ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
dev
TenantAtlas/specs
History
ahmido a4f2629493 feat: add tenant review layer (#185) 
## Summary
- add the tenant review domain with tenant-scoped review library, canonical workspace review register, lifecycle actions, and review-derived executive pack export
- extend review pack, operations, audit, capability, and badge infrastructure to support review composition, publication, export, and recurring review cycles
- add product backlog and audit documentation updates for tenant review and semantic-clarity follow-up candidates

## Testing
- `vendor/bin/sail bin pint --dirty --format agent`
- `vendor/bin/sail artisan test --compact --filter="TenantReview"`
- `CI=1 vendor/bin/sail artisan test --compact`

## Notes
- Livewire v4+ compliant via existing Filament v5 stack
- panel providers remain in `bootstrap/providers.php` via existing Laravel 12 structure; no provider registration moved to `bootstrap/app.php`
- `TenantReviewResource` is not globally searchable, so the Filament edit/view global-search constraint does not apply
- destructive review actions use action handlers with confirmation and policy enforcement

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #185
2026-03-21 22:03:01 +00:00
..
001-finding-risk-acceptance feat: implement finding risk acceptance lifecycle (#184) 2026-03-20 01:07:55 +00:00
001-rbac-onboarding docs: deprecate .specify specs and update references (#53) 2026-01-10 21:40:46 +00:00
001-tenant-review-layer feat: add tenant review layer (#185) 2026-03-21 22:03:01 +00:00
002-filament-json spec: add 002 filament json 2025-12-14 19:56:17 +01:00
003-settings-catalog-readable dev-merges/c709b36 (#3) 2025-12-21 23:15:12 +00:00
004-assignments-scope-tags docs: deprecate .specify specs and update references (#53) 2026-01-10 21:40:46 +00:00
005-bulk-operations wip: feature 056 progress 2026-01-19 18:50:11 +01:00
006-sot-foundations-assignments feat(006): foundations + assignment mapping and preview-only restore guard (#7) 2025-12-26 23:44:31 +00:00
007-device-config-compliance feat(007): device config & compliance snapshot/restore improvements (#9) 2025-12-29 12:46:20 +00:00
008-apps-app-management docs: deprecate .specify specs and update references (#53) 2026-01-10 21:40:46 +00:00
009-app-protection-policy feat/009-app-protection-policy (#11) 2025-12-29 16:11:50 +00:00
010-admin-templates docs: deprecate .specify specs and update references (#53) 2026-01-10 21:40:46 +00:00
011-restore-run-wizard feat/011-restore-run-wizard (#37) 2026-01-07 01:40:04 +00:00
012-windows-update-rings feat/012-windows-update-rings (#18) 2026-01-01 10:44:17 +00:00
013-scripts-management 013-scripts-management (#19) 2026-01-01 22:02:30 +00:00
014-enrollment-autopilot 014-enrollment-autopilot (#20) 2026-01-02 11:59:21 +00:00
015-policy-picker-ux 015-policy-picker-ux (#21) 2026-01-02 13:59:15 +00:00
016-backup-version-reuse feat: always capture policy when adding to backup (#22) 2026-01-02 14:33:29 +00:00
017-policy-types-mam-endpoint-security-baselines feat/017-policy-types-mam-endpoint-security-baselines (#23) 2026-01-03 02:06:35 +00:00
018-driver-updates-wufb feat/018-driver-updates-wufb (#27) 2026-01-04 00:38:54 +00:00
023-endpoint-security-restore feat/018-driver-updates-wufb (#27) 2026-01-04 00:38:54 +00:00
024-terms-and-conditions spec/024-additional-intune-types (#28) 2026-01-04 02:27:44 +00:00
025-policy-sets spec/024-additional-intune-types (#28) 2026-01-04 02:27:44 +00:00
