ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
codex/322-post-319-validation-note
TenantAtlas/specs/318-admin-surface-scope-shell-context-audit/recommended-fixes.md
ahmido 1c27af4f5f spec: add admin surface scope shell context audit (#373) 
## Summary
- add Spec 318 audit artifacts for admin surface scope and shell context consistency after Specs 314-317
- document browser-backed findings for workspace hubs, environment-scoped pages, filtered workspace hubs, and mismatch cases
- capture recommended follow-up specs for baseline compare, baseline ownership, alerts/audit filter contracts, classifier regression coverage, and sidebar scope declarations

## Testing
- not run; analysis-only spec artifacts with no runtime or test code changes

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #373
2026-05-16 18:32:11 +00:00

1.7 KiB
Raw Permalink Blame History

Recommended Fixes

This audit did not apply any fixes. Recommended work should be split into small follow-up specs.

1. Baseline Compare Environment Classification Fix

Make Baseline Compare explicitly environment-scoped and shareable. Prefer a route-bound environment URL under /admin/workspaces/{workspace}/environments/{environment}/baseline-compare. Update the environment dashboard CTA, environment sidebar URL generation, and regression coverage for direct URL access without remembered context.

2. Workspace-Owned Baseline Registry Contract

Decide whether Baselines and Baseline Snapshots are workspace hubs or environment pages. Current code says workspace-owned. If workspace-owned, force environmentless shell and adjust sidebar/copy. If environment-owned, add route-bound environment URLs and data scoping.

3. Alerts and Audit Log Filter Contract

Make Alerts and Audit Log either true filtered workspace hubs or explicitly unfiltered workspace hubs. Preserve and apply environment_id with a visible chip and clear action, or strip/reject environment_id consistently.

4. Admin Surface Scope Regression Guard

Add classifier coverage for every admin path category in AdminSurfaceScope. Assert shell context for workspace hubs, environment pages, filtered workspace hubs, system pages, and canonical workspace record viewers. Add browser smoke coverage for reload and back/forward on high-risk pages.

5. Sidebar Placement / Surface Scope Contract

Add a source-of-truth registry for sidebar item product scope. Require each item to declare whether it opens an environment-bound page, a clean workspace hub, or a filtered workspace hub. Assert URL, shell, breadcrumb, page copy, chips, and active sidebar state against that declaration.