenant, $user, 'backup_set', 'restore', $ids, $count);
 
                             if ($count >= 10) {
-                                Notification::make()
-                                    ->title('Bulk restore started')
-                                    ->body("Restoring {$count} backup sets in the background. Check the progress bar in the bottom right corner.")
-                                    ->icon('heroicon-o-arrow-path')
-                                    ->iconColor('warning')
-                                    ->info()
-                                    ->duration(8000)
-                                    ->sendToDatabase($user)
+                                OperationUxPresenter::queuedToast('backup_set.restore')
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                                    ])
                                     ->send();
 
                                 BulkBackupSetRestoreJob::dispatch($run->id);
@@ -300,14 +297,12 @@ public static function table(Table $table): Table
                             $run = $service->createRun($tenant, $user, 'backup_set', 'force_delete', $ids, $count);
 
                             if ($count >= 10) {
-                                Notification::make()
-                                    ->title('Bulk force delete started')
-                                    ->body("Force deleting {$count} backup sets in the background. Check the progress bar in the bottom right corner.")
-                                    ->icon('heroicon-o-arrow-path')
-                                    ->iconColor('warning')
-                                    ->info()
-                                    ->duration(8000)
-                                    ->sendToDatabase($user)
+                                OperationUxPresenter::queuedToast('backup_set.force_delete')
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                                    ])
                                     ->send();
 
                                 BulkBackupSetForceDeleteJob::dispatch($run->id);
diff --git a/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php b/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php
index 79f0b21..cb604e5 100644
--- a/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php
+++ b/app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php
@@ -9,6 +9,8 @@
 use App\Models\User;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use Filament\Actions;
 use Filament\Notifications\Notification;
 use Filament\Resources\RelationManagers\RelationManager;
@@ -208,16 +210,13 @@ public function table(Table $table): Table
                                 );
                             });
 
-                            Notification::make()
-                                ->title('Removal queued')
-                                ->body('A background job has been queued. You can monitor progress in the run details or progress widget.')
-                                ->success()
+                            $this->dispatch(OpsUxBrowserEvents::RunEnqueued);
+                            OperationUxPresenter::queuedToast((string) $opRun->type)
                                 ->actions([
                                     Actions\Action::make('view_run')
                                         ->label('View run')
                                         ->url(OperationRunLinks::view($opRun, $tenant)),
                                 ])
-                                ->sendToDatabase($user)
                                 ->send();
 
                             $this->resetTable();
@@ -305,6 +304,7 @@ public function table(Table $table): Table
                                 );
                             });
 
+                            $this->dispatch(OpsUxBrowserEvents::RunEnqueued);
                             Notification::make()
                                 ->title('Removal queued')
                                 ->body('A background job has been queued. You can monitor progress in the run details or progress widget.')
diff --git a/app/Filament/Resources/OperationRunResource.php b/app/Filament/Resources/OperationRunResource.php
index 2229d06..dab9305 100644
--- a/app/Filament/Resources/OperationRunResource.php
+++ b/app/Filament/Resources/OperationRunResource.php
@@ -5,8 +5,11 @@
 use App\Filament\Resources\OperationRunResource\Pages;
 use App\Models\OperationRun;
 use App\Models\Tenant;
+use App\Support\OperationCatalog;
 use App\Support\OperationRunOutcome;
 use App\Support\OperationRunStatus;
+use App\Support\OpsUx\RunDetailPolling;
+use App\Support\OpsUx\RunDurationInsights;
 use BackedEnum;
 use Filament\Actions;
 use Filament\Forms\Components\DatePicker;
@@ -45,7 +48,9 @@ public static function infolist(Schema $schema): Schema
             ->schema([
                 Section::make('Run')
                     ->schema([
-                        TextEntry::make('type')->badge(),
+                        TextEntry::make('type')
+                            ->badge()
+                            ->formatStateUsing(fn (?string $state): string => OperationCatalog::label((string) $state)),
                         TextEntry::make('status')
                             ->badge()
                             ->color(fn (OperationRun $record): string => static::statusColor($record->status)),
@@ -53,11 +58,36 @@ public static function infolist(Schema $schema): Schema
                             ->badge()
                             ->color(fn (OperationRun $record): string => static::outcomeColor($record->outcome)),
                         TextEntry::make('initiator_name')->label('Initiator'),
+                        TextEntry::make('elapsed')
+                            ->label('Elapsed')
+                            ->getStateUsing(fn (OperationRun $record): string => RunDurationInsights::elapsedHuman($record)),
+                        TextEntry::make('expected_duration')
+                            ->label('Expected')
+                            ->getStateUsing(fn (OperationRun $record): string => RunDurationInsights::expectedHuman($record) ?? '—'),
+                        TextEntry::make('stuck_guidance')
+                            ->label('')
+                            ->getStateUsing(fn (OperationRun $record): ?string => RunDurationInsights::stuckGuidance($record))
+                            ->visible(fn (OperationRun $record): bool => RunDurationInsights::stuckGuidance($record) !== null),
                         TextEntry::make('created_at')->dateTime(),
                         TextEntry::make('started_at')->dateTime()->placeholder('—'),
                         TextEntry::make('completed_at')->dateTime()->placeholder('—'),
                         TextEntry::make('run_identity_hash')->label('Identity hash')->copyable(),
                     ])
+                    ->extraAttributes([
+                        'x-init' => '$wire.set(\'opsUxIsTabHidden\', document.hidden)',
+                        'x-on:visibilitychange.window' => '$wire.set(\'opsUxIsTabHidden\', document.hidden)',
+                    ])
+                    ->poll(function (OperationRun $record, $livewire): ?string {
+                        if (($livewire->opsUxIsTabHidden ?? false) === true) {
+                            return null;
+                        }
+
+                        if (filled($livewire->mountedActions ?? null)) {
+                            return null;
+                        }
+
+                        return RunDetailPolling::interval($record);
+                    })
                     ->columns(2)
                     ->columnSpanFull(),
 
@@ -110,6 +140,7 @@ public static function table(Table $table): Table
                     ->color(fn (OperationRun $record): string => static::statusColor($record->status)),
                 Tables\Columns\TextColumn::make('type')
                     ->label('Operation')
+                    ->formatStateUsing(fn (?string $state): string => OperationCatalog::label((string) $state))
                     ->searchable()
                     ->sortable(),
                 Tables\Columns\TextColumn::make('initiator_name')
@@ -225,9 +256,9 @@ public static function getPages(): array
     private static function statusColor(?string $status): string
     {
         return match ($status) {
-            'queued' => 'gray',
+            'queued' => 'warning',
             'running' => 'info',
-            'completed' => 'success',
+            'completed' => 'secondary',
             default => 'gray',
         };
     }
diff --git a/app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php b/app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php
index b8a5f31..f03e4cc 100644
--- a/app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php
+++ b/app/Filament/Resources/OperationRunResource/Pages/ViewOperationRun.php
@@ -14,6 +14,8 @@ class ViewOperationRun extends ViewRecord
 {
     protected static string $resource = OperationRunResource::class;
 
+    public bool $opsUxIsTabHidden = false;
+
     protected function getHeaderActions(): array
     {
         $tenant = Tenant::current();
diff --git a/app/Filament/Resources/PolicyResource.php b/app/Filament/Resources/PolicyResource.php
index 50e0ce6..e02a3ce 100644
--- a/app/Filament/Resources/PolicyResource.php
+++ b/app/Filament/Resources/PolicyResource.php
@@ -15,6 +15,8 @@
 use App\Services\Intune\PolicyNormalizer;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use BackedEnum;
 use Filament\Actions;
 use Filament\Actions\ActionGroup;
@@ -347,7 +349,7 @@ public static function table(Table $table): Table
                         ->color('danger')
                         ->requiresConfirmation()
                         ->visible(fn (Policy $record) => $record->ignored_at === null)
-                        ->action(function (Policy $record) {
+                        ->action(function (Policy $record, HasTable $livewire) {
                             $record->ignore();
 
                             Notification::make()
@@ -434,16 +436,13 @@ public static function table(Table $table): Table
                                 operationRun: $opRun
                             );
 
-                            Notification::make()
-                                ->title('Policy sync queued')
-                                ->body('The sync has been queued. You can monitor progress in Monitoring → Operations.')
-                                ->success()
+                            OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            OperationUxPresenter::queuedToast((string) $opRun->type)
                                 ->actions([
                                     Actions\Action::make('view_run')
                                         ->label('View run')
                                         ->url(OperationRunLinks::view($opRun, $tenant)),
                                 ])
-                                ->sendToDatabase($user)
                                 ->send();
                         }),
                     Actions\Action::make('export')
@@ -533,7 +532,7 @@ public static function table(Table $table): Table
 
                             return ! in_array($value, [null, 'ignored'], true);
                         })
-                        ->action(function (Collection $records) {
+                        ->action(function (Collection $records, HasTable $livewire) {
                             $tenant = Tenant::current();
                             $user = auth()->user();
                             $count = $records->count();
@@ -637,16 +636,13 @@ public static function table(Table $table): Table
                                 operationRun: $opRun
                             );
 
-                            Notification::make()
-                                ->title('Policy sync queued')
-                                ->body("The sync has been queued for {$count} policies. You can monitor progress in Monitoring → Operations.")
-                                ->success()
+                            OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            OperationUxPresenter::queuedToast((string) $opRun->type)
                                 ->actions([
                                     Actions\Action::make('view_run')
                                         ->label('View run')
                                         ->url(OperationRunLinks::view($opRun, $tenant)),
                                 ])
-                                ->sendToDatabase($user)
                                 ->send();
                         })
                         ->deselectRecordsAfterCompletion(),
diff --git a/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php b/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php
index 3b4250a..bddb230 100644
--- a/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php
+++ b/app/Filament/Resources/PolicyResource/Pages/ListPolicies.php
@@ -8,6 +8,8 @@
 use App\Models\User;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use Filament\Actions;
 use Filament\Notifications\Notification;
 use Filament\Resources\Pages\ListRecords;
@@ -35,7 +37,7 @@ protected function getHeaderActions(): array
 
                     return $user->canSyncTenant($tenant);
                 })
-                ->action(function () {
+                ->action(function (self $livewire): void {
                     $tenant = Tenant::current();
                     $user = auth()->user();
 
@@ -89,16 +91,13 @@ protected function getHeaderActions(): array
                         );
                     });
 
-                    Notification::make()
-                        ->title('Policy sync queued')
-                        ->body('The sync has been queued. You can monitor progress in Monitoring → Operations.')
-                        ->success()
+                    OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                    OperationUxPresenter::queuedToast((string) $opRun->type)
                         ->actions([
                             Actions\Action::make('view_run')
                                 ->label('View run')
                                 ->url(OperationRunLinks::view($opRun, $tenant)),
                         ])
-                        ->sendToDatabase($user)
                         ->send();
                 }),
         ];
diff --git a/app/Filament/Resources/PolicyResource/Pages/ViewPolicy.php b/app/Filament/Resources/PolicyResource/Pages/ViewPolicy.php
index cc44587..f1a7f0b 100644
--- a/app/Filament/Resources/PolicyResource/Pages/ViewPolicy.php
+++ b/app/Filament/Resources/PolicyResource/Pages/ViewPolicy.php
@@ -6,6 +6,7 @@
 use App\Filament\Resources\PolicyResource;
 use App\Jobs\CapturePolicySnapshotJob;
 use App\Services\BulkOperationService;
+use App\Support\OpsUx\OperationUxPresenter;
 use App\Support\RunIdempotency;
 use Filament\Actions\Action;
 use Filament\Forms;
@@ -102,15 +103,12 @@ protected function getActions(): array
                         createdBy: $user->email ? Str::limit($user->email, 255, '') : null
                     );
 
-                    Notification::make()
-                        ->title('Snapshot queued')
-                        ->body('A background job has been queued. You can monitor progress in the run details.')
+                    OperationUxPresenter::queuedToast('policy.capture_snapshot')
                         ->actions([
                             \Filament\Actions\Action::make('view_run')
                                 ->label('View run')
                                 ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
                         ])
-                        ->success()
                         ->send();
 
                     $this->redirect(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant));
diff --git a/app/Filament/Resources/PolicyVersionResource.php b/app/Filament/Resources/PolicyVersionResource.php
index 9d6259a..f89b89a 100644
--- a/app/Filament/Resources/PolicyVersionResource.php
+++ b/app/Filament/Resources/PolicyVersionResource.php
@@ -14,6 +14,7 @@
 use App\Services\Intune\AuditLogger;
 use App\Services\Intune\PolicyNormalizer;
 use App\Services\Intune\VersionDiff;
+use App\Support\OpsUx\OperationUxPresenter;
 use BackedEnum;
 use Carbon\CarbonImmutable;
 use Filament\Actions;
@@ -409,14 +410,12 @@ public static function table(Table $table): Table
                             $run = $service->createRun($tenant, $user, 'policy_version', 'prune', $ids, $count);
 
                             if ($count >= 20) {
-                                Notification::make()
-                                    ->title('Bulk prune started')
-                                    ->body("Pruning {$count} policy versions in the background. Check the progress bar in the bottom right corner.")
-                                    ->icon('heroicon-o-arrow-path')
-                                    ->iconColor('warning')
-                                    ->info()
-                                    ->duration(8000)
-                                    ->sendToDatabase($user)
+                                OperationUxPresenter::queuedToast('policy_version.prune')
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                                    ])
                                     ->send();
 
                                 BulkPolicyVersionPruneJob::dispatch($run->id, $retentionDays);
@@ -451,14 +450,12 @@ public static function table(Table $table): Table
                             $run = $service->createRun($tenant, $user, 'policy_version', 'restore', $ids, $count);
 
                             if ($count >= 20) {
-                                Notification::make()
-                                    ->title('Bulk restore started')
-                                    ->body("Restoring {$count} policy versions in the background. Check the progress bar in the bottom right corner.")
-                                    ->icon('heroicon-o-arrow-path')
-                                    ->iconColor('warning')
-                                    ->info()
-                                    ->duration(8000)
-                                    ->sendToDatabase($user)
+                                OperationUxPresenter::queuedToast('policy_version.restore')
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                                    ])
                                     ->send();
 
                                 BulkPolicyVersionRestoreJob::dispatch($run->id);
@@ -502,14 +499,12 @@ public static function table(Table $table): Table
                             $run = $service->createRun($tenant, $user, 'policy_version', 'force_delete', $ids, $count);
 
                             if ($count >= 20) {
-                                Notification::make()
-                                    ->title('Bulk force delete started')
-                                    ->body("Force deleting {$count} policy versions in the background. Check the progress bar in the bottom right corner.")
-                                    ->icon('heroicon-o-arrow-path')
-                                    ->iconColor('warning')
-                                    ->info()
-                                    ->duration(8000)
-                                    ->sendToDatabase($user)
+                                OperationUxPresenter::queuedToast('policy_version.force_delete')
+                                    ->actions([
+                                        Actions\Action::make('view_run')
+                                            ->label('View run')
+                                            ->url(BulkOperationRunResource::getUrl('view', ['record' => $run], tenant: $tenant)),
+                                    ])
                                     ->send();
 
                                 BulkPolicyVersionForceDeleteJob::dispatch($run->id);
diff --git a/app/Filament/Resources/RestoreRunResource.php b/app/Filament/Resources/RestoreRunResource.php
index e9b2b23..2d3d856 100644
--- a/app/Filament/Resources/RestoreRunResource.php
+++ b/app/Filament/Resources/RestoreRunResource.php
@@ -19,6 +19,8 @@
 use App\Services\Intune\RestoreDiffGenerator;
 use App\Services\Intune\RestoreRiskChecker;
 use App\Services\Intune\RestoreService;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use App\Support\RestoreRunStatus;
 use App\Support\RunIdempotency;
 use BackedEnum;
@@ -743,7 +745,8 @@ public static function table(Table $table): Table
                         ->action(function (
                             RestoreRun $record,
                             RestoreService $restoreService,
-                            \App\Services\Intune\AuditLogger $auditLogger
+                            \App\Services\Intune\AuditLogger $auditLogger,
+                            HasTable $livewire
                         ) {
                             $tenant = $record->tenant;
                             $backupSet = $record->backupSet;
@@ -860,9 +863,8 @@ public static function table(Table $table): Table
                                     actorName: $actorName,
                                 );
 
-                                Notification::make()
-                                    ->title('Restore run queued')
-                                    ->success()
+                                OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                                OperationUxPresenter::queuedToast('restore.execute')
                                     ->send();
 
                                 return;
@@ -902,9 +904,8 @@ public static function table(Table $table): Table
                                 ]
                             );
 
-                            Notification::make()
-                                ->title('Restore run started')
-                                ->success()
+                            OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            OperationUxPresenter::queuedToast('restore.execute')
                                 ->send();
                         }),
                     Actions\Action::make('restore')
diff --git a/app/Filament/Resources/TenantResource.php b/app/Filament/Resources/TenantResource.php
index a141fa6..df23178 100644
--- a/app/Filament/Resources/TenantResource.php
+++ b/app/Filament/Resources/TenantResource.php
@@ -18,6 +18,8 @@
 use App\Services\Intune\TenantPermissionService;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use App\Support\TenantRole;
 use BackedEnum;
 use Filament\Actions;
@@ -197,7 +199,7 @@ public static function table(Table $table): Table
 
