# Tasks: Spec 329 - Evidence / Audit Log Disclosure Productization **Input**: Design documents from `/specs/329-evidence-audit-log-disclosure-productization/` **Prerequisites**: `spec.md`, `plan.md`, `repo-truth-map.md` **Tests**: Required. This is a runtime UI/operator proof-disclosure Filament page productization with browser smoke. ## Test Governance Checklist - [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior. - [x] New or changed tests stay in the smallest honest family, and the browser addition is explicit. - [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default. - [x] Planned validation commands cover the change without pulling in unrelated lane cost. - [x] The declared surface test profile (`global-context-shell`, `monitoring-state-page`, `shared-detail-family`) is explicit. - [x] Any material budget, baseline, trend, or escalation note is recorded in the active spec or PR. ## Phase 1: Preparation And Repo Truth **Purpose**: Confirm runtime truth and prevent invented claims before page edits. - [x] T001 Re-read `specs/329-evidence-audit-log-disclosure-productization/spec.md`, `plan.md`, `tasks.md`, and `repo-truth-map.md`. - [x] T002 Re-read related completed context only: Specs 314-328. Do not modify their artifacts. - [x] T003 Verify current Evidence Overview route/class/view and existing tests before editing: `apps/platform/routes/web.php`, `apps/platform/app/Filament/Pages/Monitoring/EvidenceOverview.php`, `apps/platform/resources/views/filament/pages/monitoring/evidence-overview.blade.php`, and `apps/platform/tests/Feature/Evidence/EvidenceOverviewPageTest.php`. - [x] T004 Verify current Audit Log route/class/view/partial and existing tests before editing: `apps/platform/routes/web.php`, `apps/platform/app/Filament/Pages/Monitoring/AuditLog.php`, `apps/platform/resources/views/filament/pages/monitoring/audit-log.blade.php`, `apps/platform/resources/views/filament/pages/monitoring/partials/audit-log-inspect-event.blade.php`, and `apps/platform/tests/Feature/Filament/AuditLogPageTest.php`. - [x] T005 Verify source models and authorization paths: `EvidenceSnapshot`, `ReviewPack`, `StoredReport`, `OperationRun`, `AuditLog`, `EvidenceSnapshotPolicy`, `ReviewPackPolicy`, `StoredReportResource`, `OperationRunLinks`, and capability resolvers. - [x] T006 Update `repo-truth-map.md` with any newly discovered source, capability, fallback, or classification before runtime changes. - [x] T007 Confirm no migration/package/env/queue/storage/deployment asset change is required; if one appears necessary, stop and update spec/plan first. - [x] T008 Confirm Filament v5 / Livewire v4.0+ compliance and no Livewire v3/Filament legacy API use. - [x] T009 Confirm panel provider registration remains `apps/platform/bootstrap/providers.php`. - [x] T010 Confirm related globally searchable resources stay disabled or have safe View/Edit pages; no global search change is expected. - [x] T011 Verify the duplicated `/admin/evidence/overview` route and Audit Log environment-context middleware do not create scope/shell drift; document any bounded cleanup in spec artifacts before code changes if needed. ## Phase 2: Feature Tests First **Purpose**: Lock proof-first layout, event-first-read, RBAC, scope, and diagnostics behavior before UI refactor. - [x] T012 Add or update a feature test asserting `specs/329-evidence-audit-log-disclosure-productization/repo-truth-map.md` exists and lists required Evidence Overview and Audit Log data areas. - [x] T013 Add or update a Feature/Livewire/HTTP test for Evidence Overview layout text: `Evidence`, `What proof is available for this scope?`, `Evidence path`, `Review pack`, `Operation proof`, and `Diagnostics - Collapsed` in `apps/platform/tests/Feature/Evidence/EvidenceOverviewPageTest.php` or a focused Spec 329 monitoring test. - [x] T014 Add or update a Feature/Livewire/HTTP test for Audit Log layout text: `Audit Log`, `Which event proves what happened?`, `Actor`, `Action`, `Target`, `Outcome`, `Time`, and `Diagnostics - Collapsed`. - [x] T015 Add or update a test asserting Evidence Overview shows `Evidence snapshot`, `Review pack`, `Operation proof`, and `Stored report / export` without default-visible raw metadata. - [x] T016 Add or update a test asserting Audit Log shows actor/action/target/outcome/time before raw metadata for a selected event. - [x] T017 Add or update a test asserting export/report availability uses only repo-supported states such as `Available`, `Unavailable`, `Not generated`, or `Not applicable`; no fake download/export action appears. - [x] T018 Add or update a test asserting raw diagnostics are hidden by default on both pages: `raw payload`, `provider secret`, `stack trace`, `debug metadata`, `internal exception`, `provider response`, and raw OperationRun context must not appear. - [x] T019 Add or update RBAC tests covering evidence snapshot open, review pack open/download, stored report open, audit