026-custom-compliance-scripts spec/024-additional-intune-types (#28) 2026-01-04 02:27:44 +00:00
027-enrollment-config-subtypes feat/027-enrollment-config-subtypes (#31) 2026-01-04 13:25:15 +00:00
028-device-categories spec/024-additional-intune-types (#28) 2026-01-04 02:27:44 +00:00
029-wip-policies spec/024-additional-intune-types (#28) 2026-01-04 02:27:44 +00:00
030-intune-rbac-backup spec/024-additional-intune-types (#28) 2026-01-04 02:27:44 +00:00
031-tenant-portfolio-context-switch feat/031-tenant-portfolio-context-switch (#32) 2026-01-04 21:28:08 +00:00
032-backup-scheduling-mvp feat/032-backup-scheduling-mvp (#36) 2026-01-07 01:12:12 +00:00
039-inventory-program spec: add inventory specs 039-044 (#42) 2026-01-07 14:01:07 +00:00
040-inventory-core feat/040-inventory-core (#43) 2026-01-07 14:54:24 +00:00
041-inventory-ui feat/041-inventory-ui (#44) 2026-01-07 17:10:57 +00:00
042-inventory-dependencies-graph feat/042-inventory-dependencies-graph (#50) 2026-01-10 12:50:08 +00:00
043-cross-tenant-compare-and-promotion spec: add inventory specs 039-044 (#42) 2026-01-07 14:01:07 +00:00
044-drift-mvp feat/044-drift-mvp (#58) 2026-01-14 23:16:10 +00:00
045-settingscatalog-classification 046-inventory-sync-button (#47) 2026-01-09 22:15:04 +00:00
046-inventory-sync-button feat(054): finalize docs — RBAC delegated group search + Restore DB-only mapping; constitution note 2026-01-17 23:14:20 +01:00
047-inventory-foundations-nodes feat/047-inventory-foundations-nodes (#51) 2026-01-10 20:47:29 +00:00
048-backup-restore-ui-graph-safety feat/048-backup-restore-ui-graph-safety (#55) 2026-01-11 00:14:35 +00:00
049-backup-restore-job-orchestration feat(054): finalize docs — RBAC delegated group search + Restore DB-only mapping; constitution note 2026-01-17 23:14:20 +01:00
051-entra-group-directory-cache 051-entra-group-directory-cache (#57) 2026-01-11 23:24:12 +00:00
052-async-add-policies feat/052-async-add-policies (#59) 2026-01-15 22:20:16 +00:00
053-unify-runs-monitoring feat(054): finalize docs — RBAC delegated group search + Restore DB-only mapping; constitution note 2026-01-17 23:14:20 +01:00
054-unify-runs-suitewide feat(054): finalize docs — RBAC delegated group search + Restore DB-only mapping; constitution note 2026-01-17 23:14:20 +01:00
055-ops-ux-rollout feat(110): Ops-UX enterprise start/dedup standard (repo-wide) (#134) 2026-02-24 09:30:15 +00:00
056-remove-legacy-bulkops feat(ops-ux): harden run failures + retry policy 2026-01-19 19:01:36 +01:00
057-filament-v5-upgrade spec(057): refine Filament v5 upgrade spec (#69) 2026-01-21 14:12:26 +00:00
058-tenant-ui-polish 058-tenant-ui-polish (#70) 2026-01-22 00:17:23 +00:00
059-unified-badges 059-unified-badges (#71) 2026-01-22 23:44:51 +00:00
060-tag-badge-catalog feat: tag badge catalog (060) (#72) 2026-01-23 23:05:55 +00:00
061-provider-foundation feat: unify provider connection actions and notifications (#73) 2026-01-25 01:01:37 +00:00
062-tenant-rbac-v1 062-tenant-rbac-v1 (#74) 2026-01-25 15:27:39 +00:00
063-entra-signin 063-entra-signin (#76) 2026-01-27 16:38:53 +00:00
064-auth-structure feat: implement auth structure system panel (#77) 2026-01-27 21:49:18 +00:00
065-tenant-rbac-v1 065-tenant-rbac-v1 (#79) 2026-01-28 21:09:47 +00:00
066-rbac-ui-enforcement-helper spec/066-rbac-ui-enforcement-helper-v2 (#82) 2026-01-30 17:22:25 +00:00
067-rbac-troubleshooting feat: RBAC troubleshooting & tenant UI bugfix pack (spec 067) (#84) 2026-01-31 20:09:25 +00:00
070-workspace-create-membership-fix feat: workspace context enforcement (specs 070–072) (#85) 2026-02-02 10:07:41 +00:00