                             return $user->canSyncTenant($record);
                         })
-                        ->action(function (Tenant $record, AuditLogger $auditLogger): void {
+                        ->action(function (Tenant $record, AuditLogger $auditLogger, \Filament\Tables\Contracts\HasTable $livewire): void {
                             // Phase 3: Canonical Operation Run Start
                             /** @var OperationRunService $opService */
                             $opService = app(OperationRunService::class);
@@ -234,18 +236,13 @@ public static function table(Table $table): Table
                                 context: ['metadata' => ['tenant_id' => $record->tenant_id]],
                             );
 
-                            Notification::make()
-                                ->title('Sync started')
-                                ->body("Sync dispatched for {$record->name}.")
-                                ->icon('heroicon-o-arrow-path')
-                                ->iconColor('warning')
-                                ->success()
+                            OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
+                            OperationUxPresenter::queuedToast((string) $opRun->type)
                                 ->actions([
                                     Actions\Action::make('view_run')
                                         ->label('View Run')
                                         ->url(OperationRunLinks::view($opRun, $record)),
                                 ])
-                                ->sendToDatabase(auth()->user())
                                 ->send();
                         }),
                     Actions\Action::make('openTenant')
diff --git a/app/Jobs/ExecuteRestoreRunJob.php b/app/Jobs/ExecuteRestoreRunJob.php
index 2216120..47f1b0a 100644
--- a/app/Jobs/ExecuteRestoreRunJob.php
+++ b/app/Jobs/ExecuteRestoreRunJob.php
@@ -2,6 +2,7 @@
 
 namespace App\Jobs;
 
+use App\Listeners\SyncRestoreRunToOperationRun;
 use App\Models\RestoreRun;
 use App\Models\User;
 use App\Notifications\RunStatusChangedNotification;
@@ -40,6 +41,7 @@ public function handle(RestoreService $restoreService, AuditLogger $auditLogger,
         }
 
         $this->notifyStatus($restoreRun, 'queued');
+        app(SyncRestoreRunToOperationRun::class)->handle($restoreRun);
 
         $tenant = $restoreRun->tenant;
         $backupSet = $restoreRun->backupSet;
@@ -51,6 +53,8 @@ public function handle(RestoreService $restoreService, AuditLogger $auditLogger,
                 'completed_at' => CarbonImmutable::now(),
             ]);
 
+            app(SyncRestoreRunToOperationRun::class)->handle($restoreRun->refresh());
+
             $this->notifyStatus($restoreRun->refresh(), 'failed');
 
             if ($tenant) {
@@ -81,6 +85,10 @@ public function handle(RestoreService $restoreService, AuditLogger $auditLogger,
             'failure_reason' => null,
         ]);
 
+        // Keep the canonical Monitoring/Operations adapter row in sync even if downstream
+        // code performs restore-run updates without firing model events.
+        app(SyncRestoreRunToOperationRun::class)->handle($restoreRun->refresh());
+
         $this->notifyStatus($restoreRun->refresh(), 'running');
 
         $auditLogger->log(
@@ -108,6 +116,8 @@ public function handle(RestoreService $restoreService, AuditLogger $auditLogger,
                 actorName: $this->actorName,
             );
 
+            app(SyncRestoreRunToOperationRun::class)->handle($restoreRun->refresh());
+
             $this->notifyStatus($restoreRun->refresh(), (string) $restoreRun->status);
         } catch (Throwable $throwable) {
             $restoreRun->refresh();
@@ -122,6 +132,8 @@ public function handle(RestoreService $restoreService, AuditLogger $auditLogger,
                 ]);
             }
 
+            app(SyncRestoreRunToOperationRun::class)->handle($restoreRun->refresh());
+
             $this->notifyStatus($restoreRun->refresh(), (string) $restoreRun->status);
 
             if ($tenant) {
diff --git a/app/Livewire/BackupSetPolicyPickerTable.php b/app/Livewire/BackupSetPolicyPickerTable.php
index 3fb2192..492cbe2 100644
--- a/app/Livewire/BackupSetPolicyPickerTable.php
+++ b/app/Livewire/BackupSetPolicyPickerTable.php
@@ -11,6 +11,8 @@
 use App\Services\BulkOperationService;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
+use App\Support\OpsUx\OperationUxPresenter;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use App\Support\RunIdempotency;
 use Filament\Actions\BulkAction;
 use Filament\Notifications\Notification;
@@ -179,6 +181,7 @@ public function table(Table $table): Table
                     ->label('Add selected')
                     ->icon('heroicon-m-plus')
                     ->authorize(function (): bool {
+                        $this->dispatch(OpsUxBrowserEvents::RunEnqueued);
                         $user = auth()->user();
 
                         if (! $user instanceof User) {
@@ -391,20 +394,12 @@ public function table(Table $table): Table
                             );
                         });
 
-                        $notificationTitle = $this->include_foundations
-                            ? 'Backup items queued'
-                            : 'Policies queued';
-
-                        Notification::make()
-                            ->title($notificationTitle)
-                            ->body('A background job has been queued. You can monitor progress in the run details or progress widget.')
+                        OperationUxPresenter::queuedToast((string) $opRun->type)
                             ->actions([
                                 \Filament\Actions\Action::make('view_run')
                                     ->label('View run')
                                     ->url(OperationRunLinks::view($opRun, $tenant)),
                             ])
-                            ->success()
-                            ->sendToDatabase($user)
                             ->send();
 
                         $this->resetTable();
diff --git a/app/Livewire/BulkOperationProgress.php b/app/Livewire/BulkOperationProgress.php
index a7ef31d..efd334d 100644
--- a/app/Livewire/BulkOperationProgress.php
+++ b/app/Livewire/BulkOperationProgress.php
@@ -2,26 +2,48 @@
 
 namespace App\Livewire;
 
-use App\Models\BackupScheduleRun;
-use App\Models\BulkOperationRun;
+use App\Models\OperationRun;
 use App\Models\Tenant;
-use Illuminate\Support\Arr;
+use App\Support\OpsUx\OpsUxBrowserEvents;
+use Filament\Facades\Filament;
+use Illuminate\Support\Collection;
 use Livewire\Attributes\Computed;
+use Livewire\Attributes\On;
 use Livewire\Component;
 
 class BulkOperationProgress extends Component
 {
-    public $runs;
+    /**
+     * @var Collection<int, OperationRun>
+     */
+    public Collection $runs;
 
-    public int $pollSeconds = 3;
+    public int $overflowCount = 0;
 
-    public int $recentFinishedSeconds = 12;
+    public bool $disabled = false;
 
-    public function mount()
+    public bool $hasActiveRuns = false;
+
+    public ?int $tenantId = null;
+
+    public function mount(): void
     {
-        $this->pollSeconds = max(1, min(10, (int) config('tenantpilot.bulk_operations.poll_interval_seconds', 3)));
-        $this->recentFinishedSeconds = max(3, min(60, (int) config('tenantpilot.bulk_operations.recent_finished_seconds', 12)));
-        $this->loadRuns();
+        $this->runs = collect();
+
+        $tenant = Filament::getTenant();
+        $this->tenantId = $tenant instanceof Tenant ? (int) $tenant->id : null;
+
+        $this->refreshRuns();
+    }
+
+    #[On(OpsUxBrowserEvents::RunEnqueued)]
+    public function onRunEnqueued(?int $tenantId = null): void
+    {
+        if ($tenantId !== null) {
+            $this->tenantId = $tenantId;
+        }
+
+        $this->refreshRuns();
     }
 
     #[Computed]
@@ -30,116 +52,52 @@ public function activeRuns()
         return $this->runs;
     }
 
-    public function loadRuns()
+    public function refreshRuns(): void
     {
-        try {
-            $tenant = Tenant::current();
-        } catch (\RuntimeException $e) {
+        $tenantId = $this->tenantId;
+
+        // Best-effort: if we're mounted on a tenant page, capture it once.
+        if ($tenantId === null) {
+            $tenant = Filament::getTenant();
+            $tenantId = $tenant instanceof Tenant ? (int) $tenant->id : null;
+            $this->tenantId = $tenantId;
+        }
+
+        if ($tenantId === null) {
+            $this->disabled = true;
             $this->runs = collect();
+            $this->overflowCount = 0;
+            $this->hasActiveRuns = false;
 
             return;
         }
 
-        $recentThreshold = now()->subSeconds($this->recentFinishedSeconds);
+        if (! auth()->user()?->can('viewAny', OperationRun::class)) {
+            $this->disabled = true;
+            $this->runs = collect();
+            $this->overflowCount = 0;
+            $this->hasActiveRuns = false;
 
-        $this->runs = BulkOperationRun::query()
-            ->where('tenant_id', $tenant->id)
-            ->where('user_id', auth()->id())
-            ->where(function ($query) use ($recentThreshold): void {
-                $query->whereIn('status', ['pending', 'running'])
-                    ->orWhere(function ($query) use ($recentThreshold): void {
-                        $query->whereIn('status', ['completed', 'completed_with_errors', 'failed', 'aborted'])
-                            ->where('updated_at', '>=', $recentThreshold);
-                    });
-            })
-            ->orderByDesc('created_at')
-            ->get();
-
-        $this->reconcileBackupScheduleRuns($tenant->id);
-    }
-
-    private function reconcileBackupScheduleRuns(int $tenantId): void
-    {
-        $userId = auth()->id();
-
-        if (! $userId) {
             return;
         }
 
-        $staleThreshold = now()->subSeconds(60);
+        $this->disabled = false;
 
-        foreach ($this->runs as $bulkRun) {
-            if ($bulkRun->resource !== 'backup_schedule') {
-                continue;
-            }
+        $query = OperationRun::query()
+            ->where('tenant_id', $tenantId)
+            ->active()
+            ->orderByDesc('created_at');
 
-            if (! in_array($bulkRun->status, ['pending', 'running'], true)) {
-                continue;
-            }
-
-            if (! $bulkRun->created_at || $bulkRun->created_at->gt($staleThreshold)) {
-                continue;
-            }
-
-            $scheduleId = (int) Arr::first($bulkRun->item_ids ?? []);
-
-            if ($scheduleId <= 0) {
-                continue;
-            }
-
-            $scheduleRun = BackupScheduleRun::query()
-                ->where('tenant_id', $tenantId)
-                ->where('user_id', $userId)
-                ->where('backup_schedule_id', $scheduleId)
-                ->where('created_at', '>=', $bulkRun->created_at)
-                ->orderByDesc('id')
-                ->first();
-
-            if (! $scheduleRun) {
-                continue;
-            }
-
-            if ($scheduleRun->finished_at) {
-                $processed = 1;
-                $succeeded = 0;
-                $failed = 0;
-                $skipped = 0;
-                $status = 'completed';
-
-                switch ($scheduleRun->status) {
-                    case BackupScheduleRun::STATUS_SUCCESS:
-                        $succeeded = 1;
-                        break;
-
-                    case BackupScheduleRun::STATUS_SKIPPED:
-                        $skipped = 1;
-                        break;
-
-                    default:
-                        $failed = 1;
-                        $status = 'completed_with_errors';
-                        break;
-                }
-
-                $bulkRun->forceFill([
-                    'status' => $status,
-                    'processed_items' => $processed,
-                    'succeeded' => $succeeded,
-                    'failed' => $failed,
-                    'skipped' => $skipped,
-                ])->save();
-
-                continue;
-            }
-
-            if ($scheduleRun->started_at && $bulkRun->status === 'pending') {
-                $bulkRun->forceFill(['status' => 'running'])->save();
-            }
-        }
+        $activeCount = (clone $query)->count();
+        $this->runs = (clone $query)->limit(6)->get();
+        $this->overflowCount = max(0, $activeCount - 5);
+        $this->hasActiveRuns = $this->runs->isNotEmpty();
     }
 
     public function render(): \Illuminate\Contracts\View\View
     {
-        return view('livewire.bulk-operation-progress');
+        return view('livewire.bulk-operation-progress', [
+            'tenant' => Filament::getTenant(),
+        ]);
     }
 }
diff --git a/app/Notifications/OperationRunCompleted.php b/app/Notifications/OperationRunCompleted.php
index c249a9a..29b5514 100644
--- a/app/Notifications/OperationRunCompleted.php
+++ b/app/Notifications/OperationRunCompleted.php
@@ -4,8 +4,7 @@
 
 use App\Models\OperationRun;
 use App\Models\Tenant;
-use App\Support\OperationRunLinks;
-use Filament\Notifications\Notification as FilamentNotification;
+use App\Support\OpsUx\OperationUxPresenter;
 use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Notification;
 
@@ -26,21 +25,10 @@ public function toDatabase(object $notifiable): array
     {
         $tenant = $this->run->tenant;
 
-        $status = match ((string) $this->run->outcome) {
-            'succeeded' => 'success',
-            'partially_succeeded' => 'warning',
-            default => 'danger',
-        };
-
-        return FilamentNotification::make()
-            ->title('Operation completed')
-            ->body("{$this->run->type} ({$this->run->outcome})")
-            ->status($status)
-            ->actions([
-                \Filament\Actions\Action::make('view')
-                    ->label('View run')
-                    ->url($tenant instanceof Tenant ? OperationRunLinks::view($this->run, $tenant) : null),
-            ])
+        return OperationUxPresenter::terminalDatabaseNotification(
+            run: $this->run,
+            tenant: $tenant instanceof Tenant ? $tenant : null,
+        )
             ->getDatabaseMessage();
     }
 }
diff --git a/app/Notifications/OperationRunQueued.php b/app/Notifications/OperationRunQueued.php
index 5e78c84..074e946 100644
--- a/app/Notifications/OperationRunQueued.php
+++ b/app/Notifications/OperationRunQueued.php
@@ -4,6 +4,7 @@
 
 use App\Models\OperationRun;
 use App\Models\Tenant;
+use App\Support\OperationCatalog;
 use App\Support\OperationRunLinks;
 use Filament\Notifications\Notification as FilamentNotification;
 use Illuminate\Bus\Queueable;
@@ -32,10 +33,12 @@ public function toDatabase(object $notifiable): array
     {
         $tenant = $this->run->tenant;
 
+        $operationLabel = OperationCatalog::label((string) $this->run->type);
+
         return FilamentNotification::make()
-            ->title('Operation queued')
-            ->body($this->run->type)
-            ->info()
+            ->title("{$operationLabel} queued")
+            ->body('Queued. Monitor progress in Monitoring → Operations.')
+            ->warning()
             ->actions([
                 \Filament\Actions\Action::make('view_run')
                     ->label('View run')
diff --git a/app/Providers/Filament/AdminPanelProvider.php b/app/Providers/Filament/AdminPanelProvider.php
index 9d90f61..2b51d14 100644
--- a/app/Providers/Filament/AdminPanelProvider.php
+++ b/app/Providers/Filament/AdminPanelProvider.php
@@ -20,6 +20,7 @@
 use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
 use Illuminate\Routing\Middleware\SubstituteBindings;
 use Illuminate\Session\Middleware\StartSession;
+use Illuminate\Support\Facades\Blade;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
 
 class AdminPanelProvider extends PanelProvider
@@ -41,7 +42,7 @@ public function panel(Panel $panel): Panel
             ->renderHook(
                 PanelsRenderHook::BODY_END,
                 fn () => (bool) config('tenantpilot.bulk_operations.progress_widget_enabled', true)
-                    ? view('livewire.bulk-operation-progress-wrapper')->render()
+                    ? Blade::render("@livewire('bulk-operation-progress', [], key('ops-ux-progress'))")
                     : ''
             )
             ->discoverResources(in: app_path('Filament/Resources'), for: 'App\Filament\Resources')
diff --git a/app/Services/OperationRunService.php b/app/Services/OperationRunService.php
index 7c68c1b..4faacc9 100644
--- a/app/Services/OperationRunService.php
+++ b/app/Services/OperationRunService.php
@@ -6,9 +6,9 @@
 use App\Models\Tenant;
 use App\Models\User;
 use App\Notifications\OperationRunCompleted as OperationRunCompletedNotification;
-use App\Notifications\OperationRunQueued as OperationRunQueuedNotification;
 use App\Support\OperationRunOutcome;
 use App\Support\OperationRunStatus;
+use App\Support\OpsUx\SummaryCountsNormalizer;
 use Illuminate\Database\QueryException;
 use InvalidArgumentException;
 use Throwable;
@@ -107,7 +107,7 @@ public function updateRun(
         }
 
         if (! empty($summaryCounts)) {
-            $updateData['summary_counts'] = $summaryCounts;
+            $updateData['summary_counts'] = $this->sanitizeSummaryCounts($summaryCounts);
         }
 
         if (! empty($failures)) {
@@ -142,14 +142,10 @@ public function updateRun(
      * If dispatch fails synchronously (misconfiguration, serialization errors, etc.),
      * the OperationRun is marked terminal failed so we do not leave a misleading queued run behind.
      */
-    public function dispatchOrFail(OperationRun $run, callable $dispatcher, bool $emitQueuedNotification = true): void
+    public function dispatchOrFail(OperationRun $run, callable $dispatcher): void
     {
         try {
             $dispatcher();
-
-            if ($emitQueuedNotification && $run->wasRecentlyCreated && $run->user instanceof User) {
-                $run->user->notify(new OperationRunQueuedNotification($run));
-            }
         } catch (Throwable $e) {
             $this->updateRun(
                 $run,
@@ -277,6 +273,15 @@ protected function sanitizeMessage(string $message): string
         // Redact long opaque blobs that look token-like.
         $message = preg_replace('/\b[A-Za-z0-9\-\._~\+\/]{64,}\b/', '[REDACTED]', $message) ?? $message;
 
