# Tasks: Tenant Portfolio & Context Switch (031)

**Branch**: `feat/031-tenant-portfolio-context-switch`  
**Date**: 2026-01-04  
**Input**: [spec.md](./spec.md), [plan.md](./plan.md)

## Phase 1: Setup
- [x] T001 Create spec/plan/tasks and checklist.

## Phase 2: Research & Design
- [x] T002 Review Filament tenancy support and choose the context mechanism (route vs session).
- [x] T003 Define tenant access roles and mapping (user memberships; future org/group principals).
- [x] T004 Decide how to store `environment` (column vs JSONB) and whether MSP “customer grouping” is in scope.
- [x] T005 Define context precedence rules (env override, route tenant, session/default tenant) and cross-tab safety expectations.

## Phase 3: Tests (TDD)
- [x] T006 Authorization: user cannot access unauthorized tenant (404).
- [x] T007 Authorization: tenant-scoped resources deny cross-tenant access via URL (404).
- [x] T008 Context switching: “Open tenant” navigates into tenant-scoped pages (tenant in URL) and data filters correctly.
- [x] T009 Bulk sync: dispatches one job per selected tenant; readonly role cannot run it.
- [ ] T010 UI (optional browser tests): tenant switcher visible and environment badge shown.

## Phase 4: Implementation
- [x] T011 Add migrations for tenant memberships/roles and environment attribute (and optional preferences).
- [x] T012 Implement `TenantContext` + authorization gate/policy (`canAccessTenant`).
- [x] T013 Integrate tenant switcher into Filament topbar and make Current Tenant always visible.
- [x] T014 Scope tenant resources (Policies/Backups/RestoreRuns/etc.) via TenantContext; replace direct `Tenant::current()` usage.
- [x] T015 Update `TenantResource` into a portfolio view: access-scoped query, columns, filters, “Open”, “Sync”, bulk “Sync selected”.
- [x] T016 Add restore guardrails (target tenant header + tenant-aware confirmations).

## Phase 5: Verification
- [x] T017 Run targeted tests.
- [x] T018 Run Pint (`./vendor/bin/pint --dirty`).