ahmido
83ab4690d5
## Summary - stabilize the active spec 293 post-cutover suite baseline around the current admin-panel and workspace-first runtime - align operations, provider, required-permissions, and action-surface expectations to canonical workspace-aware routes - add the monitoring operations workspace-membership guard and update the spec 293 classification artifacts - include the browser smoke screenshots captured during verification ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/PanelNavigationSegregationTest.php tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/OpsUx/CanonicalViewRunLinksTest.php tests/Feature/OpsUx/OperateHubShellTest.php tests/Feature/OpsUx/FailureSanitizationTest.php tests/Feature/OpsUx/NonLeakageWorkspaceOperationsTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php tests/Feature/ProviderConnections/NavigationPlacementTest.php tests/Feature/ProviderConnections/ProviderConnectionListAuthorizationTest.php tests/Feature/Verification/VerificationAuthorizationTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/Spec288NoLegacyRouteAndHelperGuardTest.php tests/Feature/Guards/Spec288ProviderCoreAndRoleAuthorityGuardTest.php tests/Feature/Guards/AdminWorkspaceRoutesGuardTest.php tests/Feature/Guards/ProviderBoundaryPlatformCoreGuardTest.php tests/Feature/ProviderConnections/LegacyRedirectTest.php tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/Spec080WorkspaceManagedTenantAdminMigrationTest.php tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php tests/Feature/Guards/BrowserLaneIsolationTest.php tests/Feature/Guards/CiLaneFailureClassificationContractTest.php tests/Feature/Guards/CiHeavyBrowserWorkflowContractTest.php tests/Unit/Auth/NoRoleStringChecksTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php tests/Browser/Spec285WorkspaceRbacEnvironmentAccessSmokeTest.php` - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` ## Notes - remaining provider/verification failures are classified in `specs/293-post-cutover-suite-stabilization/failure-classification.md` as unrelated existing debt and are not folded into this slice Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #348
248 lines
30 KiB
Markdown
248 lines
30 KiB
Markdown
---
|
|
description: "Task list for Post-Cutover Suite Stabilization & Baseline Reconciliation"
|
|
---
|
|
|
|
# Tasks: Post-Cutover Suite Stabilization & Baseline Reconciliation
|
|
|
|
**Input**: Design documents from `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/`
|
|
**Prerequisites**: `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/plan.md` (required), `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/spec.md` (required), `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/checklists/requirements.md` (required), `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/research.md`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/data-model.md`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/quickstart.md`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md`
|
|
|
|
**Review Artifact**: `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/checklists/requirements.md` is the outcome-of-record for the review outcome class, workflow outcome, and test-governance outcome. `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md` is the implementation-tracking artifact for initial baseline classification and any remaining unrelated or flaky debt. If implementation expands into Package Execution, Guided Operations, UI expansion, legacy-route restoration, TenantPanel reactivation, broad refactors, or unrelated suite cleanup, update the review artifact before continuing and stop when the work no longer fits `293`.
|
|
|
|
**Tests**: Required (Pest) for test, helper, and any minimal runtime-fix work. Keep proof bounded to initial classification, targeted `Feature` and `Browser` reruns, the existing Spec `288` proof pack, broad confidence reruns, and formatting.
|
|
**Operations**: No new `OperationRun`, queue family, remote workflow, or notification policy is introduced. `293` may touch current operations link helpers only to stabilize workspace-aware route truth on the existing runtime path.
|
|
**RBAC**: Reuse the workspace-first access contract from Spec `285`; do not add a new role family, raw capability strings, or a second role-bearing access overlay.
|
|
**Shared Pattern Reuse**: Reuse `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Filament/PanelNavigationSegregationTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Guards/ActionSurfaceContractTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/CanonicalViewRunLinksTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/OperateHubShellTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/FailureSanitizationTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/NonLeakageWorkspaceOperationsTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/TenantSyncBulkJobTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/ProviderConnections/`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Verification/`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Rbac/BackupItemsRelationManagerUiEnforcementTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Browser/Spec285WorkspaceRbacEnvironmentAccessSmokeTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/OperationRunLinks.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/OperateHub/OperateHubShell.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Concerns/WorkspaceScopedTenantRoutes.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Providers/Filament/AdminPanelProvider.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantDashboard.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantRequiredPermissions.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Resources/TenantResource.php`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Pest.php`. Do not introduce a new stabilization subsystem, a new browser family, or a permanent full-suite wrapper under this spec.