-        return substr($message, 0, 500);
+        return substr($message, 0, 120);
+    }
+
+    /**
+     * @param  array<string, mixed>  $summaryCounts
+     * @return array<string, int>
+     */
+    protected function sanitizeSummaryCounts(array $summaryCounts): array
+    {
+        return SummaryCountsNormalizer::normalize($summaryCounts);
     }
 }
diff --git a/app/Support/OperationCatalog.php b/app/Support/OperationCatalog.php
new file mode 100644
index 0000000..0b313ce
--- /dev/null
+++ b/app/Support/OperationCatalog.php
@@ -0,0 +1,64 @@
+<?php
+
+namespace App\Support;
+
+use App\Support\OpsUx\OperationSummaryKeys;
+
+final class OperationCatalog
+{
+    /**
+     * @return array<string, string>
+     */
+    public static function labels(): array
+    {
+        return [
+            'policy.sync' => 'Policy sync',
+            'policy.sync_one' => 'Policy sync',
+            'policy.capture_snapshot' => 'Policy snapshot',
+            'inventory.sync' => 'Inventory sync',
+            'directory_groups.sync' => 'Directory groups sync',
+            'drift.generate' => 'Drift generation',
+            'backup_set.add_policies' => 'Backup set update',
+            'backup_set.remove_policies' => 'Backup set update',
+            'backup_set.delete' => 'Archive backup sets',
+            'backup_set.restore' => 'Restore backup sets',
+            'backup_set.force_delete' => 'Delete backup sets',
+            'backup_schedule.run_now' => 'Backup schedule run',
+            'backup_schedule.retry' => 'Backup schedule retry',
+            'restore.execute' => 'Restore execution',
+            'policy_version.prune' => 'Prune policy versions',
+            'policy_version.restore' => 'Restore policy versions',
+            'policy_version.force_delete' => 'Delete policy versions',
+        ];
+    }
+
+    public static function label(string $operationType): string
+    {
+        $operationType = trim($operationType);
+
+        if ($operationType === '') {
+            return 'Operation';
+        }
+
+        return self::labels()[$operationType] ?? 'Unknown operation';
+    }
+
+    public static function expectedDurationSeconds(string $operationType): ?int
+    {
+        return match (trim($operationType)) {
+            'policy.sync', 'policy.sync_one' => 90,
+            'inventory.sync' => 180,
+            'directory_groups.sync' => 120,
+            'drift.generate' => 240,
+            default => null,
+        };
+    }
+
+    /**
+     * @return array<int, string>
+     */
+    public static function allowedSummaryKeys(): array
+    {
+        return OperationSummaryKeys::all();
+    }
+}
diff --git a/app/Support/OpsUx/OperationRunUrl.php b/app/Support/OpsUx/OperationRunUrl.php
new file mode 100644
index 0000000..256a575
--- /dev/null
+++ b/app/Support/OpsUx/OperationRunUrl.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Support\OpsUx;
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Support\OperationRunLinks;
+
+final class OperationRunUrl
+{
+    public static function view(OperationRun $run, Tenant $tenant): string
+    {
+        return OperationRunLinks::view($run, $tenant);
+    }
+
+    public static function index(Tenant $tenant): string
+    {
+        return OperationRunLinks::index($tenant);
+    }
+}
diff --git a/app/Support/OpsUx/OperationStatusNormalizer.php b/app/Support/OpsUx/OperationStatusNormalizer.php
new file mode 100644
index 0000000..54ab565
--- /dev/null
+++ b/app/Support/OpsUx/OperationStatusNormalizer.php
@@ -0,0 +1,49 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Support\OpsUx;
+
+/**
+ * Normalize OperationRun legacy storage fields into Ops-UX canonical statuses.
+ */
+final class OperationStatusNormalizer
+{
+    /**
+     * Returns one of: queued|running|succeeded|partial|failed.
+     */
+    public static function toUxStatus(?string $status, ?string $outcome): string
+    {
+        $status = strtolower(trim((string) $status));
+        $outcome = strtolower(trim((string) $outcome));
+
+        if ($status === 'queued') {
+            return 'queued';
+        }
+
+        if ($status === 'running') {
+            return 'running';
+        }
+
+        // Terminal normalization (compatibility)
+        if ($status === 'failed' || $outcome === 'failed') {
+            return 'failed';
+        }
+
+        if ($status === 'completed' && $outcome === 'partially_succeeded') {
+            return 'partial';
+        }
+
+        if ($status === 'completed' && $outcome === 'succeeded') {
+            return 'succeeded';
+        }
+
+        // Best-effort fallback.
+        return match ($outcome) {
+            'partially_succeeded' => 'partial',
+            'succeeded' => 'succeeded',
+            'failed' => 'failed',
+            default => 'failed',
+        };
+    }
+}
diff --git a/app/Support/OpsUx/OperationSummaryKeys.php b/app/Support/OpsUx/OperationSummaryKeys.php
new file mode 100644
index 0000000..c2f925d
--- /dev/null
+++ b/app/Support/OpsUx/OperationSummaryKeys.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Support\OpsUx;
+
+class OperationSummaryKeys
+{
+    /**
+     * Return the canonical allowed summary keys used for Ops-UX rendering.
+     * Keep ordering stable to make guard tests deterministic.
+     */
+    public static function all(): array
+    {
+        return [
+            'total',
+            'processed',
+            'succeeded',
+            'failed',
+            'skipped',
+            'created',
+            'updated',
+            'deleted',
+            'items',
+            'tenants',
+        ];
+    }
+}
diff --git a/app/Support/OpsUx/OperationUxPresenter.php b/app/Support/OpsUx/OperationUxPresenter.php
new file mode 100644
index 0000000..1e2b036
--- /dev/null
+++ b/app/Support/OpsUx/OperationUxPresenter.php
@@ -0,0 +1,111 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Support\OpsUx;
+
+use App\Models\OperationRun;
+use App\Models\Tenant;
+use App\Support\OperationCatalog;
+use Filament\Notifications\Notification as FilamentNotification;
+use Illuminate\Support\Str;
+
+final class OperationUxPresenter
+{
+    public const int QUEUED_TOAST_DURATION_MS = 4000;
+
+    public const int FAILURE_MESSAGE_MAX_CHARS = 140;
+
+    /**
+     * Queued intent feedback toast (ephemeral, not persisted).
+     */
+    public static function queuedToast(string $operationType): FilamentNotification
+    {
+        $operationLabel = OperationCatalog::label($operationType);
+
+        return FilamentNotification::make()
+            ->title("{$operationLabel} queued")
+            ->body('Running in the background.')
+            ->warning()
+            ->duration(self::QUEUED_TOAST_DURATION_MS);
+    }
+
+    /**
+     * Terminal DB notification payload.
+     *
+     * Note: We intentionally return the built Filament notification builder to
+     * keep DB formatting consistent with existing Notification classes.
+     */
+    public static function terminalDatabaseNotification(OperationRun $run, ?Tenant $tenant = null): FilamentNotification
+    {
+        $operationLabel = OperationCatalog::label((string) $run->type);
+
+        $uxStatus = OperationStatusNormalizer::toUxStatus($run->status, $run->outcome);
+
+        $titleSuffix = match ($uxStatus) {
+            'succeeded' => 'completed',
+            'partial' => 'completed with warnings',
+            default => 'failed',
+        };
+
+        $body = match ($uxStatus) {
+            'succeeded' => 'Completed successfully.',
+            'partial' => 'Completed with warnings.',
+            default => 'Failed.',
+        };
+
+        if ($uxStatus === 'failed') {
+            $failureMessage = (string) (($run->failure_summary[0]['message'] ?? '') ?? '');
+
+            $failureMessage = self::sanitizeFailureMessage($failureMessage);
+
+            if ($failureMessage !== null) {
+                $body = $body.' '.$failureMessage;
+            }
+        }
+
+        $summary = SummaryCountsNormalizer::renderSummaryLine(is_array($run->summary_counts) ? $run->summary_counts : []);
+        if ($summary !== null) {
+            $body = $body."\n".$summary;
+        }
+
+        $status = match ($uxStatus) {
+            'succeeded' => 'success',
+            'partial' => 'warning',
+            default => 'danger',
+        };
+
+        $notification = FilamentNotification::make()
+            ->title("{$operationLabel} {$titleSuffix}")
+            ->body($body)
+            ->status($status);
+
+        if ($tenant instanceof Tenant) {
+            $notification->actions([
+                \Filament\Actions\Action::make('view')
+                    ->label('View run')
+                    ->url(OperationRunUrl::view($run, $tenant)),
+            ]);
+        }
+
+        return $notification;
+    }
+
+    private static function sanitizeFailureMessage(string $failureMessage): ?string
+    {
+        $failureMessage = trim($failureMessage);
+
+        if ($failureMessage === '') {
+            return null;
+        }
+
+        $failureMessage = Str::of($failureMessage)
+            ->replace(["\r", "\n"], ' ')
+            ->squish()
+            ->toString();
+
+        $failureMessage = Str::limit($failureMessage, self::FAILURE_MESSAGE_MAX_CHARS, '…');
+
+        return $failureMessage !== '' ? $failureMessage : null;
+    }
+}
diff --git a/app/Support/OpsUx/OpsUxBrowserEvents.php b/app/Support/OpsUx/OpsUxBrowserEvents.php
new file mode 100644
index 0000000..df63746
--- /dev/null
+++ b/app/Support/OpsUx/OpsUxBrowserEvents.php
@@ -0,0 +1,31 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Support\OpsUx;
+
+use App\Livewire\BulkOperationProgress;
+use Filament\Facades\Filament;
+
+final class OpsUxBrowserEvents
+{
+    public const RunEnqueued = 'ops-ux:run-enqueued';
+
+    public static function dispatchRunEnqueued(mixed $livewire): void
+    {
+        if (! is_object($livewire)) {
+            return;
+        }
+
+        if (! method_exists($livewire, 'dispatch')) {
+            return;
+        }
+
+        $tenantId = Filament::getTenant()?->getKey();
+
+        // In Livewire v3, dispatch() emits a DOM event that bubbles.
+        // Our progress widget is mounted outside the initiating component's DOM tree,
+        // so we target it explicitly to ensure it receives the event immediately.
+        $livewire->dispatch(self::RunEnqueued, tenantId: $tenantId)->to(BulkOperationProgress::class);
+    }
+}
diff --git a/app/Support/OpsUx/RunDetailPolling.php b/app/Support/OpsUx/RunDetailPolling.php
new file mode 100644
index 0000000..0e5de7a
--- /dev/null
+++ b/app/Support/OpsUx/RunDetailPolling.php
@@ -0,0 +1,35 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Support\OpsUx;
+
+use App\Models\OperationRun;
+
+final class RunDetailPolling
+{
+    /**
+     * Returns a Livewire polling interval string (e.g. "1s") while the run is active.
+     * Returns null once the run is terminal.
+     */
+    public static function interval(OperationRun $run): ?string
+    {
+        $uxStatus = OperationStatusNormalizer::toUxStatus($run->status, $run->outcome);
+
+        if (! in_array($uxStatus, ['queued', 'running'], true)) {
+            return null;
+        }
+
+        $ageSeconds = now()->diffInSeconds($run->created_at ?? now());
+
+        if ($ageSeconds < 10) {
+            return '1s';
+        }
+
+        if ($ageSeconds < 60) {
+            return '5s';
+        }
+
+        return '10s';
+    }
+}
diff --git a/app/Support/OpsUx/RunDurationInsights.php b/app/Support/OpsUx/RunDurationInsights.php
new file mode 100644
index 0000000..ad2ce83
--- /dev/null
+++ b/app/Support/OpsUx/RunDurationInsights.php
@@ -0,0 +1,145 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Support\OpsUx;
+
+use App\Models\OperationRun;
+use App\Support\OperationCatalog;
+use Illuminate\Support\Facades\Cache;
+
+final class RunDurationInsights
+{
+    public static function elapsedSeconds(OperationRun $run): ?int
+    {
+        $start = $run->started_at ?? $run->created_at;
+
+        if (! $start) {
+            return null;
+        }
+
+        $end = $run->completed_at ?? now();
+
+        $seconds = $end->diffInSeconds($start);
+
+        if (is_int($seconds)) {
+            return $seconds;
+        }
+
+        return (int) round((float) $seconds);
+    }
+
+    public static function elapsedHuman(OperationRun $run): string
+    {
+        $start = $run->started_at ?? $run->created_at;
+
+        if (! $start) {
+            return '—';
+        }
+
+        $end = $run->completed_at ?? now();
+
+        return $end->diffForHumans($start, true);
+    }
+
+    public static function expectedSeconds(OperationRun $run): ?int
+    {
+        $catalog = OperationCatalog::expectedDurationSeconds((string) $run->type);
+
+        if (is_int($catalog)) {
+            return $catalog;
+        }
+
+        $tenantId = (int) ($run->tenant_id ?? 0);
+        $type = (string) ($run->type ?? '');
+
+        if ($tenantId <= 0 || $type === '') {
+            return null;
+        }
+
+        $cacheKey = "opsux:expected-duration:tenant:{$tenantId}:type:".$type;
+
+        return Cache::remember($cacheKey, now()->addMinutes(10), function () use ($tenantId, $type): ?int {
+            $durations = OperationRun::query()
+                ->where('tenant_id', $tenantId)
+                ->where('type', $type)
+                ->whereNotNull('started_at')
+                ->whereNotNull('completed_at')
+                ->where('created_at', '>=', now()->subDays(30))
+                ->latest('id')
+                ->limit(200)
+                ->get(['started_at', 'completed_at'])
+                ->map(function (OperationRun $run): ?int {
+                    if (! $run->started_at || ! $run->completed_at) {
+                        return null;
+                    }
+
+                    $seconds = $run->completed_at->diffInSeconds($run->started_at);
+
+                    if (is_int($seconds)) {
+                        return $seconds;
+                    }
+
+                    return (int) round((float) $seconds);
+                })
+                ->filter(fn (?int $seconds): bool => is_int($seconds) && $seconds > 0)
+                ->sort()
+                ->values();
+
+            if ($durations->isEmpty()) {
+                return null;
+            }
+
+            $count = $durations->count();
+            $middle = intdiv($count - 1, 2);
+
+            $median = (int) $durations[$middle];
+
+            return $median > 0 ? $median : null;
+        });
+    }
+
+    public static function expectedHuman(OperationRun $run): ?string
+    {
+        $seconds = self::expectedSeconds($run);
+
+        if (! is_int($seconds) || $seconds <= 0) {
+            return null;
+        }
+
+        if ($seconds < 60) {
+            return 'Typically under 1 minute';
+        }
+
+        $minutes = (int) round($seconds / 60);
+
+        return "Typically ~{$minutes} min";
+    }
+
+    public static function stuckGuidance(OperationRun $run): ?string
+    {
+        $uxStatus = OperationStatusNormalizer::toUxStatus($run->status, $run->outcome);
+
+        if (! in_array($uxStatus, ['queued', 'running'], true)) {
+            return null;
+        }
+
+        $elapsed = self::elapsedSeconds($run);
+
+        if (! is_int($elapsed) || $elapsed <= 0) {
+            return null;
+        }
+
+        $expected = self::expectedSeconds($run);
+
+        $isLikelyStuck = is_int($expected)
+            ? ($elapsed > max(600, $expected * 2))
+            : ($elapsed > 900);
+
+        if (! $isLikelyStuck) {
+            return null;
+        }
+
+        return 'Taking longer than expected. If this does not complete soon, verify the queue worker is running and check logs for errors.';
+    }
+}
diff --git a/app/Support/OpsUx/SummaryCountsNormalizer.php b/app/Support/OpsUx/SummaryCountsNormalizer.php
new file mode 100644
index 0000000..1f7a6da
--- /dev/null
+++ b/app/Support/OpsUx/SummaryCountsNormalizer.php
@@ -0,0 +1,69 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Support\OpsUx;
+
+final class SummaryCountsNormalizer
+{
+    /**
+     * @param  array<string, mixed>  $summaryCounts
+     * @return array<string, int>
+     */
+    public static function normalize(array $summaryCounts): array
+    {
+        $allowedKeys = array_flip(OperationSummaryKeys::all());
+
+        $sanitized = [];
+
+        foreach ($summaryCounts as $key => $value) {
+            $key = trim((string) $key);
+
+            if ($key === '' || ! isset($allowedKeys[$key])) {
+                continue;
+            }
+
+            if (is_int($value)) {
+                $sanitized[$key] = $value;
+
+                continue;
+            }
+
+            if (is_float($value) && is_finite($value)) {
+                $sanitized[$key] = (int) round($value);
+
+                continue;
+            }
+
+            if (is_numeric($value)) {
+                $sanitized[$key] = (int) $value;
+            }
+        }
+
+        return $sanitized;
+    }
+
+    /**
+     * @param  array<string, mixed>  $summaryCounts
+     */
+    public static function renderSummaryLine(array $summaryCounts): ?string
+    {
+        $normalized = self::normalize($summaryCounts);
+
+        if ($normalized === []) {
+            return null;
+        }
+
+        $parts = [];
+
+        foreach ($normalized as $key => $value) {
+            $parts[] = $key.': '.$value;
+        }
+
+        if ($parts === []) {
+            return null;
+        }
+
+        return 'Summary: '.implode(', ', $parts);
+    }
+}
diff --git a/resources/views/livewire/bulk-operation-progress.blade.php b/resources/views/livewire/bulk-operation-progress.blade.php
index f74e5d4..2f8fc4b 100644
--- a/resources/views/livewire/bulk-operation-progress.blade.php
+++ b/resources/views/livewire/bulk-operation-progress.blade.php
@@ -1,85 +1,189 @@
 @php($runs = $runs ?? collect())
-@php($interval = $runs->isEmpty() ? max((int) $pollSeconds, 10) : (int) $pollSeconds)
+@php($overflowCount = (int) ($overflowCount ?? 0))
+@php($tenant = $tenant ?? null)
 