071-tenant-selection-workspace-scope feat: workspace context enforcement (specs 070–072) (#85) 2026-02-02 10:07:41 +00:00
072-managed-tenants-workspace-enforcement feat: workspace-first managed tenants + RBAC membership UI fixes (072) (#87) 2026-02-02 23:54:22 +00:00
073-unified-managed-tenant-onboarding-wizard 073-unified-managed-tenant-onboarding-wizard (#90) 2026-02-04 23:30:55 +00:00
074-verification-checklist feat: verification report framework (074) (#89) 2026-02-03 23:58:17 +00:00
075-verification-v1-5 Spec 075: Verification Checklist Framework V1.5 (fingerprint + acknowledgements) (#93) 2026-02-05 21:44:19 +00:00
076-permissions-enterprise-ui Spec 076: Tenant Required Permissions (enterprise remediation UX) (#92) 2026-02-05 22:08:51 +00:00
077-workspace-nav-monitoring-hub Spec 077: Workspace Global Mode + context bar redundancy cleanup (#94) 2026-02-06 22:14:53 +00:00
078-operations-tenantless-canonical Spec 078: Operations tenantless canonical detail (#95) 2026-02-07 09:07:26 +00:00
079-inventory-links-non-uuid-ids fix(spec-079): allow non-UUID ids in inventory_links (#96) 2026-02-07 09:18:00 +00:00
080-workspace-managed-tenant-admin feat(spec-080): workspace-managed tenant administration migration (#97) 2026-02-07 19:45:13 +00:00
081-provider-connection-cutover Spec 081: Provider connection cutover (#98) 2026-02-08 11:28:51 +00:00
082-action-surface-contract feat: action-surface contract inspect affordance + clickable rows (#100) 2026-02-08 20:31:36 +00:00
083-required-permissions-hardening Spec 083: Required permissions hardening (canonical /admin/tenants, DB-only, 404 semantics) (#101) 2026-02-08 23:13:25 +00:00
084-verification-surfaces-unification feat(verification): unify verification surfaces (Spec 084) (#102) 2026-02-09 11:28:09 +00:00
085-tenant-operate-hub 085-tenant-operate-hub (#103) 2026-02-11 13:02:03 +00:00
086-retire-legacy-runs-into-operation-runs 085-tenant-operate-hub (#103) 2026-02-11 13:02:03 +00:00
087-legacy-runs-removal feat(spec-087): remove legacy runs (#106) 2026-02-12 12:40:51 +00:00
088-remove-tenant-graphoptions-legacy feat(spec-088): remove tenant graphOptions legacy path (#105) 2026-02-12 10:14:44 +00:00
089-provider-connections-tenantless-ui feat(spec-089): provider connections tenantless UI (#107) 2026-02-12 16:35:13 +00:00
090-action-surface-contract-compliance feat(spec-090): action surface contract compliance (#108) 2026-02-13 01:30:22 +00:00
091-backupschedule-retention-lifecycle feat(spec-091): BackupSchedule lifecycle + create-CTA placement rule (#109) 2026-02-14 13:46:06 +00:00
092-legacy-purge-final Spec 092: Legacy Purge (runs/routes/UI/test shims) (#110) 2026-02-14 18:43:56 +00:00
093-scope-001-workspace-id-isolation SCOPE-001: DB-level workspace isolation via workspace_id (#112) 2026-02-14 22:34:02 +00:00
094-assignment-ops-observability-hardening Spec 094: Assignment ops observability hardening (#113) 2026-02-15 14:08:14 +00:00
095-graph-contracts-registry-completeness Spec 095: Graph contracts registry completeness + registry-backed call sites (#114) 2026-02-15 15:02:27 +00:00
096-ops-polish-assignment-dedupe-system-tracking Spec 096: Ops polish (assignment summaries + dedupe + reconcile tracking + seed DX) (#115) 2026-02-15 20:49:38 +00:00
097-settings-foundation Settings foundation: workspace controls (#119) 2026-02-16 01:11:24 +00:00
098-settings-slices-v1-backup-drift-ops feat: Workspace settings slices v1 (backup, drift, operations) (#120) 2026-02-16 03:18:33 +00:00