|
|
**Filament / Panel Guardrails**: Filament remains v5 on Livewire v4. Provider registration remains unchanged in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/bootstrap/providers.php`. No new panel, no new globally-searchable resource, and no asset-strategy change are allowed in this slice.
|
|
**Organization**: Tasks are grouped by baseline classification, retired panel or route cleanup, workspace-aware operations route cleanup, legacy required-permissions/provider-connection cleanup, bounded action-surface rebaseline, and final regression proof.
|
|
**Review Outcome**: `acceptable-special-case`
|
|
**Workflow Outcome**: `keep`
|
|
**Test-governance Outcome**: `keep`
|
|
|
|
## Test Governance Checklist
|
|
|
|
- [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior.
|
|
- [x] Failure classification uses the pinned categories: `cutover-baseline-debt`, `cutover-runtime-regression`, `unrelated-existing-debt`, `flaky-or-environment`, and `resolved-or-not-needed`.
|
|
- [x] New or changed tests stay in existing targeted feature or browser families and do not create a new stabilization subsystem.
|
|
- [x] Shared helpers, fixtures, and context bootstrapping stay explicit and cheap by default.
|
|
- [x] Planned validation commands cover the changed seams without turning `293` into a permanent fix-all suite lane.
|
|
- [x] Surface test profile stays explicit: `standard-native-filament`, `global-context-shell`, and `browser-smoke`.
|
|
|
|
## Phase 1: Setup (Shared Context)
|
|
|
|
**Purpose**: Lock the stabilization role, exact failure categories, exact seam inventory, and validation scope before any implementation work begins.
|
|
|
|
- [x] T001 Review `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/spec.md`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/plan.md`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/checklists/requirements.md` to confirm the package remains a shared stabilization slice only
|
|
- [x] T002 [P] Review `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/research.md`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/data-model.md`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/quickstart.md`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md`, then confirm together with `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/checklists/requirements.md` that the same failure-category names and stabilization seams are pinned across the full package and that `data-model.md` plus `failure-classification.md` remain the authoritative source for category meanings
|
|
- [x] T003 [P] Confirm the focused Sail/Pest validation commands and repo-real anchor files named in this package across `apps/platform/tests/Feature/`, `apps/platform/tests/Browser/`, `apps/platform/app/`, and `scripts/`
|
|
|
|
---
|
|
|
|
## Phase 2: User Story 1 - Classify Remaining Cutover Failures First (Priority: P1)
|
|
|
|
**Goal**: Establish the initial suite baseline and classify every relevant failure before any fix work begins.
|
|
|
|
**Independent Test**: run the initial full suite or fallback lane split, record the resulting groups in `failure-classification.md`, and prove every in-scope failure is assigned to one pinned category before later stories begin.
|
|
|
|
- [ ] T004 [US1] Run the initial baseline commands `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && git status --short --branch`, `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && git diff --stat`, and `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && (cd apps/platform && ./vendor/bin/sail artisan test --compact)` and record the observed groups in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md`
|
|
- [ ] T005 [P] [US1] If the full suite output is too noisy, run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && ./scripts/platform-test-lane heavy-governance` and `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && ./scripts/platform-test-lane confidence`, then update `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md` with the same pinned categories
|
|
- [x] T006 [P] [US1] Audit the exact `tenant_panel_baseline` and `legacy_admin_t_routes` seams across `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Filament/PanelNavigationSegregationTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Pest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Providers/Filament/AdminPanelProvider.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantDashboard.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantRequiredPermissions.php`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Resources/TenantResource.php`
|
|
- [x] T007 [P] [US1] Audit the exact `workspace_aware_operations_routes` seams across `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/CanonicalViewRunLinksTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/OperateHubShellTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/FailureSanitizationTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/NonLeakageWorkspaceOperationsTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/TenantSyncBulkJobTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/OperationRunLinks.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/OperateHub/OperateHubShell.php`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Concerns/WorkspaceScopedTenantRoutes.php`
|
|
- [x] T008 [P] [US1] Audit the exact `legacy_required_permissions_provider_connections` and `action_surface_rebaseline` seams across `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/ProviderConnections/`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Verification/`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Guards/ActionSurfaceContractTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Rbac/BackupItemsRelationManagerUiEnforcementTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantRequiredPermissions.php`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Resources/TenantResource.php`
|
|
- [x] T009 [US1] Confirm the scope boundary remains explicit: `289` untouched, `292` untouched, no Package Execution, no Guided Operations, no TenantPanel reactivation, no `/admin/t/...` restoration, and no tenant-scoped provider fallback restoration
|
|
|
|
**Checkpoint**: User Story 1 is independently functional when the initial baseline is classified and later stories can proceed without absorbing unclassified debt.