-<div wire:poll.{{ $interval }}s="loadRuns">
-    <!-- Bulk Operation Progress Component: {{ $runs->count() }} active runs -->
+{{-- Widget must always be mounted, even when empty, so it can receive Livewire events --}}
+<div 
+    x-data="opsUxProgressWidgetPoller()" 
+    x-init="init()" 
+    wire:key="ops-ux-progress-widget"
+    @if($runs->isNotEmpty()) wire:poll.5s="refreshRuns" @endif
+>
     @if($runs->isNotEmpty())
         <div class="fixed bottom-4 right-4 z-[999999] w-96 space-y-2" style="pointer-events: auto;">
-            @foreach ($runs as $run)
-                @php($effectiveTotal = max((int) $run->total_items, (int) $run->processed_items))
-                @php($percent = $effectiveTotal > 0 ? min(100, round(($run->processed_items / $effectiveTotal) * 100)) : 0)
+            @foreach ($runs->take(5) as $run)
                 <div class="bg-white dark:bg-gray-800 rounded-lg shadow-xl border-2 border-primary-500 dark:border-primary-400 p-4 transition-all animate-in slide-in-from-right duration-300"
-                     wire:key="run-{{ $run->id }}">
-                    
-                    <div class="flex justify-between items-start mb-3">
-                        <div class="flex-1">
+                    wire:key="run-{{ $run->id }}">
+                    <div class="flex items-start justify-between gap-4">
+                        <div class="min-w-0">
                             <h4 class="text-sm font-semibold text-gray-900 dark:text-gray-100">
-                                {{ ucfirst($run->action) }} {{ ucfirst(str_replace('_', ' ', $run->resource)) }}
+                                {{ \App\Support\OperationCatalog::label((string) $run->type) }}
                             </h4>
-                            <p class="text-xs text-gray-500 dark:text-gray-400 mt-0.5">
-                                @if($run->status === 'pending')
-                                    @php($isStalePending = $run->created_at->lt(now()->subSeconds(30)))
-                                    <span class="inline-flex items-center">
-                                        <svg class="animate-spin -ml-1 mr-1.5 h-3 w-3 text-primary-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
-                                            <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
-                                            <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
-                                        </svg>
-                                        {{ $isStalePending ? 'Queued…' : 'Starting...' }}
-                                    </span>
-                                @elseif($run->status === 'running')
-                                    <span class="inline-flex items-center">
-                                        <svg class="animate-spin -ml-1 mr-1.5 h-3 w-3 text-primary-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
-                                            <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
-                                            <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
-                                        </svg>
-                                        Processing...
-                                    </span>
-                                @elseif(in_array($run->status, ['completed', 'completed_with_errors'], true))
-                                    <span class="text-success-600 dark:text-success-400">Done</span>
-                                @elseif(in_array($run->status, ['failed', 'aborted'], true))
-                                    <span class="text-danger-600 dark:text-danger-400">Failed</span>
+                            <p class="mt-0.5 text-xs text-gray-500 dark:text-gray-400">
+                                @if($run->status === 'queued')
+                                    Queued • {{ ($run->started_at ?? $run->created_at)?->diffForHumans(null, true, true) }}
+                                @else
+                                    Running • {{ ($run->started_at ?? $run->created_at)?->diffForHumans(null, true, true) }}
                                 @endif
                             </p>
                         </div>
-                        <div class="text-right">
-                            <span class="text-xs font-medium text-gray-700 dark:text-gray-300">
-                                {{ $run->processed_items }} / {{ $effectiveTotal }}
-                            </span>
-                            <div class="text-xs text-gray-500 dark:text-gray-400 mt-0.5">
-                                {{ $percent }}%
-                            </div>
-                        </div>
-                    </div>
 
-                    <div class="w-full bg-gray-200 rounded-full h-3 dark:bg-gray-700 overflow-hidden">
-                        <div class="bg-primary-600 dark:bg-primary-500 h-3 rounded-full transition-all duration-300 ease-out"
-                             style="width: {{ $percent }}%"></div>
-                    </div>
-
-                    <div class="mt-2 flex items-center justify-between text-xs">
-                        <div class="flex items-center gap-3">
-                            @if ($run->succeeded > 0)
-                                <span class="text-success-600 dark:text-success-400">
-                                    ✓ {{ $run->succeeded }} succeeded
-                                </span>
-                            @endif
-                            @if ($run->failed > 0)
-                                <span class="text-danger-600 dark:text-danger-400">
-                                    ✗ {{ $run->failed }} failed
-                                </span>
-                            @endif
-                            @if ($run->skipped > 0)
-                                <span class="text-gray-500 dark:text-gray-400">
-                                    ⊘ {{ $run->skipped }} skipped
-                                </span>
-                            @endif
-                        </div>
-                        <span class="text-gray-400 dark:text-gray-500">
-                            {{ $run->created_at->diffForHumans(null, true, true) }}
-                        </span>
+                        @if ($tenant)
+                            <a
+                                href="{{ \App\Support\OpsUx\OperationRunUrl::view($run, $tenant) }}"
+                                class="shrink-0 text-xs font-medium text-primary-700 hover:text-primary-800 dark:text-primary-300 dark:hover:text-primary-200"
+                            >
+                                View run
+                            </a>
+                        @endif
                     </div>
                 </div>
             @endforeach
+
+            @if($overflowCount > 0 && $tenant)
+                <a
+                    href="{{ \App\Support\OpsUx\OperationRunUrl::index($tenant) }}"
+                    class="block rounded-lg bg-white/90 dark:bg-gray-800/90 px-4 py-2 text-center text-xs font-medium text-gray-700 hover:text-gray-900 dark:text-gray-200 dark:hover:text-white shadow"
+                >
+                    +{{ $overflowCount }} more
+                </a>
+            @endif
         </div>
     @endif
 </div>
+
+<script>
+    window.opsUxProgressWidgetPoller ??= function opsUxProgressWidgetPoller() {
+        return {
+            timer: null,
+            activeSinceMs: null,
+            fastUntilMs: null,
+
+            init() {
+                this.onVisibilityChange = this.onVisibilityChange.bind(this);
+                window.addEventListener('visibilitychange', this.onVisibilityChange);
+
+                this.onNavigated = this.onNavigated.bind(this);
+                window.addEventListener('livewire:navigated', this.onNavigated);
+
+                // First sync immediately.
+                this.schedule(0);
+            },
+
+            destroy() {
+                this.stop();
+                window.removeEventListener('visibilitychange', this.onVisibilityChange);
+                window.removeEventListener('livewire:navigated', this.onNavigated);
+            },
+
+            stop() {
+                if (this.timer) {
+                    clearTimeout(this.timer);
+                    this.timer = null;
+                }
+            },
+
+            isModalOpen() {
+                return document.querySelector('[role="dialog"][aria-modal="true"]') !== null;
+            },
+
+            isPaused() {
+                if (document.hidden === true) {
+                    return true;
+                }
+
+                if (this.isModalOpen()) {
+                    return true;
+                }
+
+                if (!this.$el || this.$el.isConnected !== true) {
+                    return true;
+                }
+
+                return false;
+            },
+
+            onVisibilityChange() {
+                if (!this.isPaused()) {
+                    this.schedule(0);
+                }
+            },
+
+            onNavigated() {
+                if (!this.isPaused()) {
+                    this.schedule(0);
+                }
+            },
+
+            activeAgeSeconds() {
+                if (this.activeSinceMs === null) {
+                    return 0;
+                }
+
+                return Math.floor((Date.now() - this.activeSinceMs) / 1000);
+            },
+
+            nextIntervalMs() {
+                // Stop polling entirely if server says this component is disabled.
+                if (this.$wire?.disabled === true) {
+                    return null;
+                }
+
+                // Discovery polling.
+                if (this.$wire?.hasActiveRuns !== true) {
+                    this.activeSinceMs = null;
+                    return 30_000;
+                }
+
+                // Active polling backoff.
+                if (this.activeSinceMs === null) {
+                    this.activeSinceMs = Date.now();
+                }
+
+                const now = Date.now();
+                if (this.fastUntilMs && now < this.fastUntilMs) {
+                    return 1_000;
+                }
+
+                const age = this.activeAgeSeconds();
+                if (age < 10) {
+                    return 1_000;
+                }
+
+                if (age < 60) {
+                    return 5_000;
+                }
+
+                return 10_000;
+            },
+
+            async tick() {
+                if (this.isPaused()) {
+                    // Keep it calm: check again later.
+                    this.schedule(2_000);
+                    return;
+                }
+
+                await this.$wire.refreshRuns();
+
+                const next = this.nextIntervalMs();
+                if (next === null) {
+                    this.stop();
+                    return;
+                }
+
+                this.schedule(next);
+            },
+
+            schedule(delayMs) {
+                this.stop();
+
+                const delay = Math.max(0, Number(delayMs ?? 0));
+
+                this.timer = setTimeout(() => {
+                    this.tick();
+                }, delay);
+            },
+        };
+    };
+</script>
diff --git a/specs/055-ops-ux-rollout/checklists/requirements.md b/specs/055-ops-ux-rollout/checklists/requirements.md
new file mode 100644
index 0000000..9b05424
--- /dev/null
+++ b/specs/055-ops-ux-rollout/checklists/requirements.md
@@ -0,0 +1,34 @@
+# Specification Quality Checklist: Ops-UX Constitution Rollout (v1.3.0 Alignment)
+
+**Purpose**: Validate specification completeness and quality before proceeding to planning
+**Created**: 2026-01-18
+**Feature**: [spec.md](../spec.md)
+
+## Content Quality
+
+- [x] No implementation details (languages, frameworks, APIs)
+- [x] Focused on user value and business needs
+- [x] Written for non-technical stakeholders
+- [x] All mandatory sections completed
+
+## Requirement Completeness
+
+- [x] No [NEEDS CLARIFICATION] markers remain
+- [x] Requirements are testable and unambiguous
+- [x] Success criteria are measurable
+- [x] Success criteria are technology-agnostic (no implementation details)
+- [x] All acceptance scenarios are defined
+- [x] Edge cases are identified
+- [x] Scope is clearly bounded
+- [x] Dependencies and assumptions identified
+
+## Feature Readiness
+
+- [x] All functional requirements have clear acceptance criteria
+- [x] User scenarios cover primary flows
+- [x] Feature meets measurable outcomes defined in Success Criteria
+- [x] No implementation details leak into specification
+
+## Notes
+
+- All items pass; spec is ready for `/speckit.plan`.
diff --git a/specs/055-ops-ux-rollout/contracts/ux-contracts.md b/specs/055-ops-ux-rollout/contracts/ux-contracts.md
new file mode 100644
index 0000000..79850b8
--- /dev/null
+++ b/specs/055-ops-ux-rollout/contracts/ux-contracts.md
@@ -0,0 +1,73 @@
+# UX Contracts (non-API) — Ops-UX Constitution Rollout (055)
+
+This feature does not introduce new public HTTP APIs. Instead it defines **internal UX contracts**: shared builders/presenters that all operation-related UI must use.
+
+## Surfaces
+
+### A) Toast (queued only)
+
+**Trigger**: user clicks “Start operation” / submits a form that enqueues a job.
+
+**Contract**
+
+- Toast must appear immediately.
+- Must **not** write a DB notification for `queued`.
+- Copy (canonical) (OPS-UX Constitution v1.3.0):
+  - Title: `{OperationLabel} queued`
+  - Body: `Running in the background.`
+
+Optional alternative body (not additive):
+
+- `You can monitor progress in Operations.`
+
+Forbidden in toast:
+
+- counts/metrics
+- percentages/progress
+- terminal outcomes (completed/failed/partial)
+- feature-specific copy
+
+Notes:
+
+- Toast is queued-only.
+- Terminal outcomes are delivered via DB notification (initiator-only).
+- Live awareness is via Progress Widget + Monitoring → Operations.
+
+### B) Progress widget (queued/running only)
+
+**Audience**: tenant-wide for users with Monitoring access.
+
+**Contract**
+
+- Only shows runs with status `queued` or `running`.
+- At most 5 items.
+- If more than 5, show `+N more` link to canonical Operations index.
+- Each row must include a canonical `View run` action linking to Run Detail.
+- Must use centralized label + status copy.
+- Polling cadence must be “calm”: start fast when there are actives, then back off.
+
+### C) Terminal DB notification
+
+**Trigger**: transition to a terminal state.
+
+**Audience**: initiator-only.
+
+**Contract**
+
+- Exactly one notification per run per initiator.
+- Must not write `queued` notifications.
+- Title/body/status must be derived via centralized presenter.
+- Must include canonical `View run` link.
+- Optional summary uses `summary_counts` with whitelist rules.
+
+## Strings
+
+All copy that appears in these surfaces must come from a shared source (presenter or resource strings), not ad-hoc in Blade/Livewire.
+
+## Metrics (summary_counts)
+
+Allowed keys:
+
+- See spec.md (FR-012) “Canonical allowed summary keys (single source of truth)”.
+
+Any other keys must not render.
diff --git a/specs/055-ops-ux-rollout/data-model.md b/specs/055-ops-ux-rollout/data-model.md
new file mode 100644
index 0000000..f62f3a6
--- /dev/null
+++ b/specs/055-ops-ux-rollout/data-model.md
@@ -0,0 +1,104 @@
+# Phase 1 Data Model: Ops-UX Constitution Rollout (v1.3.0 Alignment) (055)
+
+**Date**: 2026-01-18
+
+This feature is a migration: it standardizes how existing `operation_runs` records are presented via three UX surfaces.
+
+## Entities
+
+### 1) OperationRun (existing)
+
+**Source**: `operation_runs` table
+
+**Fields (relevant to this feature)**
+
+- `id` (int)
+- `tenant_id` (int)
+- `user_id` (int|null) — initiator user
+- `initiator_name` (string)
+- `type` (string) — operation type identifier
+- `status` (string) — active: `queued|running`, terminal: `completed`
+- `outcome` (string) — `pending|succeeded|partially_succeeded|failed|cancelled` (existing vocabulary)
+- `started_at` (timestamp|null)
+- `completed_at` (timestamp|null)
+- `summary_counts` (jsonb) — canonical “metrics” source for this rollout
+- `failure_summary` (jsonb) — array of failures with sanitized messages
+- `context` (jsonb) — structured context used for related links
+
+### Status / Outcome (UX-canonical)
+
+The Ops-UX surfaces (toast/widget/db notifications) use the canonical statuses:
+
+- active: `queued` | `running`
+- terminal: `succeeded` | `partial` | `failed`
+
+### Legacy / compatibility mapping (if older records exist)
+
+Some existing records may use legacy fields/values (for example `status=completed` with an `outcome`).
+These MUST be normalized for UX rendering as follows:
+
+Normalization rules:
+
+- `status=completed` AND `outcome=succeeded`            -> `terminal=succeeded`
+- `status=completed` AND `outcome=partially_succeeded` -> `terminal=partial`
+- `status=failed` OR `outcome=failed`                  -> `terminal=failed`
+
+Notes:
+
+- The Monitoring UI MUST remain usable if legacy values exist.
+- Normalization is a presentation concern for Ops-UX; storage may remain unchanged during rollout.
+
+### 2) OperationCatalog (new/standardized)
+
+**Purpose**: single source of truth for operation labels.
+
+**Fields**
+
+- `operation_type` (string) → `label` (string)
+
+**Rules**
+
+- Any code-produced operation type must be registered (CI guard).
+- Unknown types from historical data render as `Unknown operation`.
+
+### 3) OperationRunUrl (new helper)
+
+**Purpose**: canonical URL generator for “View run”.
+
+**Rule**: all “View run” links must route to Monitoring → Operations → Run Detail.
+
+### 4) OperationUxPresenter (new presenter/builder)
+
+**Purpose**: centralized presentation for all three surfaces.
+
+**Responsibilities**
+
+- Toast copy for queued intent
+- Progress widget row presentation (label, status text, optional progress)
+- Terminal DB notification title/body/status and optional summary rendering
+
+## Validation rules
+
+### Summary counts (`operation_runs.summary_counts`)
+
+- Must be a flat object/dictionary.
+- Allowed keys only:
+  - `total, processed, succeeded, failed, skipped, created, updated, deleted, items, tenants`
+- Values must be numeric and normalized to integers.
+- Invalid keys/values are ignored; if nothing valid remains, no summary is rendered.
+
+### Failure messages
+
+- Short, sanitized, no secrets/tokens, no payload dumps.
+- Used only for terminal failure notification body as optional suffix.
+
+## Relationships
+
+- `OperationRun` belongs to `Tenant`
+- `OperationRun` belongs to `User` (initiator) (nullable)
+
+## Derived fields for presentation
+
+- `OperationLabel` = `OperationCatalog::label(type)` (or `Unknown operation`)
+- `UxStatus` = `Queued|Running|Completed|Partial|Failed` (derived)
+- `ProgressPercent` (optional) = `processed / total` only when both exist and are valid
diff --git a/specs/055-ops-ux-rollout/plan.md b/specs/055-ops-ux-rollout/plan.md
new file mode 100644
index 0000000..2a803f2
--- /dev/null
+++ b/specs/055-ops-ux-rollout/plan.md
@@ -0,0 +1,110 @@
+# Implementation Plan: Ops-UX Constitution Rollout (v1.3.0 Alignment) (055)
+
+**Branch**: `055-ops-ux-rollout` | **Date**: 2026-01-18 | **Spec**: `specs/055-ops-ux-rollout/spec.md`
+**Input**: Feature specification from `specs/055-ops-ux-rollout/spec.md`
+
+**Note**: This template is filled in by the `/speckit.plan` command. See `.specify/scripts/` for helper scripts.
+
+## Summary
+
+Standardize all operation feedback across the app to the Operations UX Constitution (v1.3.0):
+
+- Three surfaces only (queued toast, progress widget for active runs, terminal DB notification for initiator).
+- Centralized operation labels via an OperationCatalog.
+- Canonical “View run” navigation to Monitoring → Operations → Run Detail.
+- Safe, structured summaries sourced only from `operation_runs.summary_counts` (JSONB), using a single whitelist and numeric-only values.
+
+Primary deliverables are shared presenters/normalizers + regression guards (Pest) that prevent drift.
+
+## Technical Context
+
+**Language/Version**: PHP 8.4.15 (Laravel 12)  
+**Primary Dependencies**: Filament v4, Livewire v3  
+**Storage**: PostgreSQL (JSONB for `operation_runs.summary_counts`)  
+**Testing**: Pest v4 (Laravel test runner), PHPUnit 12 (via Pest)  
+**Target Platform**: Docker/Sail for local dev, container-based deploy (Dokploy)  
+**Project Type**: Laravel web application (monolith)  
+**Performance Goals**: Not performance-driven; UX consistency and guardrails are primary  
+**Constraints**:
+- Calm polling rules (no modal polling; pause when tab hidden; stop on terminal)
+- No new Graph calls introduced by this feature
+- No schema refactor required for rollout; normalize for presentation
+**Scale/Scope**: Repo-wide UX migration impacting multiple producers and Monitoring UI
+
+## Constitution Check
+
+*GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.*
+
+- Inventory-first: N/A (this feature is a UX standardization on existing run records)
+- Read/write separation: No new writes; changes are UX/presentation + safe sanitization + tests
+- Graph contract path: No Graph calls introduced
+- Deterministic capabilities: N/A
+- Tenant isolation: All queried runs are tenant-scoped; notifications are initiator-only
+- Operations UX (unified system): This feature enforces the three-surface model and canonical navigation
+- Automation: N/A (no new scheduling/locks added)
+- Data minimization: Summary and failure messages are sanitized; summaries are numeric-only
+
+**Gate status**: PASS (no violations required)
+
+**Post-design re-check**: PASS (design artifacts align with Ops-UX three-surface model, DB source-of-truth, canonical navigation, and safe summaries)
+
+## Project Structure
+
+### Documentation (this feature)
+
+```text
+specs/055-ops-ux-rollout/
+├── plan.md
+├── research.md
+├── data-model.md
+├── quickstart.md
+├── contracts/
+│   └── ux-contracts.md
+└── tasks.md
+```
+
+### Source Code (repository root)
+
+```text
+app/
+├── Filament/
+├── Livewire/
+├── Models/
+├── Notifications/
+├── Providers/
+├── Services/
+└── Support/
+
+resources/
+└── views/
+
+routes/
+└── web.php
+
+tests/
+├── Feature/
+└── Unit/
+```
+
+**Structure Decision**: Laravel web application (monolith) with Filament admin UI in `app/Filament/` and Pest tests in `tests/`.
+
+## Phase Outputs
+
+### Phase 0 — Research
+
+- `specs/055-ops-ux-rollout/research.md`
+
+### Phase 1 — Design & Contracts
+
+- `specs/055-ops-ux-rollout/data-model.md`
+- `specs/055-ops-ux-rollout/contracts/ux-contracts.md`
+- `specs/055-ops-ux-rollout/quickstart.md`
+
+## Complexity Tracking
+
+> **Fill ONLY if Constitution Check has violations that must be justified**
+
+| Violation | Why Needed | Simpler Alternative Rejected Because |
+|-----------|------------|-------------------------------------|
+| [e.g., 4th project] | [current need] | [why 3 projects insufficient] |
+| [e.g., Repository pattern] | [specific problem] | [why direct DB access insufficient] |
diff --git a/specs/055-ops-ux-rollout/quickstart.md b/specs/055-ops-ux-rollout/quickstart.md
new file mode 100644
index 0000000..24481e8
--- /dev/null
+++ b/specs/055-ops-ux-rollout/quickstart.md
@@ -0,0 +1,48 @@
+# Quickstart — Ops-UX Constitution Rollout (v1.3.0 Alignment) (055)
+
+This feature is a repo-wide migration. It standardizes operation feedback across:
+
+- **Toast** (queued only)
+- **Progress widget** (queued/running only)
+- **DB notification** (terminal only)
+
+## Dev setup
+
+Use Sail-first:
+
+- `./vendor/bin/sail up -d`
+- `./vendor/bin/sail artisan migrate`
+
+## Key places in the codebase
+
+- Operation runs table: `operation_runs`
+- Monitoring UI: Filament resources/pages for operation runs
+- Existing widget: Livewire `BulkOperationProgress` injected via Filament render hook
+- Canonical run links helper: `App\Support\OperationRunLinks`
+
+## What to change (high level)
+
+1) Centralize operation label + UX copy
+- Create/update catalog/presenter so widget + notification + toast share strings.
+
+2) Enforce queued vs terminal feedback split
+- Toast for `queued`
+- Widget for `queued|running`
+- DB notification for terminal states only
+
+3) Enforce canonical “View run” link
+- All surfaces link to Monitoring → Operations → Run Detail.
+
+4) Metrics normalization
+- Use `summary_counts` only.
+- Apply whitelist + integer normalization.
+
+## How to validate
+
+Run targeted tests:
+
+- `./vendor/bin/sail artisan test --group=ops-ux`
+
+Then run Pint:
+
+- `./vendor/bin/pint --dirty`
diff --git a/specs/055-ops-ux-rollout/research.md b/specs/055-ops-ux-rollout/research.md
new file mode 100644
index 0000000..8e0efce
--- /dev/null
+++ b/specs/055-ops-ux-rollout/research.md
@@ -0,0 +1,72 @@
+# Phase 0 Research: Ops-UX Constitution Rollout (v1.3.0 Alignment) (055)
+
+**Date**: 2026-01-18
+
+## Findings
+
+### Current operation-run storage and UX primitives
+
+- The repo has a tenant-scoped `operation_runs` table and an `OperationRun` model.
+- Structured “metrics” for this rollout are stored as `operation_runs.summary_counts` (JSONB).
+- Canonical Monitoring entrypoint exists via the Filament resource `OperationRunResource`.
+- Canonical route building already exists in `App\Support\OperationRunLinks`.
+
+### Existing progress widget patterns
+
+- A bottom-right Livewire widget exists today for bulk operations: `App\Livewire\BulkOperationProgress`.
+- It is injected globally via a Filament render hook in `App\Providers\Filament\AdminPanelProvider`.
+- Current behavior is not constitution-compliant:
+  - It shows terminal states and renders terminal wording.
+  - It renders percentages and per-run counts unconditionally.
+  - It is user-scoped today (filters by `user_id = auth()->id()`).
+
+### Notifications
+
+- Filament database notifications are already used and are persistent by default.
+- Current code has OperationRun DB notifications (queued + completed), but this rollout requires:
+  - no queued DB notifications
+  - exactly one terminal notification per run
+  - initiator-only audience
+
+## Decisions
+
+### Decision 1: Tenant-wide progress widget scope
+- **Chosen**: The progress widget shows all active runs for the current tenant (not only runs started by the current user), for users with access to Monitoring → Operations.
+- **Rationale**: Aligns with the constitution’s tenant-scoped operations model and avoids “why don’t I see what’s running?” support loops.
+- **Alternatives considered**:
+  - User-only widget: rejected (hides tenant work and defeats the monitoring intent).
+
+### Decision 2: Canonical metrics source
+- **Chosen**: Treat `operation_runs.summary_counts` as the canonical “metrics” field for this rollout.
+- **Rationale**: Matches existing schema; avoids adding a new `metrics` column during a UX migration.
+- **Alternatives considered**:
+  - New `operation_runs.metrics` column: rejected (scope increase + migration risk).
+
+### Decision 3: Unknown operation types in UI
+- **Chosen**: Soft-fail at runtime with label `Unknown operation`, and fail-fast in CI for code-produced operation types.
+- **Rationale**: Keeps Monitoring usable for legacy/dirty data while enforcing discipline for new work.
+- **Alternatives considered**:
+  - Throw exception at runtime: rejected (breaks Monitoring for historical data).
+  - Render raw type string: rejected (leaks internal naming and encourages drift).
+
+### Decision 4: DB notification audience
+- **Chosen**: Initiator-only for terminal DB notifications.
+- **Rationale**: Prevents tenant-wide notification spam; Monitoring remains the tenant-wide audit surface.
+- **Alternatives considered**:
+  - Tenant-wide fan-out: rejected (noisy; not necessary for monitoring).
+
+### Decision 5: No queued DB notifications
+- **Chosen**: Ban queued DB notifications repo-wide for OperationRuns.
+- **Rationale**: Simplifies dedupe; queued intent belongs to the toast surface.
+- **Alternatives considered**:
+  - Allow queued DB notifications with dedupe: rejected (still noisy; adds edge cases).
+
+### Decision 6: Migration approach for progress widget
+- **Chosen**: Reuse the existing “global Livewire progress widget via render hook” pattern, but migrate it to query `OperationRun` and apply constitution rules.
+- **Rationale**: Low-risk way to ship a single widget surface across the app.
+- **Alternatives considered**:
+  - Per-feature widgets/pages: rejected (violates the “three surfaces only” rule).
+
+## Open Questions
+
+None (all clarifications captured in the feature spec).
diff --git a/specs/055-ops-ux-rollout/spec.md b/specs/055-ops-ux-rollout/spec.md
new file mode 100644
index 0000000..f5bd2c7
--- /dev/null
+++ b/specs/055-ops-ux-rollout/spec.md
@@ -0,0 +1,213 @@
+# Feature Specification: Ops-UX Constitution Rollout (v1.3.0 Alignment)
+
+**Feature Branch**: `055-ops-ux-rollout`  
+**Created**: 2026-01-18  
+**Status**: Draft  
+**Input**: Repo-wide migration to align all existing operation feedback with the Operations UX Constitution (v1.3.0).
+
+## Clarifications
+
+### Session 2026-01-18
+
+- Q: For the Progress Widget, what should be the visibility scope? → A: All active runs for the current tenant (visible to users who can access Monitoring → Operations).
+- Q: For R7 metrics/summary contract, which field is the canonical source across the app? → A: Treat `operation_runs.summary_counts` as the canonical “metrics” source for this rollout.
+- Q: If an existing run record contains an unknown `operation_type`, what should the UI do at runtime? → A: Soft fail: show `Unknown operation` (tests/CI still fail fast for code-produced operation types).
+- Q: Who should receive the terminal DB notification for a run? → A: Only the initiator.
+- Q: For this rollout, do we ban queued DB notifications entirely in favor of queued toast + terminal DB notification? → A: Yes, ban queued DB notifications.
+
+## User Scenarios & Testing *(mandatory)*
+
+<!--
+  IMPORTANT: User stories should be PRIORITIZED as user journeys ordered by importance.
+  Each user story/journey must be INDEPENDENTLY TESTABLE - meaning if you implement just ONE of them,
+  you should still have a viable MVP (Minimum Viable Product) that delivers value.
+  
+  Assign priorities (P1, P2, P3, etc.) to each story, where P1 is the most critical.
+  Think of each story as a standalone slice of functionality that can be:
+  - Developed independently
+  - Tested independently
+  - Deployed independently
+  - Demonstrated to users independently
+-->
+
+### User Story 1 - Consistent “I started it” feedback (Priority: P1)
+
+As a tenant admin who triggers a long-running operation, I want immediate confirmation that my action was accepted and a single, consistent way to follow progress, so I don’t retry actions or lose track.
+
+**Why this priority**: Prevents duplicate operations and reduces confusion/support load.
+
+**Independent Test**: Starting any operation produces a queued-only intent feedback with a canonical “View run” destination.
+
+**Acceptance Scenarios**:
+
+1. **Given** an operation is started and the run is created or reused in `queued`, **When** feedback is shown, **Then** it is a queued-only toast with title `{OperationLabel} queued` and body `Running in the background.`
+2. **Given** an operation completes quickly (<2 seconds), **When** feedback is shown, **Then** the queued toast may be suppressed but the terminal DB notification still appears.
+
+---
+
+### User Story 2 - Live awareness of active operations (Priority: P2)
+
+As a tenant admin, I want a single progress widget that shows only active operations (queued/running) with strict, predictable wording, so I can understand what’s happening without noise.
+
+**Why this priority**: Creates a unified “what’s running?” view and eliminates feature-specific progress UIs.
+
+**Independent Test**: The progress widget lists only active runs, with strict “Queued/Running” text and canonical “View run” links.
+
+**Acceptance Scenarios**:
+
+1. **Given** there are active operations in `queued` or `running`, **When** the widget is visible, **Then** it shows at most 5 runs and each row includes a canonical “View run”.
+2. **Given** an operation is terminal (`succeeded|partial|failed`), **When** the widget queries its data, **Then** that run is never included.
+
+---
+
+### User Story 3 - Audit + outcome without spam (Priority: P3)
+
+As a tenant admin, I want exactly one persistent notification when an operation finishes (success/partial/failure), with a consistent title/body and safe summary, so I can audit outcomes and troubleshoot.
+
+**Why this priority**: Delivers reliable outcomes and reduces notification noise.
+
+**Independent Test**: Terminal runs always create exactly one DB notification with canonical copy and safe summary rules.
+
+**Acceptance Scenarios**:
+
+1. **Given** an operation run transitions into a terminal outcome, **When** notifications are emitted, **Then** exactly one terminal DB notification exists for that run.
+2. **Given** valid numeric metrics exist for an operation, **When** the notification body includes a summary, **Then** the summary renders only whitelisted numeric keys and never renders free-text.
+
+---
+
+### User Story 4 - Regression-safe by default (Priority: P4)
+
+As a maintainer, I want automated guards that fail fast when the app deviates from the constitution (labels, links, surfaces, summary rules), so drift is prevented across future features.
+
+**Why this priority**: This is a migration; without guards, the codebase will regress quickly.
+
+**Independent Test**: A test suite enforces invariants (catalog coverage, canonical “View run”, terminal notification idempotency, widget filtering, summary whitelist).
+
+**Acceptance Scenarios**:
+
+1. **Given** a new/unknown `operation_type` is introduced, **When** tests run, **Then** the build fails until the OperationCatalog is updated.
+2. **Given** any “View run” link is generated, **When** it is resolved, **Then** it matches the canonical Monitoring → Operations → Run Detail destination.
+
+---
+
+### Edge Cases
+
+- Unknown `operation_type` appears in an existing run record.
+- Multiple operations start simultaneously (more than 5 active runs).
+- Runs with missing/invalid metrics (nested objects, strings, non-whitelisted keys, negative values).
+- Runs that transition `queued → terminal` quickly (<2 seconds).
+- UI is backgrounded/hidden while operations are active.
+- A modal dialog is open while an operation is active.
+
+## Requirements *(mandatory)*
+
+**Constitution alignment (required):** If this feature introduces any Microsoft Graph calls, any write/change behavior,
+or any long-running/queued/scheduled work, the spec MUST describe contract registry updates, safety gates
+(preview/confirmation/audit), tenant isolation, run observability (`OperationRun` type/identity/visibility), and tests.
+If security-relevant DB-only actions intentionally skip `OperationRun`, the spec MUST describe `AuditLog` entries.
+
+**Operations UX alignment (required when applicable):** If this feature creates/reuses `OperationRun` records or affects
+operations feedback (toasts, progress widget, DB notifications, Monitoring → Operations, run detail), the spec MUST
+explicitly confirm:
+- Three surfaces only (toast + progress widget + DB notification) — no feature-specific patterns
+- DB is source of truth: UI renders from `operation_runs` + structured fields (`metrics`, `reason_code`, `message`)
+- Labels come from a central OperationCatalog (no embedded labels/strings in feature code)
+- “View run” links always target the canonical route (Monitoring → Operations → Run Detail)
+- Dedupe/noise control (max 1 queued toast; exactly 1 terminal DB notification; no “running” notifications)
+- Calm polling constraints (no polling while modals are open; pause when tab hidden; stop on terminal)
+- Test invariants for notifications, summary whitelist, and canonical navigation
+
+### Assumptions
+
+- The application already records tenant-scoped operations as OperationRuns.
+- “Monitoring → Operations → Run Detail” is the canonical destination for viewing a run.
+- Operation feedback is intended for tenant admins with access to Monitoring/Operations.
+- The progress widget is tenant-wide (within the current tenant) and respects the same access constraints as Monitoring/Operations.
+- The constitution’s “metrics” terminology maps to `operation_runs.summary_counts` for this rollout (no schema rename required).
+- Persistent notifications are user-scoped to the run initiator; tenant-wide audit remains the Monitoring → Operations hub.
+- Queued feedback is provided via toast only; persistent DB notifications are terminal-only.
+- The constitution (v1.3.0) is the authoritative definition for copy/behavior; feature-specific variants are not allowed.
+
+### Dependencies
+
+- A single shared OperationCatalog exists and can be treated as the source of truth for operation labels.
+- A canonical “View run” helper can be used by all operation feedback surfaces.
+- Existing operation producers can be migrated without changing the operation status model.
+
+### Functional Requirements
+
+**FR-001 (Three surfaces only)**: The system MUST express operation feedback via exactly three surfaces: toast (intent), progress widget (active awareness), and persistent notification (audit + terminal outcome).
+
+**FR-002 (OperationCatalog label source of truth)**: The system MUST provide a central OperationCatalog mapping `operation_type → label`, and all operation labels shown in UI MUST be resolved from it.
+
+**FR-003 (Fail-fast catalog coverage)**: The system MUST fail fast (via automated checks) if any code-produced `operation_type` used in the application is not present in the OperationCatalog.
+
+**FR-003b (Runtime behavior for unknown types)**: If an existing run record contains an unknown `operation_type`, the UI MUST render the label `Unknown operation` (and MUST NOT render the raw type string).
+
+**FR-004 (Canonical “View run” everywhere)**: The system MUST generate “View run” links exclusively via one canonical helper, and that destination MUST always be Monitoring → Operations → Run Detail.
+
+**FR-005 (Centralized presentation)**: The system MUST centralize the user-facing copy for operation toasts, widget status text, and persistent notifications. Feature code MUST NOT define operation feedback strings.
+
+**FR-006 (Toast queued-only)**: The system MUST show a toast only when a run is created or reused in `queued`, MUST NOT show toasts for `running` or any terminal outcome, MUST auto-dismiss within 3–5 seconds, and MUST use:
+- Title: `{OperationLabel} queued`
+- Body: `Running in the background.`
+
+**FR-007 (Progress widget queued/running only)**: The progress widget MUST display only active runs (`queued`, `running`) for the current tenant (not just the initiating user) and MUST never display terminal runs. Status text MUST be exactly `Queued` or `Running`.
+
+**FR-008 (Progress calculation)**: The widget MUST show a deterministic progress percentage only when numeric `total` and `processed` counts are present and valid in `summary_counts`. Otherwise it MUST show indeterminate progress. Deterministic progress MUST be clamped to 0–100%.
+
+**FR-009 (Widget run limit + overflow)**: The widget MUST show at most 5 active runs. If more exist, it MUST show a single overflow row `+N more operations running` linking to the operations index.
+
+**FR-010 (Terminal persistent notifications only)**: Each run MUST produce exactly one persistent notification when it becomes terminal (`succeeded|partial|failed`).
+
+**FR-010b (Notification audience)**: Terminal persistent notifications MUST be delivered only to the run initiator (no tenant-wide notification fan-out).
+
+**FR-010c (No queued DB notifications)**: The system MUST NOT emit queued DB notifications as part of this rollout. Queued feedback MUST be provided via the queued-only toast surface.
+
+**FR-010d (Status normalization for Ops-UX (compatibility))**: Ops-UX surfaces MUST render terminal outcomes using the canonical statuses: `succeeded | partial | failed`.
+
+If a run record contains legacy values (e.g. `status=completed` with `outcome=partially_succeeded`), the UI MUST normalize as follows:
+
+- completed + outcome=succeeded            -> succeeded
+- completed + outcome=partially_succeeded -> partial
+- failed (or outcome=failed)              -> failed
+
+This is a presentation/normalization rule for the rollout; it does not mandate a schema refactor.
+
+**FR-011 (Notification copy templates)**: Persistent notifications MUST use canonical titles and bodies:
+- succeeded: `{OperationLabel} completed` / `Completed successfully.`
+- partial: `{OperationLabel} completed with warnings` / `Completed with warnings.`
+- failed: `{OperationLabel} failed` / `Failed.` + optional sanitized message
+
+**FR-012 (Metrics/summaries are structured and safe)**: Operation summary counts (`operation_runs.summary_counts`) MUST be flat, numeric-only, and limited to whitelisted keys. Summary rendering MUST use only normalized/validated `summary_counts` and MUST NOT render free-text.
+
+### Canonical allowed summary keys (single source of truth)
+
+The following keys are the ONLY allowed summary keys for Ops-UX rendering:
+`total, processed, succeeded, failed, skipped, created, updated, deleted, items, tenants`
+
+All normalizers/renderers MUST reference this canonical list (no duplicated lists in multiple places).
+
+**FR-013 (Calm polling policy)**: Polling is allowed only for the progress widget (when visible) and run detail (only while active). Polling MUST pause when a modal is open, pause when the tab is hidden, follow the backoff schedule (1s for first 10s, then 5s, then 10s after 60s), and stop immediately on terminal.
+
+**FR-014 (Migration scope)**: All existing operation feedback across the application MUST be migrated to these shared rules without introducing new operation types or changing the run status model.
+
+### Key Entities *(include if feature involves data)*
+
+- **OperationRun**: A tenant-scoped record of an operation’s type, status, timestamps, outcome, and structured metrics.
+- **OperationCatalog**: A central registry of valid `operation_type` values and their user-facing labels.
+- **Operation Feedback Surfaces**:
+  - **Toast**: short-lived intent confirmation for queued runs.
+  - **Progress Widget**: live awareness of active runs.
+  - **Persistent Notification**: audit + terminal outcome notification with canonical “View run”.
+
+## Success Criteria *(mandatory)*
+
+### Measurable Outcomes
+
+- **SC-001**: 100% of tenant-scoped operations use exactly the three approved surfaces (toast, widget, persistent notification), with no feature-specific alternatives.
+- **SC-002**: 100% of “View run” links resolve to Monitoring → Operations → Run Detail.
+- **SC-003**: For terminal runs, 100% produce exactly one persistent notification (no duplicates) and 0% produce “running” notifications.
+- **SC-004**: For active runs, the progress widget returns 0 terminal runs and shows strict status text (`Queued`/`Running`) 100% of the time.
+- **SC-005**: Summary rendering shows only whitelisted numeric keys; invalid metrics render no summary in 100% of tested cases.
+- **SC-006**: Automated guards fail fast when any new `operation_type` is not registered in OperationCatalog.
diff --git a/specs/055-ops-ux-rollout/tasks.md b/specs/055-ops-ux-rollout/tasks.md
new file mode 100644
index 0000000..cfd2bfd
--- /dev/null
+++ b/specs/055-ops-ux-rollout/tasks.md
@@ -0,0 +1,208 @@
+---
+
+description: "Task list for Ops-UX Constitution Rollout (v1.3.0 Alignment) (055)"
+---
+
+# Tasks: Ops-UX Constitution Rollout (v1.3.0 Alignment) (055)
+
+**Input**: Design documents from `specs/055-ops-ux-rollout/`
+
+**Tests**: REQUIRED (Pest) — runtime behavior + UX contract enforcement.
+
+## Phase 1: Setup (Shared Infrastructure)
+
+**Purpose**: Create a clean workspace for implementing and testing this migration.
+
+- [x] T001 Create Ops UX test folder structure in `tests/Feature/OpsUx/`
+- [x] T002 [P] Add a dedicated test file stub in `tests/Feature/OpsUx/OpsUxSmokeTest.php`
+- [x] T003 [P] Add a shared test helper (factory/state helpers) in `tests/Support/OpsUxTestSupport.php`
+
+---
+
+## Phase 2: Foundational (Blocking Prerequisites)
+
+**Purpose**: Shared primitives (catalog/links/presenter/normalization) that every user story depends on.
+
+- [x] T004 Update runtime unknown-type label behavior in `app/Support/OperationCatalog.php` (render `Unknown operation`, never raw type)
+- [x] T005 [P] Add shared presenter for toast/widget/notification copy in `app/Support/OpsUx/OperationUxPresenter.php`
+- [x] T059 Implement a single status normalization function for Ops-UX rendering
+	- Map legacy completed/outcome values to canonical terminal statuses (`succeeded|partial|failed`)
+	- Ensure widget and notifications consume normalized status
+- [x] T006 [P] Add summary_counts normalizer + whitelist enforcement in `app/Support/OpsUx/SummaryCountsNormalizer.php`
+- [x] T060 Consolidate allowed summary keys into one code constant/source (no duplicated lists)
+	- Example shape: `OperationSummaryKeys::all()` (or similar)
+	- Normalizer MUST reference that source
+	- Catalog (if it references keys) MUST reference the same source
+	- Add one guard test asserting the list matches spec.md canonical list
+- [x] T007 [P] Add canonical “View run” URL helper wrapper in `app/Support/OpsUx/OperationRunUrl.php` (delegates to `app/Support/OperationRunLinks.php`)
+- [x] T008 Update summary key whitelist consumption in `app/Support/OperationCatalog.php` to reference the consolidated source (see T060)
+- [x] T009 Update summary sanitization to use shared normalizer in `app/Services/OperationRunService.php`
+- [x] T010 Update OperationRun completed notification to use shared presenter + normalizer in `app/Notifications/OperationRunCompleted.php`
+- [x] T011 Disable queued DB notification emission by default in `app/Services/OperationRunService.php` (align with FR-010c)
+- [x] T012 Deprecate/stop using queued DB notification class in `app/Notifications/OperationRunQueued.php` (keep class but ensure no producers call it)
+- [x] T013 Ensure all “View run” actions inside operation notifications use canonical URL helper in `app/Notifications/OperationRunCompleted.php`
+
+**Checkpoint**: Shared contracts available; user story work can proceed.
+
+---
+
+## Phase 3: User Story 1 — Consistent “I started it” feedback (Priority: P1) 🎯 MVP
+
+**Goal**: Starting any operation shows queued-only intent feedback with canonical “View run”.
+
+**Independent Test**: Trigger an operation start from a Filament action; observe a queued-only toast (`{OperationLabel} queued` / `Running in the background.`) and verify no queued DB notification is created.
+
+### Tests for User Story 1
+
+- [x] T014 [P] [US1] Add test ensuring no queued DB notifications are emitted in `tests/Feature/OpsUx/NoQueuedDbNotificationsTest.php`
+- [x] T015 [P] [US1] Add test for canonical queued toast copy builder in `tests/Feature/OpsUx/QueuedToastCopyTest.php`
+- [x] T057 [US1] Enforce toast auto-dismiss duration (3–5 seconds) for queued intent feedback (set duration explicitly, e.g. 4000ms)
+- [x] T058 [P] [US1] (Optional guard) Centralize toast duration in `OperationUxPresenter` and add a small unit test to keep it within 3000–5000ms
+
+### Implementation for User Story 1
+
+- [x] T016 [P] [US1] Migrate queued toast copy for policy operations in `app/Filament/Resources/PolicyResource.php` (use `OperationUxPresenter`)
+- [x] T017 [P] [US1] Migrate queued toast copy for policy version operations in `app/Filament/Resources/PolicyVersionResource.php` (use `OperationUxPresenter`)
+- [x] T018 [P] [US1] Migrate queued toast copy for restore run operations in `app/Filament/Resources/RestoreRunResource.php` (use `OperationUxPresenter`)
+- [x] T019 [P] [US1] Migrate queued toast copy for backup schedule operations in `app/Filament/Resources/BackupScheduleResource.php` (use `OperationUxPresenter`)
+- [x] T020 [P] [US1] Migrate queued toast copy for backup set operations in `app/Filament/Resources/BackupSetResource.php` (use `OperationUxPresenter`)
+- [x] T021 [P] [US1] Migrate queued toast copy for tenant sync operations in `app/Filament/Resources/TenantResource.php` (use `OperationUxPresenter`)
+- [x] T022 [P] [US1] Migrate queued toast copy for policy view page operations in `app/Filament/Resources/PolicyResource/Pages/ViewPolicy.php` (use `OperationUxPresenter`)
+- [x] T023 [P] [US1] Migrate queued toast copy for inventory landing operations in `app/Filament/Pages/InventoryLanding.php` (use `OperationUxPresenter`)
+- [x] T024 [P] [US1] Migrate queued toast copy for drift landing operations in `app/Filament/Pages/DriftLanding.php` (use `OperationUxPresenter`)
+- [x] T025 [P] [US1] Migrate queued toast copy for backup-set policy picker operations in `app/Livewire/BackupSetPolicyPickerTable.php` (use `OperationUxPresenter`)
+
+**Checkpoint**: A user can start operations and get consistent queued intent feedback.
+
+---
+
+## Phase 4: User Story 2 — Live awareness of active operations (Priority: P2)
+
+**Goal**: A single global widget shows only tenant-scoped queued/running runs with strict copy and canonical links.
+
+**Independent Test**: Create active runs in the DB; the widget shows max 5 rows, each row has `Queued`/`Running` only, and terminal runs never render.
+
+### Tests for User Story 2
+
+- [x] T026 [P] [US2] Add widget filtering test (never show terminal) in `tests/Feature/OpsUx/ProgressWidgetFiltersTest.php`
+- [x] T027 [P] [US2] Add widget max-5 + overflow link test in `tests/Feature/OpsUx/ProgressWidgetOverflowTest.php`
+- [x] T062 [US2] Add restore execution → OperationRun sync regression test in `tests/Feature/OpsUx/RestoreExecutionOperationRunSyncTest.php`
+
+### Implementation for User Story 2
+
+- [x] T028 [US2] Migrate widget query from BulkOperationRun to OperationRun in `app/Livewire/BulkOperationProgress.php`
+- [x] T029 [US2] Enforce tenant-wide scope + Monitoring access guard in `app/Livewire/BulkOperationProgress.php`
+- [x] T030 [US2] Update widget UI strings + strict status text in `resources/views/livewire/bulk-operation-progress.blade.php`
+- [x] T031 [US2] Implement max-5 + overflow link behavior in `resources/views/livewire/bulk-operation-progress.blade.php`
+- [x] T032 [US2] Use canonical “View run” URLs in widget rows in `resources/views/livewire/bulk-operation-progress.blade.php` (via `OperationRunUrl` / `OperationRunLinks`)
+- [x] T033 [US2] No % in widget; widget may show elapsed time only
+- [x] T034 [US2] Implement calm polling schedule + pause rules in `resources/views/livewire/bulk-operation-progress.blade.php`
+- [x] T063 [US2] Dispatch `ops-ux:run-enqueued` browser event after successful enqueue so the widget refreshes immediately
+	- Producers: `app/Filament/Pages/InventoryLanding.php`, `app/Filament/Pages/DriftLanding.php`, `app/Filament/Resources/BackupScheduleResource.php`, `app/Filament/Resources/PolicyResource.php`, `app/Filament/Resources/PolicyResource/Pages/ListPolicies.php`, `app/Filament/Resources/RestoreRunResource.php`, `app/Filament/Resources/TenantResource.php`, `app/Livewire/BackupSetPolicyPickerTable.php`, `app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php`
+- [x] T035 [US2] Confirm widget injection remains global and consistent in `app/Providers/Filament/AdminPanelProvider.php`
+
+### Run detail polling (missing coverage for FR-013)
+
+- [x] T053 [US2] Add run-detail polling controller/hook that applies calm polling while status is active (`queued|running`) (only poll when run detail is visible; stop immediately on terminal; backoff 1s (first 10s) → 5s → 10s (after 60s))
+- [x] T054 [US2] Pause run-detail polling when a modal is open (global modal flag) and resume when closed (no network update spam while confirm dialogs/modals are open)
+- [x] T055 [US2] Pause run-detail polling when browser tab is hidden (Page Visibility API) and resume when visible (no polling when `document.hidden = true`)
+- [x] T056 [P] [US2] Add a small guard test/component test that run-detail polling is disabled once the run becomes terminal
+- [x] T061 [US2] Surface elapsed time + expected duration + stuck guidance in run detail
+
+**Checkpoint**: Widget is constitution-compliant and becomes the single active-ops surface.
+
+---
+
+## Phase 5: User Story 3 — Audit + outcome without spam (Priority: P3)
+
+**Goal**: Exactly one terminal DB notification per run (initiator-only) with canonical copy, canonical link, safe summary.
+
+**Independent Test**: Transition a run to terminal multiple times (or call completion twice); verify only one DB notification exists and it contains only whitelisted numeric summary keys.
+
+### Tests for User Story 3
+
+- [x] T036 [P] [US3] Add terminal notification idempotency test in `tests/Feature/OpsUx/TerminalNotificationIdempotencyTest.php`
+- [x] T037 [P] [US3] Add summary whitelist + numeric-only test in `tests/Feature/OpsUx/SummaryCountsWhitelistTest.php`
+- [x] T038 [P] [US3] Add canonical “View run” action test for notifications in `tests/Feature/OpsUx/NotificationViewRunLinkTest.php`
+
+### Implementation for User Story 3
+
+- [x] T039 [US3] Refactor terminal notification copy/title/body to use presenter in `app/Notifications/OperationRunCompleted.php`
+- [x] T040 [US3] Ensure initiator-only delivery is enforced in `app/Services/OperationRunService.php`
+- [x] T041 [US3] Ensure terminal notification is emitted exactly once per run in `app/Services/OperationRunService.php`
+- [x] T042 [US3] Ensure notification summary renders only normalized `summary_counts` in `app/Notifications/OperationRunCompleted.php`
+- [x] T043 [US3] Ensure failure message suffix is sanitized + short in `app/Notifications/OperationRunCompleted.php`
+
+**Checkpoint**: Terminal outcomes are auditable without spam.
+
+---
+
+## Phase 6: User Story 4 — Regression-safe by default (Priority: P4)
+
+**Goal**: Guards prevent drift (catalog coverage, canonical links, surface rules, summary rules).
+
+**Independent Test**: Introduce a fake operation type in code and confirm tests fail; confirm “View run” always resolves to the canonical Monitoring run-detail destination.
+
+### Tests for User Story 4
+
+- [ ] T044 [P] [US4] Add catalog coverage guard test in `tests/Feature/OpsUx/OperationCatalogCoverageTest.php`
+- [ ] T045 [P] [US4] Add canonical “View run” helper usage guard test in `tests/Feature/OpsUx/CanonicalViewRunLinksTest.php`
+- [ ] T046 [P] [US4] Add unknown-type runtime label test in `tests/Feature/OpsUx/UnknownOperationTypeLabelTest.php`
+
+### Implementation for User Story 4
+
+- [x] T047 [US4] Ensure OperationRunResource type label rendering never shows raw type in `app/Filament/Resources/OperationRunResource.php`
+- [x] T048 [US4] Ensure Monitoring Operations page type labels never show raw type in `app/Filament/Pages/Monitoring/Operations.php`
+- [ ] T049 [US4] Ensure any remaining “View run” links use canonical helper in `app/Support/OperationRunLinks.php`
+
+**Checkpoint**: Drift prevention is enforced in CI.
+
+---
+
+## Phase 7: Polish & Cross-Cutting Concerns
+
+- [x] T050 [P] Run Pint autofix for touched files via `app/` and `tests/` (validate against `composer.json` scripts)
+- [x] T051 Run targeted test suite for Ops UX via `tests/Feature/OpsUx/` (document exact filter in `specs/055-ops-ux-rollout/quickstart.md`)
+- [x] T052 [P] Remove or update any stale queued-notification references in `app/Services/OperationRunService.php`
+
+---
+
+## Dependencies & Execution Order
+
+### User Story Dependencies
+
+- **US1 (P1)** depends on Phase 2 (Foundational) tasks T004–T013.
+- **US2 (P2)** depends on Phase 2 (Foundational) tasks T004–T013.
+- **US3 (P3)** depends on Phase 2 (Foundational) tasks T004–T013.
+- **US4 (P4)** depends on completion of US1–US3 (guards should reflect final behavior).
+
+### Recommended completion order
+
+1. Phase 2 (Foundational)
+2. US1 (queued toast + no queued DB notifications)
+3. US3 (terminal notification contract)
+4. US2 (widget)
+5. US4 (guards)
+
+## Parallel Opportunities
+
+- Within Phase 2: T005–T007 can be done in parallel.
+- US1 migration tasks T016–T025 are parallelizable (different files).
+- US4 tests T044–T046 can be written in parallel.
+
+## Parallel Example: User Story 1
+
+- Task: T016 (PolicyResource) + T017 (PolicyVersionResource) + T018 (RestoreRunResource) can run in parallel.
+- Task: T019 (BackupScheduleResource) + T020 (BackupSetResource) can run in parallel.
+
+## Implementation Strategy
+
+### MVP scope
+
+Ship US1 + the minimum foundational primitives (Phase 2) to guarantee:
+
+- queued-only toast copy is consistent
+- queued DB notifications are banned
+- canonical “View run” destination is available
+
+Then layer US3 (terminal notification) before US2 (widget) to ensure audit outcomes are reliable early.
diff --git a/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php b/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php
index 6e7b808..02876a6 100644
--- a/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php
+++ b/tests/Feature/BackupScheduling/RunNowRetryActionsTest.php
@@ -88,7 +88,7 @@
         'notifiable_type' => User::class,
         'type' => OperationRunQueued::class,
         'data->format' => 'filament',
-        'data->title' => 'Operation queued',
+        'data->title' => 'Backup schedule run queued',
     ]);
 
     $notification = $user->notifications()->latest('id')->first();
@@ -158,7 +158,7 @@
         'notifiable_type' => User::class,
         'type' => OperationRunQueued::class,
         'data->format' => 'filament',
-        'data->title' => 'Operation queued',
+        'data->title' => 'Backup schedule retry queued',
     ]);
 
     $notification = $user->notifications()->latest('id')->first();
diff --git a/tests/Feature/Inventory/InventorySyncButtonTest.php b/tests/Feature/Inventory/InventorySyncButtonTest.php
index 6e11ec1..c5d8385 100644
--- a/tests/Feature/Inventory/InventorySyncButtonTest.php
+++ b/tests/Feature/Inventory/InventorySyncButtonTest.php
@@ -2,10 +2,12 @@
 
 use App\Filament\Pages\InventoryLanding;
 use App\Jobs\RunInventorySyncJob;
+use App\Livewire\BulkOperationProgress;
 use App\Models\BulkOperationRun;
 use App\Models\InventorySyncRun;
 use App\Models\Tenant;
 use App\Services\Inventory\InventorySyncService;
+use App\Support\OpsUx\OpsUxBrowserEvents;
 use Filament\Facades\Filament;
 use Illuminate\Support\Facades\Queue;
 use Livewire\Livewire;
@@ -23,7 +25,8 @@
     $allTypes = $sync->defaultSelectionPayload()['policy_types'];
 
     Livewire::test(InventoryLanding::class)
-        ->callAction('run_inventory_sync', data: ['policy_types' => $allTypes]);
+        ->callAction('run_inventory_sync', data: ['policy_types' => $allTypes])
+        ->assertDispatchedTo(BulkOperationProgress::class, OpsUxBrowserEvents::RunEnqueued, tenantId: (int) $tenant->getKey());
 
     Queue::assertPushed(RunInventorySyncJob::class);
 
diff --git a/tests/Feature/Notifications/OperationRunNotificationTest.php b/tests/Feature/Notifications/OperationRunNotificationTest.php
index 5371c39..a4494e9 100644
--- a/tests/Feature/Notifications/OperationRunNotificationTest.php
+++ b/tests/Feature/Notifications/OperationRunNotificationTest.php
@@ -2,12 +2,11 @@
 
 use App\Models\OperationRun;
 use App\Notifications\OperationRunCompleted;
-use App\Notifications\OperationRunQueued;
 use App\Services\OperationRunService;
 use App\Support\OperationRunLinks;
 use Filament\Facades\Filament;
 
-it('emits a queued notification after successful dispatch (initiator only) with view link', function () {
+it('does not emit a queued database notification after successful dispatch (toast-only)', function () {
     [$user, $tenant] = createUserWithTenant(role: 'owner');
     $this->actingAs($user);
 
@@ -26,18 +25,7 @@
         // no-op (dispatch succeeded)
     });
 
-    $this->assertDatabaseHas('notifications', [
-        'notifiable_id' => $user->getKey(),
-        'notifiable_type' => $user->getMorphClass(),
-        'type' => OperationRunQueued::class,
-        'data->format' => 'filament',
-        'data->title' => 'Operation queued',
-    ]);
-
-    $notification = $user->notifications()->latest('id')->first();
-    expect($notification)->not->toBeNull();
-    expect($notification->data['actions'][0]['url'] ?? null)
-        ->toBe(OperationRunLinks::view($run, $tenant));
+    expect($user->notifications()->count())->toBe(0);
 });
 
 it('does not emit queued notifications for runs without an initiator', function () {
@@ -86,7 +74,7 @@
         $run,
         status: 'completed',
         outcome: 'succeeded',
-        summaryCounts: ['observed' => 1],
+        summaryCounts: ['total' => 1],
         failures: [],
     );
 
@@ -95,7 +83,7 @@
         'notifiable_type' => $user->getMorphClass(),
         'type' => OperationRunCompleted::class,
         'data->format' => 'filament',
-        'data->title' => 'Operation completed',
+        'data->title' => 'Inventory sync completed',
     ]);
 
     $notification = $user->notifications()->latest('id')->first();
diff --git a/tests/Feature/OperationRunServiceTest.php b/tests/Feature/OperationRunServiceTest.php
index 998b1eb..fb7eb83 100644
--- a/tests/Feature/OperationRunServiceTest.php
+++ b/tests/Feature/OperationRunServiceTest.php
@@ -139,13 +139,13 @@
     expect($fresh?->status)->toBe('running');
     expect($fresh?->started_at)->not->toBeNull();
 
-    $service->updateRun($run, 'completed', 'succeeded', ['success' => 1]);
+    $service->updateRun($run, 'completed', 'succeeded', ['succeeded' => 1]);
 
     $fresh = $run->fresh();
     expect($fresh?->status)->toBe('completed');
     expect($fresh?->outcome)->toBe('succeeded');
     expect($fresh?->completed_at)->not->toBeNull();
-    expect($fresh?->summary_counts)->toBe(['success' => 1]);
+    expect($fresh?->summary_counts)->toBe(['succeeded' => 1]);
 });
 
 it('sanitizes failure messages and redacts obvious secrets', function () {
diff --git a/tests/Feature/OpsUx/NoQueuedDbNotificationsTest.php b/tests/Feature/OpsUx/NoQueuedDbNotificationsTest.php
new file mode 100644
index 0000000..062c15c
--- /dev/null
+++ b/tests/Feature/OpsUx/NoQueuedDbNotificationsTest.php
@@ -0,0 +1,30 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Services\OperationRunService;
+use Filament\Facades\Filament;
+
+it('does not emit database notifications when dispatching a queued operation', function (): void {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $tenant->makeCurrent();
+    Filament::setTenant($tenant, true);
+
+    /** @var OperationRunService $service */
+    $service = app(OperationRunService::class);
+
+    $run = $service->ensureRun(
+        tenant: $tenant,
+        type: 'policy.sync',
+        inputs: ['scope' => 'all'],
+        initiator: $user,
+    );
+
+    $service->dispatchOrFail($run, function (): void {
+        // no-op (dispatch succeeded)
+    });
+
+    expect($user->notifications()->count())->toBe(0);
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/NotificationViewRunLinkTest.php b/tests/Feature/OpsUx/NotificationViewRunLinkTest.php
new file mode 100644
index 0000000..bed43c2
--- /dev/null
+++ b/tests/Feature/OpsUx/NotificationViewRunLinkTest.php
@@ -0,0 +1,42 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Models\OperationRun;
+use App\Services\OperationRunService;
+use App\Support\OperationRunLinks;
+use Filament\Facades\Filament;
+
+it('uses canonical “View run” URL in terminal notifications', function (): void {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    Filament::setTenant($tenant, true);
+
+    $run = OperationRun::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'inventory.sync',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'context' => ['scope' => 'all'],
+    ]);
+
+    /** @var OperationRunService $service */
+    $service = app(OperationRunService::class);
+
+    $service->updateRun(
+        $run,
+        status: 'completed',
+        outcome: 'succeeded',
+        summaryCounts: ['total' => 1],
+        failures: [],
+    );
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+
+    expect($notification->data['actions'][0]['url'] ?? null)
+        ->toBe(OperationRunLinks::view($run, $tenant));
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/OperationSummaryKeysSpecTest.php b/tests/Feature/OpsUx/OperationSummaryKeysSpecTest.php
new file mode 100644
index 0000000..46d3337
--- /dev/null
+++ b/tests/Feature/OpsUx/OperationSummaryKeysSpecTest.php
@@ -0,0 +1,18 @@
+<?php
+
+use App\Support\OpsUx\OperationSummaryKeys;
+
+it('matches the canonical summary keys declared in spec.md', function () {
+    $specPath = base_path('specs/055-ops-ux-rollout/spec.md');
+    $spec = file_get_contents($specPath);
+
+    // Extract the backtick-enclosed comma-separated canonical list from spec.md
+    $matched = preg_match('/The following keys are the ONLY allowed summary keys[\s\S]*?`([^`]*)`/i', $spec, $m);
+    expect($matched)->toBeTruthy();
+
+    $specList = array_map('trim', explode(',', $m[1]));
+
+    $codeList = OperationSummaryKeys::all();
+
+    expect($codeList)->toEqual($specList);
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/OpsUxSmokeTest.php b/tests/Feature/OpsUx/OpsUxSmokeTest.php
new file mode 100644
index 0000000..87b453d
--- /dev/null
+++ b/tests/Feature/OpsUx/OpsUxSmokeTest.php
@@ -0,0 +1,5 @@
+<?php
+
+it('ops-ux test suite boots', function () {
+    expect(true)->toBeTrue();
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/ProgressWidgetFiltersTest.php b/tests/Feature/OpsUx/ProgressWidgetFiltersTest.php
new file mode 100644
index 0000000..9c08592
--- /dev/null
+++ b/tests/Feature/OpsUx/ProgressWidgetFiltersTest.php
@@ -0,0 +1,47 @@
+<?php
+
+use App\Livewire\BulkOperationProgress;
+use App\Models\OperationRun;
+use Filament\Facades\Filament;
+use Illuminate\Support\Collection;
+use Livewire\Livewire;
+
+test('progress widget shows only queued and running operation runs', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+    Filament::setTenant($tenant, true);
+
+    $otherUser = \App\Models\User::factory()->create();
+    createUserWithTenant(tenant: $tenant, user: $otherUser, role: 'owner');
+
+    OperationRun::factory()->create([
+        'tenant_id' => $tenant->id,
+        'user_id' => $user->id,
+        'status' => 'queued',
+        'outcome' => 'pending',
+    ]);
+
+    OperationRun::factory()->create([
+        'tenant_id' => $tenant->id,
+        'user_id' => $otherUser->id,
+        'status' => 'running',
+        'outcome' => 'pending',
+    ]);
+
+    OperationRun::factory()->create([
+        'tenant_id' => $tenant->id,
+        'user_id' => $user->id,
+        'status' => 'completed',
+        'outcome' => 'succeeded',
+    ]);
+
+    $component = Livewire::actingAs($user)
+        ->test(BulkOperationProgress::class)
+        ->call('refreshRuns');
+
+    $runs = $component->get('runs');
+    expect($runs)->toBeInstanceOf(Collection::class);
+    expect($runs)->toHaveCount(2);
+    expect($runs->pluck('status')->unique()->values()->all())->toEqualCanonicalizing(['queued', 'running']);
+    expect($runs->pluck('user_id')->all())->toContain($otherUser->id);
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/ProgressWidgetOverflowTest.php b/tests/Feature/OpsUx/ProgressWidgetOverflowTest.php
new file mode 100644
index 0000000..c0ff31d
--- /dev/null
+++ b/tests/Feature/OpsUx/ProgressWidgetOverflowTest.php
@@ -0,0 +1,25 @@
+<?php
+
+use App\Livewire\BulkOperationProgress;
+use App\Models\OperationRun;
+use Filament\Facades\Filament;
+use Livewire\Livewire;
+
+test('progress widget limits to five active runs and exposes overflow count', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+    Filament::setTenant($tenant, true);
+
+    OperationRun::factory()->count(7)->create([
+        'tenant_id' => $tenant->id,
+        'status' => 'queued',
+        'outcome' => 'pending',
+    ]);
+
+    $component = Livewire::actingAs($user)
+        ->test(BulkOperationProgress::class)
+        ->call('refreshRuns');
+
+    expect($component->get('runs'))->toHaveCount(6);
+    expect($component->get('overflowCount'))->toBe(2);
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/ProgressWidgetPollerRegistrationTest.php b/tests/Feature/OpsUx/ProgressWidgetPollerRegistrationTest.php
new file mode 100644
index 0000000..135329a
--- /dev/null
+++ b/tests/Feature/OpsUx/ProgressWidgetPollerRegistrationTest.php
@@ -0,0 +1,16 @@
+<?php
+
+use App\Livewire\BulkOperationProgress;
+use Filament\Facades\Filament;
+use Livewire\Livewire;
+
+it('renders the progress widget poller script', function () {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    Filament::setTenant($tenant, true);
+
+    Livewire::test(BulkOperationProgress::class)
+        ->assertSee('opsUxProgressWidgetPoller()')
+        ->assertSee('window.opsUxProgressWidgetPoller');
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/QueuedToastCopyTest.php b/tests/Feature/OpsUx/QueuedToastCopyTest.php
new file mode 100644
index 0000000..2247e6c
--- /dev/null
+++ b/tests/Feature/OpsUx/QueuedToastCopyTest.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Support\OpsUx\OperationUxPresenter;
+
+it('builds canonical queued toast copy', function (): void {
+    $toast = OperationUxPresenter::queuedToast('policy.sync');
+
+    expect($toast->getTitle())->toBe('Policy sync queued');
+    expect($toast->getBody())->toBe('Running in the background.');
+})->group('ops-ux');
+
+it('enforces queued toast duration within 3–5 seconds', function (): void {
+    $toast = OperationUxPresenter::queuedToast('policy.sync');
+
+    $duration = $toast->getDuration();
+
+    expect($duration)->toBeInt();
+    expect($duration)->toBeGreaterThanOrEqual(3000);
+    expect($duration)->toBeLessThanOrEqual(5000);
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/RestoreExecutionOperationRunSyncTest.php b/tests/Feature/OpsUx/RestoreExecutionOperationRunSyncTest.php
new file mode 100644
index 0000000..b977819
--- /dev/null
+++ b/tests/Feature/OpsUx/RestoreExecutionOperationRunSyncTest.php
@@ -0,0 +1,69 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Jobs\ExecuteRestoreRunJob;
+use App\Models\OperationRun;
+use App\Models\RestoreRun;
+use App\Services\BulkOperationService;
+use App\Services\Intune\AuditLogger;
+use App\Services\Intune\RestoreService;
+
+it('syncs restore execution into OperationRun even if restore status updates bypass model events', function (): void {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    $backupSet = \App\Models\BackupSet::factory()->create([
+        'tenant_id' => $tenant->id,
+    ]);
+
+    $restoreRun = RestoreRun::factory()->create([
+        'tenant_id' => $tenant->id,
+        'backup_set_id' => $backupSet->id,
+        'status' => 'queued',
+        'started_at' => null,
+        'completed_at' => null,
+    ]);
+
+    // Observer should create the adapter OperationRun row on create.
+    $operationRun = OperationRun::query()
+        ->where('tenant_id', $tenant->id)
+        ->where('type', 'restore.execute')
+        ->where('context->restore_run_id', $restoreRun->id)
+        ->first();
+
+    expect($operationRun)->not->toBeNull();
+    expect($operationRun?->status)->toBe('queued');
+
+    $this->mock(BulkOperationService::class, function ($mock): void {
+        $mock->shouldReceive('sanitizeFailureReason')->andReturnUsing(fn (string $message): string => $message);
+    });
+
+    // Simulate downstream code updating RestoreRun status via query builder (no model events).
+    $this->mock(RestoreService::class, function ($mock) use ($restoreRun): void {
+        $mock->shouldReceive('executeForRun')
+            ->once()
+            ->andReturnUsing(function () use ($restoreRun): RestoreRun {
+                RestoreRun::query()->whereKey($restoreRun->id)->update([
+                    'status' => 'completed',
+                    'completed_at' => now(),
+                ]);
+
+                return RestoreRun::query()->findOrFail($restoreRun->id);
+            });
+    });
+
+    $job = new ExecuteRestoreRunJob($restoreRun->id);
+    $job->handle(
+        app(RestoreService::class),
+        app(AuditLogger::class),
+        app(BulkOperationService::class),
+    );
+
+    $operationRun = $operationRun?->fresh();
+
+    expect($operationRun)->not->toBeNull();
+    expect($operationRun?->status)->toBe('completed');
+    expect($operationRun?->outcome)->toBe('succeeded');
+    expect($operationRun?->completed_at)->not->toBeNull();
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/RunDetailPollingStopsOnTerminalTest.php b/tests/Feature/OpsUx/RunDetailPollingStopsOnTerminalTest.php
new file mode 100644
index 0000000..da7f2f1
--- /dev/null
+++ b/tests/Feature/OpsUx/RunDetailPollingStopsOnTerminalTest.php
@@ -0,0 +1,27 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Models\OperationRun;
+use App\Support\OpsUx\RunDetailPolling;
+
+it('disables run-detail polling once the run is terminal', function (): void {
+    $run = OperationRun::factory()->create([
+        'status' => 'completed',
+        'outcome' => 'succeeded',
+    ]);
+
+    expect(RunDetailPolling::interval($run))->toBeNull();
+})->group('ops-ux');
+
+it('enables run-detail polling while the run is queued or running', function (string $status): void {
+    $run = OperationRun::factory()->create([
+        'status' => $status,
+        'outcome' => 'pending',
+    ]);
+
+    expect(RunDetailPolling::interval($run))->not->toBeNull();
+})->with([
+    'queued' => 'queued',
+    'running' => 'running',
+])->group('ops-ux');
diff --git a/tests/Feature/OpsUx/RunEnqueuedBrowserEventTest.php b/tests/Feature/OpsUx/RunEnqueuedBrowserEventTest.php
new file mode 100644
index 0000000..77cb6b8
--- /dev/null
+++ b/tests/Feature/OpsUx/RunEnqueuedBrowserEventTest.php
@@ -0,0 +1,50 @@
+<?php
+
+use App\Support\OpsUx\OpsUxBrowserEvents;
+
+class FakeDispatchedEvent
+{
+    public function __construct(
+        public string $name,
+        /** @var array<string, mixed> */
+        public array $params = [],
+        public ?string $to = null,
+    ) {}
+
+    public function to(string $component): self
+    {
+        $this->to = $component;
+
+        return $this;
+    }
+}
+
+it('dispatches the run-enqueued browser event when supported', function () {
+    $fakeLivewire = new class
+    {
+        /** @var array<int, string> */
+        public array $dispatched = [];
+
+        public ?FakeDispatchedEvent $lastEvent = null;
+
+        public function dispatch(string $event, ...$params): FakeDispatchedEvent
+        {
+            $this->dispatched[] = $event;
+
+            return $this->lastEvent = new FakeDispatchedEvent($event, $params);
+        }
+    };
+
+    OpsUxBrowserEvents::dispatchRunEnqueued($fakeLivewire);
+
+    expect($fakeLivewire->dispatched)->toBe([OpsUxBrowserEvents::RunEnqueued]);
+    expect($fakeLivewire->lastEvent?->to)->not->toBeNull();
+    expect($fakeLivewire->lastEvent?->params)->toHaveKey('tenantId');
+})->group('ops-ux');
+
+it('does nothing when dispatch is unsupported', function () {
+    OpsUxBrowserEvents::dispatchRunEnqueued(null);
+    OpsUxBrowserEvents::dispatchRunEnqueued(new stdClass);
+
+    expect(true)->toBeTrue();
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/SummaryCountsWhitelistTest.php b/tests/Feature/OpsUx/SummaryCountsWhitelistTest.php
new file mode 100644
index 0000000..de070b3
--- /dev/null
+++ b/tests/Feature/OpsUx/SummaryCountsWhitelistTest.php
@@ -0,0 +1,51 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Models\OperationRun;
+use App\Services\OperationRunService;
+use Filament\Facades\Filament;
+
+it('renders only whitelisted numeric summary counts in terminal notifications', function (): void {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    Filament::setTenant($tenant, true);
+
+    $run = OperationRun::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'inventory.sync',
+        'status' => 'queued',
+        'outcome' => 'pending',
+        'context' => ['scope' => 'all'],
+    ]);
+
+    /** @var OperationRunService $service */
+    $service = app(OperationRunService::class);
+
+    $service->updateRun(
+        $run,
+        status: 'completed',
+        outcome: 'succeeded',
+        summaryCounts: [
+            'total' => '10',
+            'processed' => 5.2,
+            'failed' => 'nope',
+            'secrets' => 123,
+        ],
+        failures: [],
+    );
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+
+    $body = (string) ($notification->data['body'] ?? '');
+
+    expect($body)->toContain('Summary:');
+    expect($body)->toContain('total: 10');
+    expect($body)->toContain('processed: 5');
+    expect($body)->not->toContain('secrets');
+    expect($body)->not->toContain('failed:');
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/TerminalNotificationFailureMessageTest.php b/tests/Feature/OpsUx/TerminalNotificationFailureMessageTest.php
new file mode 100644
index 0000000..9089a47
--- /dev/null
+++ b/tests/Feature/OpsUx/TerminalNotificationFailureMessageTest.php
@@ -0,0 +1,53 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Models\OperationRun;
+use App\Services\OperationRunService;
+use Filament\Facades\Filament;
+
+it('sanitizes and truncates failure message suffix in terminal notifications', function (): void {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    Filament::setTenant($tenant, true);
+
+    $longMessage = "This is a very long failure message that should not be allowed to flood the notification UI.\n\n".
+        str_repeat('x', 400);
+
+    $run = OperationRun::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'inventory.sync',
+        'status' => 'running',
+        'outcome' => 'pending',
+        'context' => ['scope' => 'all'],
+    ]);
+
+    /** @var OperationRunService $service */
+    $service = app(OperationRunService::class);
+
+    $service->updateRun(
+        $run,
+        status: 'completed',
+        outcome: 'failed',
+        summaryCounts: ['total' => 1],
+        failures: [[
+            'code' => 'example.failure',
+            'message' => $longMessage,
+        ]],
+    );
+
+    $notification = $user->notifications()->latest('id')->first();
+    expect($notification)->not->toBeNull();
+
+    $body = (string) ($notification->data['body'] ?? '');
+
+    expect($body)->toContain('Failed.');
+    expect($body)->toContain('This is a very long failure message');
+
+    // Ensure message is not full-length / multiline.
+    expect($body)->not->toContain(str_repeat('x', 200));
+    expect($body)->not->toContain("\n\nThis is a very long failure message");
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/TerminalNotificationIdempotencyTest.php b/tests/Feature/OpsUx/TerminalNotificationIdempotencyTest.php
new file mode 100644
index 0000000..6f80a5f
--- /dev/null
+++ b/tests/Feature/OpsUx/TerminalNotificationIdempotencyTest.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Models\OperationRun;
+use App\Services\OperationRunService;
+use Filament\Facades\Filament;
+
+it('emits a terminal database notification only once per run', function (): void {
+    [$user, $tenant] = createUserWithTenant(role: 'owner');
+    $this->actingAs($user);
+
+    Filament::setTenant($tenant, true);
+
+    $run = OperationRun::factory()->create([
+        'tenant_id' => $tenant->getKey(),
+        'user_id' => $user->getKey(),
+        'initiator_name' => $user->name,
+        'type' => 'inventory.sync',
+        'status' => 'running',
+        'outcome' => 'pending',
+        'context' => ['scope' => 'all'],
+    ]);
+
+    /** @var OperationRunService $service */
+    $service = app(OperationRunService::class);
+
+    expect($user->notifications()->count())->toBe(0);
+
+    $service->updateRun(
+        $run,
+        status: 'completed',
+        outcome: 'succeeded',
+        summaryCounts: ['total' => 1],
+        failures: [],
+    );
+
+    expect($user->notifications()->count())->toBe(1);
+
+    // Even if some downstream code re-applies a terminal update, we never spam.
+    $service->updateRun(
+        $run,
+        status: 'completed',
+        outcome: 'failed',
+        summaryCounts: ['total' => 2],
+        failures: [['code' => 'repeat.terminal', 'message' => 'should not notify again']],
+    );
+
+    expect($user->notifications()->count())->toBe(1);
+})->group('ops-ux');
diff --git a/tests/Support/OpsUxTestSupport.php b/tests/Support/OpsUxTestSupport.php
new file mode 100644
index 0000000..b293b2f
--- /dev/null
+++ b/tests/Support/OpsUxTestSupport.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Support;
+
+final class OpsUxTestSupport
+{
+    /**
+     * @param  array<string, mixed>  $overrides
+     * @return array<string, mixed>
+     */
+    public static function summaryCounts(array $overrides = []): array
+    {
+        return array_merge([
+            'total' => 10,
+            'processed' => 5,
+            'succeeded' => 5,
+            'failed' => 0,
+        ], $overrides);
+    }
+}
-- 
2.45.2


From 37873829fdcbf1b2e8f7c729d24801d421a691b9 Mon Sep 17 00:00:00 2001
From: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Date: Sun, 18 Jan 2026 14:47:51 +0100
Subject: [PATCH 4/4] test(ops-ux): add US4 guardrails

---
 specs/055-ops-ux-rollout/tasks.md             |  8 +--
 .../OpsUx/CanonicalViewRunLinksTest.php       | 31 ++++++++++
 .../OpsUx/OperationCatalogCoverageTest.php    | 61 +++++++++++++++++++
 .../OpsUx/UnknownOperationTypeLabelTest.php   | 12 ++++
 4 files changed, 108 insertions(+), 4 deletions(-)
 create mode 100644 tests/Feature/OpsUx/CanonicalViewRunLinksTest.php
 create mode 100644 tests/Feature/OpsUx/OperationCatalogCoverageTest.php
 create mode 100644 tests/Feature/OpsUx/UnknownOperationTypeLabelTest.php

diff --git a/specs/055-ops-ux-rollout/tasks.md b/specs/055-ops-ux-rollout/tasks.md
index cfd2bfd..ec3d024 100644
--- a/specs/055-ops-ux-rollout/tasks.md
+++ b/specs/055-ops-ux-rollout/tasks.md
@@ -145,15 +145,15 @@ ## Phase 6: User Story 4 — Regression-safe by default (Priority: P4)
 
 ### Tests for User Story 4
 
-- [ ] T044 [P] [US4] Add catalog coverage guard test in `tests/Feature/OpsUx/OperationCatalogCoverageTest.php`
-- [ ] T045 [P] [US4] Add canonical “View run” helper usage guard test in `tests/Feature/OpsUx/CanonicalViewRunLinksTest.php`
-- [ ] T046 [P] [US4] Add unknown-type runtime label test in `tests/Feature/OpsUx/UnknownOperationTypeLabelTest.php`
+- [x] T044 [P] [US4] Add catalog coverage guard test in `tests/Feature/OpsUx/OperationCatalogCoverageTest.php`
+- [x] T045 [P] [US4] Add canonical “View run” helper usage guard test in `tests/Feature/OpsUx/CanonicalViewRunLinksTest.php`
+- [x] T046 [P] [US4] Add unknown-type runtime label test in `tests/Feature/OpsUx/UnknownOperationTypeLabelTest.php`
 
 ### Implementation for User Story 4
 
 - [x] T047 [US4] Ensure OperationRunResource type label rendering never shows raw type in `app/Filament/Resources/OperationRunResource.php`
 - [x] T048 [US4] Ensure Monitoring Operations page type labels never show raw type in `app/Filament/Pages/Monitoring/Operations.php`
-- [ ] T049 [US4] Ensure any remaining “View run” links use canonical helper in `app/Support/OperationRunLinks.php`
+- [x] T049 [US4] Ensure any remaining “View run” links use canonical helper in `app/Support/OperationRunLinks.php`
 
 **Checkpoint**: Drift prevention is enforced in CI.
 
diff --git a/tests/Feature/OpsUx/CanonicalViewRunLinksTest.php b/tests/Feature/OpsUx/CanonicalViewRunLinksTest.php
new file mode 100644
index 0000000..dbf2372
--- /dev/null
+++ b/tests/Feature/OpsUx/CanonicalViewRunLinksTest.php
@@ -0,0 +1,31 @@
+<?php
+
+declare(strict_types=1);
+
+use Illuminate\Support\Facades\File;
+
+it('routes all OperationRun view links through OperationRunLinks', function (): void {
+    $files = File::allFiles(app_path());
+
+    $violations = [];
+
+    foreach ($files as $file) {
+        $path = $file->getRealPath();
+        if (! is_string($path)) {
+            continue;
+        }
+
+        // OperationRunLinks is the canonical wrapper.
+        if (str_ends_with($path, '/Support/OperationRunLinks.php')) {
+            continue;
+        }
+
+        $contents = File::get($path);
+
+        if (preg_match("/\\bOperationRunResource::getUrl\(\\s*'view'/", $contents) === 1) {
+            $violations[] = $path;
+        }
+    }
+
+    expect($violations)->toBeEmpty();
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/OperationCatalogCoverageTest.php b/tests/Feature/OpsUx/OperationCatalogCoverageTest.php
new file mode 100644
index 0000000..b6c1365
--- /dev/null
+++ b/tests/Feature/OpsUx/OperationCatalogCoverageTest.php
@@ -0,0 +1,61 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Support\OperationCatalog;
+use Illuminate\Support\Facades\File;
+
+it('fails fast if any code-produced operation type is not registered in OperationCatalog', function (): void {
+    $knownTypes = array_keys(OperationCatalog::labels());
+
+    $files = File::allFiles(app_path());
+
+    $discoveredTypes = [];
+
+    foreach ($files as $file) {
+        $path = $file->getRealPath();
+        if (! is_string($path)) {
+            continue;
+        }
+
+        // Skip the catalog itself to avoid tautology.
+        if (str_ends_with($path, '/Support/OperationCatalog.php')) {
+            continue;
+        }
+
+        $contents = File::get($path);
+
+        // Capture common patterns where operation type strings are produced in code.
+        // Example: ensureRun(type: 'inventory.sync', ...)
+        if (preg_match_all("/(?:\btype\s*:\s*|\btype\b\s*=>\s*)'([a-z0-9_]+\.[a-z0-9_]+)'/i", $contents, $matches)) {
+            foreach ($matches[1] as $type) {
+                $discoveredTypes[] = $type;
+            }
+        }
+
+        // Example: if ($run->type === 'inventory.sync')
+        if (preg_match_all("/\btype\s*(?:===|!==|==|!=)\s*'([a-z0-9_]+\.[a-z0-9_]+)'/i", $contents, $matches)) {
+            foreach ($matches[1] as $type) {
+                $discoveredTypes[] = $type;
+            }
+        }
+
+        // Example: in_array($run->type, ['a.b', 'c.d'], true)
+        if (preg_match_all("/\bin_array\([^\)]*\[([^\]]+)\]/i", $contents, $matches)) {
+            foreach ($matches[1] as $list) {
+                if (preg_match_all("/'([a-z0-9_]+\.[a-z0-9_]+)'/i", $list, $inner)) {
+                    foreach ($inner[1] as $type) {
+                        $discoveredTypes[] = $type;
+                    }
+                }
+            }
+        }
+    }
+
+    $discoveredTypes = array_values(array_unique($discoveredTypes));
+
+    $unknownTypes = array_values(array_diff($discoveredTypes, $knownTypes));
+
+    expect($unknownTypes)
+        ->toBeEmpty();
+})->group('ops-ux');
diff --git a/tests/Feature/OpsUx/UnknownOperationTypeLabelTest.php b/tests/Feature/OpsUx/UnknownOperationTypeLabelTest.php
new file mode 100644
index 0000000..ec65048
--- /dev/null
+++ b/tests/Feature/OpsUx/UnknownOperationTypeLabelTest.php
@@ -0,0 +1,12 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Support\OperationCatalog;
+
+it('renders Unknown operation for unknown operation types and never renders raw types', function (): void {
+    $label = OperationCatalog::label('some.new_operation');
+
+    expect($label)->toBe('Unknown operation');
+    expect($label)->not->toContain('some.new_operation');
+})->group('ops-ux');
-- 
2.45.2