099-alerts-v1-teams-email feat(alerts): Monitoring cluster + v1 resources (spec 099) (#121) 2026-02-18 15:20:43 +00:00
100-alert-target-test-actions feat(alerts): test message + last test status + deep links (#122) 2026-02-18 23:12:38 +00:00
101-golden-master-baseline-governance-v1 Baseline governance UX polish + view Infolist (#123) 2026-02-19 23:56:09 +00:00
102-filament-5-2-1-upgrade feat: upgrade Filament to v5.2.1 (#124) 2026-02-20 12:20:42 +00:00
103-ia-scope-filter-semantics Spec 103: IA semantics (scope vs filter vs targeting) + UI polish (#126) 2026-02-21 00:28:15 +00:00
104-provider-permission-posture feat(104): Provider Permission Posture (#127) 2026-02-21 22:32:52 +00:00
105-entra-admin-roles-evidence-findings feat: Spec 105 — Entra Admin Roles Evidence + Findings (#128) 2026-02-22 02:37:36 +00:00
106-required-permissions-sidebar-context feat(106): Required Permissions sidebar stays on workspace nav (#129) 2026-02-22 02:42:44 +00:00
107-workspace-chooser fix: consolidate tenant creation + harden selection flows (#131) 2026-02-22 19:54:24 +00:00
108-provider-access-hardening feat: provider access hardening (RBAC write gate) (#132) 2026-02-23 00:49:37 +00:00
109-review-pack-export Fix Review Pack generation UX + notifications (#133) 2026-02-23 19:42:52 +00:00
110-ops-ux-enforcement feat(110): Ops-UX enterprise start/dedup standard (repo-wide) (#134) 2026-02-24 09:30:15 +00:00
111-findings-workflow-sla feat(111): findings workflow + SLA settings (#135) 2026-02-25 01:48:01 +00:00
112-list-expand-parity feat(112): LIST $expand parity + Entra principal names (#136) 2026-02-25 23:54:20 +00:00
113-platform-ops-runbooks feat(113): Platform Ops Runbooks — UX Polish (Filament-native, system theme, live scope) (#137) 2026-02-27 01:11:25 +00:00
114-system-console-control-tower feat(114): system console control tower (merged) (#139) 2026-02-28 00:15:31 +00:00
115-baseline-operability-alerts feat(115): baseline operability + alerts (#140) 2026-03-01 02:26:47 +00:00
116-baseline-drift-engine Spec 116: Baseline drift engine v1 (meta fidelity + coverage guard) (#141) 2026-03-02 22:02:58 +00:00
117-baseline-drift-engine Spec 117: Baseline Drift Engine + evidence fidelity/provenance (#142) 2026-03-03 07:23:01 +00:00
118-baseline-drift-engine Spec 118: Resumable baseline evidence capture + snapshot UX (#143) 2026-03-04 22:34:13 +00:00
119-baseline-drift-engine Spec 119: Drift cutover to Baseline Compare (golden master) (#144) 2026-03-06 14:30:49 +00:00
120-secret-redaction-integrity Spec 120: harden secret redaction integrity (#146) 2026-03-07 16:43:01 +00:00
121-workspace-switch-fix fix: route workspace switch to chooser (#147) 2026-03-08 00:58:51 +00:00
122-empty-state-consistency Spec 122: Empty state consistency pass (#148) 2026-03-08 02:17:51 +00:00
123-operations-auto-refresh Spec 123: operations auto-refresh pass (#149) 2026-03-08 11:11:26 +00:00
124-inventory-coverage-table feat: add inventory coverage interactive table (#151) 2026-03-08 18:33:00 +00:00
125-table-ux-standardization Spec 125: standardize Filament table UX (#152) 2026-03-08 22:54:56 +00:00
126-filter-ux-standardization feat: add Intune RBAC inventory and backup support (#155) 2026-03-09 10:40:51 +00:00
127-rbac-inventory-backup feat: add Intune RBAC inventory and backup support (#155) 2026-03-09 10:40:51 +00:00
128-rbac-baseline-compare feat: add Intune RBAC baseline compare support (#156) 2026-03-09 18:49:20 +00:00
129-workspace-admin-home Spec 129: add workspace admin home overview (#157) 2026-03-09 21:53:25 +00:00
