# Implementation Notes

Status: complete.

## Guardrail Decision

Spec 373 consumes the completed Spec 370 diagnostic contract and preserves completed Spec 353/371/372 work as context. The implementation must not reopen Provider Connections, Required Permissions, customer/auditor pages, or operator backup surfaces unless a confirmed shared-code regression appears.

## Planned Implementation Shape

- Environment Diagnostics: added one derived first-viewport diagnostic summary over existing public page state. Helper stayed page-local in `EnvironmentDiagnostics`.
- Support diagnostics: added `recommended_first_check` from existing bundle sections/references. The bundle remains DB-local and redacted.
- Tests first: focused Feature/Livewire and builder unit tests were added before runtime implementation and initially failed on missing hierarchy/copy.
- Browser proof: reused the existing smoke-login route and Spec 352 fixture; no fixture/auth expansion was added.

## Known Repo Truth Adjustment

`ManagedEnvironmentDiagnosticsService::tenantHasNoOwners()` currently returns `false`, and existing tests assert workspace roles own role recovery. Spec 373 can still test the missing-owner presentation path by binding a test diagnostic service or setting page state, but it must not change role-recovery ownership unless the active spec is updated first.

## Out Of Scope

- ProviderGateway/provider health changes.
- Permission calculation changes.
- `/system` panel auth or browser fixture repairs.
- OperationRun lifecycle changes.
- New persistence, enum/status family, provider framework, queue family, scheduler, storage, package, or env var.

## Implementation Notes

- Missing-owner runtime truth remains unchanged. The page can present the state, but `ManagedEnvironmentDiagnosticsService::tenantHasNoOwners()` still returns false by default and existing workspace-role recovery ownership is preserved.
- `bootstrapOwner` and `mergeDuplicateMemberships` kept their existing `Action::make(...)->action(...)`, `->requiresConfirmation()`, `UiEnforcement`, `Capabilities::TENANT_MANAGE`, destructive classification, and service ownership.
- Support diagnostics first-check priority is context-aware: OperationRun entry points recommend operation context first; tenant entry points recommend provider, operation, findings, provider availability, or scoped context based on existing bundle truth.
- No Provider Connections, Required Permissions, System panel, provider gateway, permission calculation, OperationRun lifecycle, migration, package, env var, queue, scheduler, storage, panel provider, global search, or asset registration behavior was changed.