|
|
|
|
---
|
|
|
|
## Phase 3: User Story 2 - Remove Retired TenantPanel and `/admin/t/...` Baseline Assumptions (Priority: P1)
|
|
|
|
**Goal**: Make current admin-panel and workspace-aware routing the only accepted baseline for the in-scope suite surfaces.
|
|
|
|
**Independent Test**: re-run the targeted panel and legacy tenant-core proof set and prove the current baseline no longer depends on TenantPanel bootstrapping or `/admin/t/...` management paths.
|
|
|
|
### Tests for User Story 2
|
|
|
|
- Targeted rerun command: `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && (cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/PanelNavigationSegregationTest.php tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php)`
|
|
|
|
- [x] T010 [P] [US2] Extend `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Filament/PanelNavigationSegregationTest.php` and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php` so they assert the current admin-panel or workspace-aware truth and treat retired TenantPanel or `/admin/t/...` assumptions as forbidden baseline behavior
|
|
|
|
### Implementation for User Story 2
|
|
|
|
- [x] T011 [US2] Update in-scope test helpers and stale expectations in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Pest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Filament/PanelNavigationSegregationTest.php`, and any directly implicated canonical helper surface so `tenant_panel_baseline` and `legacy_admin_t_routes` debt no longer survives in the suite
|
|
- [ ] T012 [US2] If the targeted rerun proves a current primary-path regression, apply only the minimal canonical fix in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Providers/Filament/AdminPanelProvider.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantDashboard.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantRequiredPermissions.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Resources/TenantResource.php`, or `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Concerns/WorkspaceScopedTenantRoutes.php` without restoring compatibility behavior
|
|
|
|
**Checkpoint**: User Story 2 is independently functional when the in-scope suite no longer treats TenantPanel or `/admin/t/...` management routes as current runtime truth.
|
|
|
|
---
|
|
|
|
## Phase 4: User Story 3 - Make Operations Baselines Canonical (Part 1 of Spec User Story 3) (Priority: P1)
|
|
|
|
**Goal**: Make current workspace-aware operations routes the only accepted baseline in the in-scope OpsUx and action-surface tests.
|
|
|
|
**Independent Test**: re-run the targeted OpsUx proof set and prove current operations links resolve through canonical workspace-aware helpers or explicit workspace parameters.
|
|
|
|
### Tests for User Story 3 (Operations)
|
|
|
|
- Targeted rerun command: `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && (cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/OpsUx/CanonicalViewRunLinksTest.php tests/Feature/OpsUx/OperateHubShellTest.php tests/Feature/OpsUx/FailureSanitizationTest.php tests/Feature/OpsUx/NonLeakageWorkspaceOperationsTest.php)`
|
|
|
|
- [x] T013 [P] [US3] Extend `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/CanonicalViewRunLinksTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/OperateHubShellTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/FailureSanitizationTest.php`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/NonLeakageWorkspaceOperationsTest.php` so `workspace_aware_operations_routes` becomes explicit
|
|
|
|
### Implementation for User Story 3 (Operations)
|
|
|
|
- [x] T014 [US3] Update stale operations-route expectations and helper usage in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Guards/ActionSurfaceContractTest.php`, and any directly implicated canonical helper surface so the suite uses current workspace-aware link generation only
|
|
- [x] T015 [US3] If later reruns prove a current primary-path regression, apply only the minimal canonical fix in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/OperationRunLinks.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/OperateHub/OperateHubShell.php`, or `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Concerns/WorkspaceScopedTenantRoutes.php`, then update `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md` for any residual OpsUx groups such as `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/OpsUx/TenantSyncBulkJobTest.php`
|
|
|
|
**Checkpoint**: the operations half of User Story 3 is independently functional when in-scope operations links are workspace-aware and any remaining unrelated OpsUx debt is documented explicitly.
|
|
|
|
---
|
|
|
|
## Phase 5: User Story 3 - Make Legacy Required-Permissions and Provider-Connection Expectations Canonical (Part 2 of Spec User Story 3) (Priority: P1)
|
|
|
|
**Goal**: Make current canonical provider-connection and required-permissions routes the only accepted baseline in the in-scope provider and verification tests.