130-structured-snapshot-rendering feat: add structured baseline snapshot rendering (#158) 2026-03-10 08:28:06 +00:00
131-cross-resource-navigation feat: add cross-resource navigation cohesion (#160) 2026-03-10 16:08:14 +00:00
132-guid-context-resolver feat: add resolved reference presentation layer (#161) 2026-03-10 18:52:52 +00:00
133-detail-page-template feat: standardize enterprise detail pages (#162) 2026-03-10 23:06:26 +00:00
134-audit-log-foundation feat: lay audit log foundation (#163) 2026-03-11 09:39:37 +00:00
135-canonical-tenant-context-resolution feat: canonical tenant context resolution (#164) 2026-03-11 21:24:28 +00:00
136-admin-canonical-tenant feat: complete admin canonical tenant rollout (#165) 2026-03-13 08:09:20 +00:00
137-platform-provider-identity feat: standardize platform provider identity (#166) 2026-03-13 16:29:08 +00:00
138-managed-tenant-onboarding-draft-identity feat: refine onboarding draft flow and RBAC diff UX (#171) 2026-03-14 20:09:54 +00:00
139-verify-access-permissions-assist feat: add verify access required permissions assist (#168) 2026-03-14 02:00:28 +00:00
140-onboarding-lifecycle-operation-checkpoints-concurrency-mvp feat: add onboarding lifecycle checkpoints and locking (#169) 2026-03-14 11:02:29 +00:00
141-shared-diff-presentation-foundation feat: add shared diff presentation foundation (#170) 2026-03-14 12:32:08 +00:00
142-rbac-role-definition-diff-ux-upgrade feat: refine onboarding draft flow and RBAC diff UX (#171) 2026-03-14 20:09:54 +00:00
143-tenant-lifecycle-operability-context-semantics feat: implement tenant lifecycle operability semantics (#172) 2026-03-15 09:08:36 +00:00
144-canonical-operation-viewer-context-decoupling feat: harden canonical run viewer and onboarding draft state (#173) 2026-03-15 18:32:04 +00:00
145-tenant-action-taxonomy-lifecycle-safe-visibility feat: implement tenant action taxonomy lifecycle visibility (#174) 2026-03-16 00:57:17 +00:00
146-central-tenant-status-presentation feat: centralize tenant lifecycle presentation (#175) 2026-03-16 18:18:53 +00:00
147-tenant-selector-remembered-context-enforcement feat: implement spec 147 tenant context enforcement (#176) 2026-03-16 22:52:58 +00:00
148-central-tenant-operability-policy feat: central tenant operability policy (#177) 2026-03-17 11:48:55 +00:00
149-queued-execution-reauthorization feat: harden queued execution legitimacy (#179) 2026-03-17 21:52:40 +00:00
150-tenant-owned-query-canon-and-wrong-tenant-guards feat: tenant-owned query canon and wrong-tenant guards (#180) 2026-03-18 08:33:13 +00:00
151-findings-workflow-backstop feat: harden findings workflow and audit backstop (#181) 2026-03-18 12:57:23 +00:00
152-livewire-context-locking feat: harden livewire trusted state boundaries (#182) 2026-03-18 23:01:14 +00:00
153-evidence-domain-foundation feat: implement evidence domain foundation (#183) 2026-03-19 13:32:52 +00:00
154-finding-risk-acceptance feat: implement finding risk acceptance lifecycle (#184) 2026-03-20 01:07:55 +00:00
155-tenant-review-layer feat: add tenant review layer (#185) 2026-03-21 22:03:01 +00:00
900-policy-lifecycle feat/005-bulk-operations (#5) 2025-12-25 13:32:36 +00:00
999-seeder-external-id fix: Harden SyncPoliciesJob supported types handling (#75) 2026-01-26 19:23:40 +00:00
0800-future-features 046-inventory-sync-button (#47) 2026-01-09 22:15:04 +00:00
feat/700-bugfix Fix tenant dashboard 500 (missing BaselineCompareRun) (#125) 2026-02-20 21:07:34 +00:00
.gitkeep chore(specs): add baseline specs folder 2025-12-14 19:42:35 +01:00