# Tasks: Spec 335 - Restore Run Detail / Post-Execution Proof Productization **Input**: - `specs/335-restore-run-detail-post-execution-proof-productization/spec.md` - `specs/335-restore-run-detail-post-execution-proof-productization/plan.md` - `specs/335-restore-run-detail-post-execution-proof-productization/repo-truth-map.md` - `specs/335-restore-run-detail-post-execution-proof-productization/restore-result-state-contract.md` **Tests**: Required. This spec changes an operator-facing dangerous-workflow detail surface and must prove decision-first truth boundaries. ## Test Governance Checklist - [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior. - [x] New or changed tests stay in the smallest honest family, and browser additions are explicit. - [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default. - [x] Planned validation commands cover the change without pulling in unrelated lane cost. - [x] The dangerous-workflow proof/evidence surface profile is explicit. - [x] Any material budget, baseline, trend, or escalation note is recorded in the active spec or PR. ## Phase 1: Repo Truth (blocks runtime changes) **Purpose**: Freeze repo truth for RestoreRun results/proof/evidence before changing UI. - [x] T001 Re-read `spec.md`, `plan.md`, and this `tasks.md`. - [x] T002 Verify current Restore Run view implementation and state sources: - `apps/platform/app/Filament/Resources/RestoreRunResource.php` (infolist + `detailResultsState`) - `apps/platform/resources/views/filament/infolists/entries/restore-results.blade.php` - `apps/platform/app/Support/RestoreSafety/RestoreSafetyResolver.php` (`resultAttentionForRun`) - [x] T003 Update/confirm `repo-truth-map.md` is accurate for: - `RestoreRun` model fields + `RestoreRunStatus` values - results shape (`results.foundations`, `results.items`) and summary counts (`metadata.total/succeeded/failed/skipped/partial/non_applied`) - `operation_run_id` relationship + current OperationRun outcome/status behavior - Evidence snapshot availability (query path, status/completeness enums) - [x] T004 Update/confirm `restore-result-state-contract.md` is aligned to repo truth (no invented evidence/proof states). ## Phase 2: Restore Run Detail Presenter (derived view-model, optional) **Purpose**: Ensure one decision-first UI contract drives the view surface. - [x] T005 Decide whether a presenter/view-model is needed. If the view becomes a multi-section surface (decision card + proof panel + evidence state + table), prefer a presenter to avoid page-local logic drift. - [x] T006 If introduced, implement a thin derived presenter that outputs: - `status_label`, `reason`, `impact`, `primary_next_action` - `operation_proof` state + URL (tenant/workspace-safe, capability-gated) - `post_run_evidence` state + URL (repo-backed only) - `result_summary` counts (repo-backed only) - `diagnostics_state = collapsed` - [x] T007 Prove presenter output determinism with Unit tests (no static memoization). ## Phase 3: Detail Page UI (decision-first main/aside) **Purpose**: Productize the page layout and hierarchy. - [x] T008 Refactor Restore Run view page into a main/aside hierarchy: - Main: decision card + result summary + item outcomes (table) + secondary run details - Aside: proof panel (source backup, target env, requested by, operation proof, post-run evidence, audit trail) + diagnostics collapsed - [x] T009 Ensure diagnostics and raw payloads remain collapsed/secondary by default (no stack traces, no raw JSON as primary UI). - [x] T010 Ensure the page does not display "recovery verified", "healthy", "compliant", or "customer-safe" claims unless repo truth supports that semantics. ## Phase 4: Proof/Evidence Links (repo-backed only) **Purpose**: Make execution proof and post-run evidence explicit, separate, and truthful. - [x] T011 Operation proof: - restore run with `operation_run_id` shows proof state + link to OperationRun detail - restore run without operation run shows "unavailable" state - [x] T012 Post-run evidence: - when evidence snapshots exist for the linked operation run (tenant-scoped), show state + link to Evidence Snapshot detail - when absent, show "unavailable" and do not imply recovery proof ## Phase 5: Item Outcomes (table-first, no payload dump) **Purpose**: Make per-item outcomes reviewable without flooding the page. - [x] T013 Render item outcomes as a table (not large cards) when `results.items` exists. - [x] T014 Show compact summary counts from `restore_runs.metadata` (only when repo-backed; no fake zeros). - [x] T015 Keep raw per-item payload/diff/diagnostics behind disclosure. ## Phase 6: RBAC / Isolation - [x] T016 Add at least one positive and one negative authorization test for Restore Run view access. - [x] T017 Prove cross-workspace/tenant proof and evidence links cannot leak (deny-as-not-found semantics preserved). ## Phase 7: Tests - [x] T018 Add Feature test: `apps/platform/tests/Feature/Filament/Spec335RestoreRunDetailProductizationTest.php` covering: - decision question visible - "Completed" does not imply recovery verified - operation proof state visible - post-run evidence state visible and truthful - diagnostics collapsed; raw payload hidden by default - [x] T019 Extend or align with existing coverage: - `apps/platform/tests/Feature/Filament/RestoreResultAttentionSurfaceTest.php` - [x] T020 Add Browser smoke/screenshot test: `apps/platform/tests/Browser/Spec335RestoreRunDetailProductizationSmokeTest.php`. ## Phase 8: Screenshots - [x] T021 Capture required screenshots under: - `specs/335-restore-run-detail-post-execution-proof-productization/artifacts/screenshots/` - [x] T022 Capture at least: - `01-restore-run-draft.png` - `02-restore-run-completed-proof-incomplete.png` - `03-restore-run-operation-proof.png` - `04-restore-run-evidence-unavailable.png` - `05-restore-run-item-outcomes.png` - `06-restore-run-failed-if-supported.png` - `07-restore-run-diagnostics-collapsed.png` - `08-restore-run-dark-mode.png` If a state is not reachable via fixtures, document why in the Spec 335 notes (do not fake coverage). ## Phase 9: Validation - [x] T023 Run: - `cd apps/platform && ./vendor/bin/sail artisan test tests/Feature/Filament/Spec335RestoreRunDetailProductizationTest.php tests/Feature/Filament/RestoreResultAttentionSurfaceTest.php --compact` - `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec335RestoreRunDetailProductizationSmokeTest.php --compact` - `cd apps/platform && ./vendor/bin/sail pint --dirty` - `git diff --check` ## Explicit Non-Goals - [x] NT001 Do not change restore execution backend behavior. - [x] NT002 Do not add new Graph calls or ProviderGateway behavior. - [x] NT003 Do not change `OperationRun` lifecycle semantics (link-only). - [x] NT004 Do not add migrations, packages, env vars, queues, scheduler, or storage changes. - [x] NT005 Do not redesign Restore Create wizard (Spec 333 owns Create UX). - [x] NT006 Do not introduce any false recovery-proof claims.