|
|
|
|
**Independent Test**: re-run the targeted ProviderConnections and Verification proof set and prove those tests no longer treat tenant-scoped legacy routes as canonical runtime truth.
|
|
|
|
### Tests for User Story 3
|
|
|
|
- Targeted rerun command: `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && (cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections tests/Feature/Verification)`
|
|
|
|
- [x] T016 [P] [US3] Extend the affected files under `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/ProviderConnections/` and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Verification/` so `legacy_required_permissions_provider_connections` becomes explicit and current canonical routes become the only accepted baseline
|
|
|
|
### Implementation for User Story 3
|
|
|
|
- [x] T017 [US3] Update stale provider-connection and required-permissions expectations in the in-scope tests and any directly implicated canonical helper or page surface so tenant-scoped legacy URLs no longer appear as accepted runtime truth
|
|
- [x] T018 [US3] If a current primary-path regression is proven later, apply only the minimal canonical fix in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/TenantRequiredPermissions.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Resources/TenantResource.php`, or `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Providers/Filament/AdminPanelProvider.php` without reintroducing tenant-scoped fallback routes
|
|
|
|
**Checkpoint**: User Story 3 is independently functional when the provider and verification baseline reflects only current canonical routes.
|
|
|
|
---
|
|
|
|
## Phase 6: User Story 4 - Perform a Bounded Action-Surface Rebaseline (Priority: P2)
|
|
|
|
**Goal**: Align stale cutover-era action expectations without turning `293` into a product redesign or unrelated debt cleanup.
|
|
|
|
**Independent Test**: re-run the action-surface and adjacent RBAC or Filament proof set and prove only cutover-stale expectations changed.
|
|
|
|
### Tests for User Story 4
|
|
|
|
- Targeted rerun command: `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && (cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php tests/Feature/Rbac/BackupItemsRelationManagerUiEnforcementTest.php)`
|
|
|
|
- [ ] T019 [P] [US4] Extend `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Guards/ActionSurfaceContractTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Rbac/BackupItemsRelationManagerUiEnforcementTest.php` so `action_surface_rebaseline` expectations are explicit
|
|
|
|
### Implementation for User Story 4
|
|
|
|
- [x] T020 [US4] Update stale action-surface expectations only where they are directly invalidated by workspace-first routing, managed-environment role authority, or TenantPanel removal; do not add or redesign product actions to satisfy old tests
|
|
- [x] T021 [US4] Reclassify any residual mismatch in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Rbac/BackupItemsRelationManagerUiEnforcementTest.php` or adjacent action-surface files inside `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md` when the mismatch proves unrelated to the cutover
|
|
|
|
**Checkpoint**: User Story 4 is independently functional when cutover-stale action-surface expectations are aligned and unrelated mismatches stay documented instead of absorbed.
|
|
|
|
---
|
|
|
|
## Phase 7: Polish & Cross-Cutting Validation
|
|
|
|
**Purpose**: Re-run the enforcement proof pack, browser anchors, broad confidence checks, formatting, and final classification review.
|
|
|
|
- [x] T022 Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/Spec288NoLegacyRouteAndHelperGuardTest.php tests/Feature/Guards/Spec288ProviderCoreAndRoleAuthorityGuardTest.php tests/Feature/Guards/AdminWorkspaceRoutesGuardTest.php tests/Feature/Guards/ProviderBoundaryPlatformCoreGuardTest.php tests/Feature/ProviderConnections/LegacyRedirectTest.php tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/Spec080WorkspaceManagedTenantAdminMigrationTest.php tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php tests/Feature/Guards/BrowserLaneIsolationTest.php tests/Feature/Guards/CiLaneFailureClassificationContractTest.php tests/Feature/Guards/CiHeavyBrowserWorkflowContractTest.php tests/Unit/Auth/NoRoleStringChecksTest.php)` exactly as recorded in `spec.md`, `plan.md`, and `quickstart.md`
|
|
- [x] T023 Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail artisan test --compact tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php tests/Browser/Spec285WorkspaceRbacEnvironmentAccessSmokeTest.php)` exactly as recorded in `spec.md`, `plan.md`, and `quickstart.md`
|
|
- [ ] T024 Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && (cd apps/platform && ./vendor/bin/sail artisan test --compact)` and, if the output is too noisy or slow to classify accurately, rerun `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && ./scripts/platform-test-lane heavy-governance` plus `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && ./scripts/platform-test-lane confidence`, then update `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md`
|
|
- [x] T025 Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && (cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent)`
|
|
- [x] T026 Review the touched tests, helper seams, browser anchors, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/293-post-cutover-suite-stabilization/failure-classification.md` to confirm Filament remains on Livewire v4, provider registration still lives in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/bootstrap/providers.php`, the Spec `288` proof pack remains green, `289` remains untouched, `292` remains untouched, no legacy runtime behavior was restored, and every remaining relevant failure is classified explicitly
|
|
|
|
---
|
|
|
|
## Dependencies & Execution Order
|
|
|
|
### Phase Dependencies
|
|
|
|
- **Phase 1 (Setup)**: no dependencies; start immediately.