event detail, operation proof, and raw diagnostics visibility where existing capabilities support coverage. - [x] T020 Add or update canonical Evidence Overview environment filter tests for `?environment_id=`, visible chip, workspace shell only, filtered proof data, clear filter, and reload safety. - [x] T021 Add or update canonical Audit Log environment filter tests for `?environment_id=`, visible chip, workspace shell only, filtered audit rows, selected-event normalization, clear filter, and reload safety. - [x] T022 Add or update legacy alias rejection tests for Evidence Overview and Audit Log covering `tenant`, `tenant_id`, `managed_environment_id`, `environment`, `tenant_scope`, and `tableFilters`. - [x] T023 Add or update cross-workspace environment filter guard tests returning safe 404/no-access for both Evidence Overview and Audit Log. - [x] T024 Add or update tenant-copy guard asserting platform-context copy such as `current tenant`, `tenant filter`, `entitled tenant`, `all tenants`, and `production tenant` is not visible on either page. ## Phase 3: Evidence Overview Productization **Purpose**: Refactor Evidence Overview from table-first to proof-first without new backend foundation. - [x] T025 Update `apps/platform/app/Filament/Pages/Monitoring/EvidenceOverview.php` to expose repo-truth-bounded payloads for scope, proof readiness, evidence path, export/report availability, proof links, unavailable states, and diagnostics disclosure. - [x] T026 Update `apps/platform/resources/views/filament/pages/monitoring/evidence-overview.blade.php` to render header/scope, proof readiness workbench, evidence path panel, export/report availability panel, secondary table, and collapsed diagnostics disclosure. - [x] T027 Ensure Evidence Overview shows workspace-wide vs environment-filtered context and the shared Environment chip when filtered. - [x] T028 Ensure the main proof workbench shows the stable question, evidence availability, freshness, snapshot state, review pack/export state, stored report/export state, operation proof state, and one dominant open-proof action when authorized. - [x] T029 Ensure evidence path items show only honest states: available, unavailable, stale, not generated, not applicable, or omitted. - [x] T030 Keep the existing Evidence Overview table available as secondary context; do not remove existing search/filter/sort/row navigation functionality. - [x] T031 Ensure Evidence Overview diagnostics/raw metadata are collapsed, hidden, or capability-gated by default. ## Phase 4: Audit Log Productization **Purpose**: Refactor Audit Log from summary/table-first to event-proof-first while preserving event history. - [x] T032 Update `apps/platform/app/Filament/Pages/Monitoring/AuditLog.php` to expose repo-truth-bounded payloads for audit proof workbench, selected/latest event proof, related proof links, unavailable states, disclosure hierarchy, and diagnostics gating. - [x] T033 Update `apps/platform/resources/views/filament/pages/monitoring/audit-log.blade.php` to render header/scope, audit proof workbench, selected/latest event proof panel, secondary table, and collapsed diagnostics disclosure. - [x] T034 Update `apps/platform/resources/views/filament/pages/monitoring/partials/audit-log-inspect-event.blade.php` so actor/action/target/outcome/time/scope and related proof are first-read, while technical metadata is behind collapsed/capability-aware disclosure. - [x] T035 Ensure Audit Log shows workspace-wide vs environment-filtered context and the shared Environment chip when filtered. - [x] T036 Ensure selected event proof normalizes against active filter/search/authorization and falls back safely when the event is invalid, inaccessible, or outside scope. - [x] T037 Keep the existing Audit Log table available as secondary event history; do not remove existing filters/search/sort/inspect behavior. - [x] T038 Ensure Audit Log diagnostics/raw metadata are collapsed, hidden, or capability-gated by default. ## Phase 5: Data Binding And Honest States **Purpose**: Bind proof surfaces to repo-verified sources and avoid false claims. - [x] T039 Bind evidence snapshot display to `EvidenceSnapshot` fields, `ArtifactTruthPresenter`, and existing snapshot detail links only. - [x] T040 Bind review pack state to existing `ReviewPack` fields/statuses and `ReviewPackResource`/download links only where authorized. - [x] T041 Bind stored report state to existing `StoredReport` records, report-type capabilities, and `StoredReportResource` links only where authorized. - [x] T042 Bind operation proof state only through existing `operationRun()` relations, `OperationRunLinks`, and authorized operation visibility. - [x] T043 Bind audit event proof to `AuditLog` actor snapshot, action/action label, target snapshot, normalized outcome, recorded time, scope, readable context, operation relation, and related navigation resolver. - [x] T044 Render unavailable/missing/not generated/not applicable states for unsupported proof paths rather than inventing backend capabilities. - [x] T045 Ensure no generic green success state, immutable/certified/compliance-ready copy, or environment/governance health claim appears without exact repo proof. ## Phase 6: Actions, RBAC, And Safety **Purpose**: Show only real, authorized actions and preserve read-first default behavior. - [x] T046 Keep primary actions singular and context-aware on each proof panel. - [x] T047 Show open evidence snapshot, open review pack, download/open export artifact, open stored report, open operation proof, open audit event, or open related record only when route and authorization are repo-real. - [x] T048 Ensure unauthorized actions are hidden or replaced with safe unavailable state without leaking sensitive details. - [x] T049 Ensure raw diagnostics/metadata disclosure is unavailable without `support_diagnostics.view` or stricter existing raw/support capability. - [x] T050 Verify no default action approves, rejects, accepts risk, deletes, restores, remediates, mutates provider state, or changes evidence/audit storage. - [x] T051 If any high-impact action is unexpectedly required, update spec/plan first, then implement it with `Action::make(...)->action(...)`, `->requiresConfirmation()`, server-side authorization, audit, notification, and tests. ## Phase 7: Workspace / Environment Scope Contract **Purpose**: Preserve Specs 314-322. - [x] T052 Verify clean `/admin/evidence/overview` and `/admin/audit-log` do not read remembered environment shell state or persisted table filters. - [x] T053 Verify `/admin/evidence/overview?environment_id={id}` and `/admin/audit-log?environment_id={id}` filter only page data, show visible chip, and keep Workspace shell ownership. - [x] T054 Verify clear filter redirects to clean workspace URL and remains safe after reload. - [x] T055 Verify legacy aliases are removed/neutralized and do not set filter state. - [x] T056 Verify cross-workspace or unauthorized `environment_id` returns safe no-access/404. - [x] T057 Verify back/forward/reload behavior does not resurrect cleared environment filter state. - [x] T058 Verify Audit Log route middleware does not force active Environment shell ownership or remembered fallback; if it does, apply the narrowest route/middleware correction in scope and cover it with tests. ## Phase 8: Browser Smoke And Screenshots **Purpose**: Prove the user-facing contract in the integrated browser lane. - [x] T059 Create `apps/platform/tests/Browser/Spec329EvidenceAuditDisclosureSmokeTest.php` using existing Pest Browser conventions. - [x] T060 Browser Flow A: Evidence Overview clean workspace; assert Workspace shell only, no Environment chip, main proof question, proof workbench, evidence path, diagnostics collapsed, table secondary, screenshot. - [x] T061 Browser Flow B: Evidence Overview filtered entry; assert visible Environment chip, filtered proof state, clear action, no active Environment shell, screenshot. - [x] T062 Browser Flow C: Evidence clear filter and reload; assert clean URL, chip does not return, no active Environment shell. - [x] T063 Browser Flow D: Evidence non-empty and empty proof states; assert available/unavailable/not generated states and no raw metadata. - [x] T064 Browser Flow E: Audit Log clean workspace; assert Workspace shell only, no Environment chip, audit proof question, actor/action/target/outcome/time first-read, diagnostics collapsed, table secondary, screenshot. - [x] T065 Browser Flow F: Audit Log filtered entry; assert visible Environment chip, filtered event proof, clear action, no active Environment shell, screenshot. - [x] T066 Browser Flow G: Audit clear filter and reload; assert clean URL, chip does not return, no active Environment shell. - [x] T067 Browser Flow H: Audit non-empty and empty event states; assert selected/latest event proof and no raw metadata. - [x] T068 Browser Flow I: no platform-context tenant wording appears on either surface. - [x] T069 Save screenshots under `specs/329-evidence-audit-log-disclosure-productization/artifacts/screenshots/` when generated and ensure they contain no secrets. ## Phase 9: UI Coverage And Documentation Artifacts **Purpose**: Satisfy UI-COV without unrelated docs churn. - [x] T070 Decide after runtime diff whether `docs/ui-ux-enterprise-audit/route-inventory.md`, `design-coverage-matrix.md`, page reports, or unresolved pages need an update. - [x] T071 If coverage docs are not changed, add a close-out note explaining why existing UI-025/UI-044 rows plus Spec 325 target artifacts and Spec 329 package artifacts remain sufficient. - [x] T072 Update `repo-truth-map.md` final classifications for implemented/empty/deferred elements. - [x] T073 Do not create general documentation files outside required Spec Kit/UI coverage artifacts unless explicitly requested. - [x] T081 Add the existing Evidence Overview route to the Workspace Monitoring sidebar through both workspace navigation paths with a concise area label and cover the navigation entry with existing workspace-hub sidebar regression tests. ## Phase 10: Validation **Purpose**: Run narrow proof and report honestly. - [x] T074 Run `cd apps/platform && ./vendor/bin/sail artisan test tests/Feature/Monitoring tests/Feature/Evidence tests/Feature/Audit tests/Feature/Navigation/WorkspaceHubEnvironmentFilterContractTest.php tests/Feature/Navigation/WorkspaceHubClearFilterContractTest.php --compact`. - [x] T075 Run `cd apps/platform && ./vendor/bin/sail artisan test tests/Browser/Spec329EvidenceAuditDisclosureSmokeTest.php --compact`. - [x] T076 Run `cd apps/platform && ./vendor/bin/sail artisan test --filter='Evidence|AuditLog|WorkspaceHub|EnvironmentFilter|ClearFilter|LegacyTenant|Spec322' --compact`. - [x] T077 Run `cd apps/platform && ./vendor/bin/sail pint --dirty`. - [x] T078 Run `git diff --check`. - [x] T079 Report full-suite status honestly if not run. - [x] T080 Confirm no migrations, seeders, packages, env vars, queues, scheduler, storage, deployment assets, backwards compatibility layer, or legacy tenant alias support were added. - [x] T082 Replace implementation-heavy empty-snapshot copy with product-safe proof copy and assert the old artifact-row wording is not visible. - [x] T083 Add empty-primary-snapshot proof hierarchy coverage for `Proof incomplete`, reason, and impact. - [x] T084 Keep dynamic display names containing `Tenant` allowed while rejecting static `Search tenant or next` copy. - [x] T085 Prevent clipped Evidence Path badge labels in the right panel and cover `Empty`, `Ready`, and `Available` labels in Feature/Browser tests. ### Validation Close-Out - Focused Spec 329 and impacted Feature tests passed: `./vendor/bin/sail artisan test tests/Feature/Monitoring/Spec329EvidenceAuditDisclosureProductizationTest.php tests/Feature/Filament/AuditLogPageTest.php tests/Feature/Filament/AuditLogDetailInspectionTest.php tests/Feature/Monitoring/AuditLogInspectFlowTest.php tests/Feature/Evidence/EvidenceOverviewPageTest.php --compact`. - Spec 329 Browser smoke passed: `./vendor/bin/sail artisan test tests/Browser/Spec329EvidenceAuditDisclosureSmokeTest.php --compact`. - Neighboring navigation/browser contracts passed: Spec 198, Spec 322, Spec 321, WorkspaceHubEnvironmentFilter, and WorkspaceHubClearFilter targeted run. - Filter-based validation passed: `./vendor/bin/sail artisan test --filter='Evidence|AuditLog|WorkspaceHub|EnvironmentFilter|ClearFilter|LegacyTenant|Spec322' --compact` with 352 passed, 1 skipped, 4,220 assertions. - Broad Feature lane was run and had one unrelated pre-existing failure in `tests/Feature/Audit/ProviderConnectionIdentityAuditTest.php` (`getDefaultTestingSchemaName()` on null). The same test failed in isolation; no provider-connection audit code was changed for Spec 329. - `./vendor/bin/sail pint --dirty` passed. - `git diff --check` passed. - Screenshots are stored under `specs/329-evidence-audit-log-disclosure-productization/artifacts/screenshots/`. ## Dependencies - Phase 1 blocks all runtime implementation. - Phase 2 should be written before or alongside implementation to lock behavior. - Phase 3 and Phase 4 can be implemented in parallel only if write scopes stay disjoint: - Evidence write scope: Evidence page class/view/tests. - Audit write scope: Audit page class/view/partial/tests. - Phase 5 and Phase 6 depend on Phases 3-4 payload shape. - Phase 7 must be validated after both surfaces are changed. - Phase 8 depends on user-facing runtime changes. - Phase 10 is final validation. ## Non-Goals Checklist - [x] NT001 Do not build a new evidence backend. - [x] NT002 Do not build a new audit ingestion engine. - [x] NT003 Do not build immutable/legal/certification/compliance attestation. - [x] NT004 Do not build a new export/report generation engine. - [x] NT005 Do not add AI summarization. - [x] NT006 Do not redesign Customer Review Workspace, Governance Inbox, Operations Hub, Environment Dashboard, Baseline Compare, Restore Safety, or Provider Readiness. - [x] NT007 Do not add migrations unless spec/plan are updated first with proof. - [x] NT008 Do not rewrite completed Specs 314-328. - [x] NT009 Do not add legacy tenant query alias support. - [x] NT010 Do not expose raw diagnostics or provider payloads by default. ## Required Final Report Content When implementation later completes, report: - Changed behavior. - Evidence Overview proof surface. - Audit Log event-proof surface. - Disclosure / diagnostics default state. - RBAC-visible/hidden actions. - Repo-verified vs unavailable states. - Files changed. - Repo truth map status. - Tests run and results. - Browser verification and screenshots path. - Known gaps. - Remaining follow-ups. - Full suite run/not run. - Explicit no migrations/seeders/packages/env/queues/scheduler/storage/deployment assets/backcompat/legacy aliases statement.