# Route Reachability Report ## Final Browser Outcomes | Surface | Route/path | Panel | Auth guard | Required parameters | Fixture parameters | HTTP/browser outcome | Final URL pattern | Verification label | |---|---|---|---|---|---|---|---|---| | Evidence Snapshot View | `/admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` | admin | `web` | workspace slug, environment slug, evidence snapshot id | `Test Workspace`, `Spec376 Browser Evidence Environment`, seeded snapshot | Rendered in browser, no JS errors, no console logs, screenshot captured | `/admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` | `browser-verified` | | Required Permissions | `/admin/workspaces/{workspace}/environments/{environment}/required-permissions` | admin | `web` | workspace slug, environment slug | same workspace/environment, seeded permission rows | Rendered in browser, no JS errors, no console logs, screenshot captured | `/admin/workspaces/{workspace}/environments/{environment}/required-permissions` | `browser-verified` | | System Dashboard | `/system` | system | `platform` | platform user with `platform.access_system_panel` plus dashboard capability | `PlatformUser` with `ACCESS_SYSTEM_PANEL`, `CONSOLE_VIEW`, `OPERATIONS_VIEW` | Rendered in browser, no JS errors, no console logs, screenshot captured | `/system` | `browser-verified` | | System Operations | `/system/ops/runs` | system | `platform` | platform user with operations capability | same `PlatformUser` | Rendered empty state in browser, no JS errors, no console logs, screenshot captured | `/system/ops/runs` | `browser-verified` | | Provider Connection Detail | `/admin/provider-connections/{record}?environment_id={environment}` | admin | `web` | provider connection id, explicit `environment_id`, workspace session | `Spec376 Provider Connection Detail` for the selected environment | Rendered in browser, no JS errors, no console logs, screenshot captured | `/admin/provider-connections/{record}?environment_id={environment}` | `browser-verified` | ## Route Inventory Sources - Laravel Boost `list_routes(path: admin)` confirmed: - `admin/local/smoke-login` - `admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` - `admin/workspaces/{workspace}/environments/{environment}/required-permissions` - `admin/provider-connections/{record}` - Laravel Boost `list_routes(path: system)` confirmed: - `system` - `system/ops/runs` ## Redirect/Login Behavior - Admin surfaces used `admin.local.smoke-login` once, with redirect to Evidence Snapshot View. Subsequent admin surface visits used the same authenticated browser session. - System surfaces did not use a smoke-login route. They used Pest Browser `actingAs($platformUser, 'platform')`, preserving platform-plane separation. - No tested surface redirected to `/admin/login` or `/system/login`.