|
|
- **Phase 2 (US1)**: depends on Phase 1 and blocks all later story work until the baseline is classified and the exact stabilization inventory is fixed.
|
|
- **Phase 3 (US2)**: depends on Phase 2 and delivers the first independent cutover-baseline stabilization slice after classification.
|
|
- **Phase 4 (US3 part 1)**: depends on Phase 2 and should follow US2 so panel and route truth settles before operations links are rebaselined broadly.
|
|
- **Phase 5 (US3 part 2)**: depends on Phases 2 through 4 because provider and required-permissions expectations should consume the final route and operations baseline.
|
|
- **Phase 6 (US4)**: depends on Phases 3 through 5 because action-surface expectations should be judged against the final canonical route and role-authority truth.
|
|
- **Phase 7 (Polish)**: depends on all implemented stories.
|
|
|
|
### User Story Dependencies
|
|
|
|
- **US1 (P1)**: the initial classification story delivered in Phase 2.
|
|
- **US2 (P1)**: independently testable after US1 because retired panel and route cleanup should only start after classification.
|
|
- **US3 (P1)**: delivered across Phases 4 and 5, with operations and provider or required-permissions canonicalization treated as one combined spec story.
|
|
- **US4 (P2)**: independently testable after Phases 3 through 5 because action-surface expectations should consume the final route and access baseline rather than a moving target.
|
|
|
|
### Within Each User Story
|
|
|
|
- Classify and expose the current drift first when the story touches a new failing group.
|
|
- Update tests and helper expectations before applying any runtime fix.
|
|
- Apply a runtime fix only when a current workspace-first primary path is demonstrably broken.
|
|
- Re-run the narrowest relevant proof set and update `failure-classification.md` before moving on.
|
|
|
|
---
|
|
|
|
## Parallel Execution Examples
|
|
|
|
### Phase 1
|
|
|
|
- T002 and T003 can run in parallel after T001 confirms the bounded stabilization role.
|
|
|
|
### Phase 2
|
|
|
|
- T005, T006, T007, and T008 can run in parallel because they inspect different seam families after T004 records the initial baseline.
|
|
|
|
### User Story 2
|
|
|
|
- T010 can run while T011 is being prepared, but any runtime fix in T012 must wait until the targeted rerun proves a primary-path regression.
|
|
|
|
### User Story 3 (Operations)
|
|
|
|
- T013 can run while helper candidates are reviewed, but T014 and T015 should land together because they define one canonical operations-link baseline.
|
|
|
|
### User Story 3 (Provider / Permissions)
|
|
|
|
- T016 can run in parallel across `ProviderConnections` and `Verification` once the shared route baseline is clear.
|
|
|
|
### User Story 4
|
|
|
|
- T019 can run while residual mismatches are being classified, but T020 and T021 should land together so action-surface rebaseline and debt classification stay synchronized.
|
|
|
|
---
|
|
|
|
## Implementation Strategy
|
|
|
|
### Suggested MVP Scope
|
|
|
|
- MVP = **Phase 2 + US2 + Phase 4** as an intermediate delivery checkpoint only. The package starts delivering value once failures are classified and the suite stops relying on retired panel and workspace-unaware operations assumptions, but spec-complete close-out still requires the provider or permissions half of US3, US4, and Phase 7 validation.
|
|
|
|
### Incremental Delivery
|
|
|
|
1. Complete Phase 1 and Phase 2.
|
|
2. Deliver US2 and validate retired panel or route cleanup.
|
|
3. Deliver the operations half of US3 and validate workspace-aware operations routes.
|
|
4. Deliver the provider or required-permissions half of US3 and validate canonical routes.
|
|
5. Deliver US4 and validate bounded action-surface rebaseline.
|
|
6. Finish with Phase 7 proof-pack, browser, broad confidence, formatting, and classification review.
|
|
|
|
### Team Strategy
|
|
|
|
1. Keep `289` untouched.
|
|
2. