ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
130-structured-snapshot-rendering
TenantAtlas/docs/product/roadmap.md
ahmido 73a3a62451 Spec 122: Empty state consistency pass (#148) 
## Summary
- unify empty-state UX across the six in-scope Filament list pages
- move empty-state ownership toward resource `table()` definitions while preserving existing RBAC behavior
- add focused Pest coverage for empty-state rendering, CTA outcomes, populated-state regression behavior, and action-surface compliance
- add the Spec 122 planning artifacts and product discovery documents used for this pass

## Changed surfaces
- `PolicyResource`
- `BackupSetResource`
- `RestoreRunResource`
- `BackupScheduleResource`
- `WorkspaceResource`
- `AlertDeliveryResource`

## Tests
- `vendor/bin/sail artisan test --compact tests/Feature/Filament/EmptyStateConsistencyTest.php`
- `vendor/bin/sail artisan test --compact tests/Feature/Filament/Alerts/AlertDeliveryViewerTest.php`
- `vendor/bin/sail artisan test --compact tests/Feature/Filament/CreateCtaPlacementTest.php`
- `vendor/bin/sail artisan test --compact tests/Feature/PolicySyncStartSurfaceTest.php`
- `vendor/bin/sail artisan test --compact tests/Feature/BackupScheduling/BackupScheduleLifecycleAuthorizationTest.php`
- `vendor/bin/sail artisan test --compact tests/Feature/Filament/BackupSetUiEnforcementTest.php`
- `vendor/bin/sail artisan test --compact tests/Feature/Filament/RestoreRunUiEnforcementTest.php`
- `vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php`
- `vendor/bin/sail bin pint --dirty --format agent`

## Notes
- Filament v5 / Livewire v4.0+ compliance is preserved.
- Panel provider registration remains unchanged in `bootstrap/providers.php`.
- No new globally searchable resources were added.
- Destructive actions were not introduced by this pass.
- Alert Deliveries is documented as the explicit no-header-action exemption for the empty-state CTA relocation rule.
- Manual light/dark visual QA evidence is still expected in the PR/review artifact set for the remaining checklist items (`T018`, `T025`).

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #148
2026-03-08 02:17:51 +00:00

130 lines
4.6 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Product Roadmap
> Strategic thematic blocks and release trajectory.
> This is the "big picture" — not individual specs.
**Last updated**: 2026-03-08
---
## Release History
| Release | Theme | Status |
|---------|-------|--------|
| **R1 "Golden Master Governance"** | Baseline drift as production feature, operations polish | **Done** |
| **R1 cont.** | Ops canonicalization, action surface contract, ops-ux enforcement | **Done** |
| **R2 "Tenant Reviews & Evidence"** | Evidence packs, stored reports, permission posture, alerts | **Partial** |
| **R2 cont.** | Alert escalation + notification routing | **Done** |
---
## Active / Near-term
### UI & Product Maturity Polish
Empty state consistency, list-expand parity, workspace chooser refinement, navigation semantics.
Goal: Every surface feels intentional and guided for first-run evaluation.
**Active specs**: 122, 121, 112
### Secret & Security Hardening
Secret redaction integrity, provider access hardening, required permissions sidebar.
Goal: Enterprise trust — no credential leaks, no permission gaps.
**Active specs**: 120, 108, 106
### Baseline Drift Engine (Cutover)
Full content capture, cutover to unified engine, resume capability.
Goal: Ship drift detection as the complete production governance feature.
**Active specs**: 119 (cutover)
---
## Planned (Next Quarter)
### R2 Completion — Evidence & Exception Workflows
- Review pack export (Spec 109 — done)
- Exception/risk-acceptance workflow for Findings → **Not yet specced**
- Formal "evidence pack" entity → **Not yet specced**
- Workspace-level PII override for review packs → deferred from 109
### Policy Lifecycle / Ghost Policies
Soft delete detection, automatic restore, "Deleted" badge, restore from backup.
Draft exists (Spec 900). Needs spec refresh and prioritization.
**Risk**: Ghost policies create confusion for backup item references.
### Platform Operations Maturity
- CSV export for filtered run metadata (deferred from Spec 114)
- Raw error/context drilldowns for system console (deferred from Spec 114)
- Multi-workspace operator selection in `/system` (deferred from Spec 113)
---
## Mid-term (23 Quarters)
### MSP Portfolio & Operations (Multi-Tenant)
Multi-tenant health dashboard, SLA/compliance reports (PDF), cross-tenant troubleshooting center.
**Source**: 0800-future-features brainstorming, identified as highest priority pillar.
**Prerequisite**: Cross-tenant compare (Spec 043 — draft only).
### Drift & Change Governance ("Revenue Lever #1")
Change approval workflows (DEV→PROD with audit pack), guardrails/policy freeze windows, tamper detection.
**Source**: 0800-future-features brainstorming.
**Prerequisite**: Drift engine fully shipped, findings workflow mature.
### Standardization & Policy Quality ("Intune Linting")
Policy linter (naming, scope tag requirements, no All-Users on high-risk), company standards as templates, policy hygiene (duplicate finder, unassigned, orphaned, stale).
**Source**: 0800-future-features brainstorming.
---
## Long-term
### Tenant-to-Tenant / Staging→Prod Promotion
Compare/diff between tenants, mapping UI (groups, scope tags, filters, named locations, app refs), promotion plan (preview → dry-run → cutover → verify).
**Source**: 0800-future-features, Spec 043 draft.
### Recovery Confidence ("Killer Feature")
Automated restore tests in test tenants, recovery readiness report, preflight score.
**Source**: 0800-future-features brainstorming.
### Security Suite Layer
Security posture score, blast radius display, opt-in high-risk enablement.
**Source**: 0800-future-features brainstorming.
### Script & Secrets Governance
Script diff + approval + rollback, secret scanning, allowlist/signing workflow.
**Source**: 0800-future-features brainstorming.
---
## Infrastructure & Platform Debt
| Item | Risk | Status |
|------|------|--------|
| No `.env.example` in repo | Onboarding friction | Open |
| No CI pipeline config | No automated quality gate | Open |
| No PHPStan/Larastan | No static analysis | Open |
| SQLite for tests vs PostgreSQL in prod | Schema drift risk | Open |
| No formal release process | Manual deploys | Open |
| Dokploy config external to repo | Env drift | Open |
---
## Priority Ranking (from Product Brainstorming)
1. MSP Portfolio + Alerting
2. Drift + Approval Workflows
3. Standardization / Linting
4. Promotion DEV→PROD
5. Recovery Confidence
---
## How to use this file
- **Big themes** live here.
- **Concrete spec candidates** → see [spec-candidates.md](spec-candidates.md)
- **Small discoveries from implementation** → see [discoveries.md](discoveries.md)
- **Product principles** → see [principles.md](principles.md)
Reference in New Issue View Git Blame Copy Permalink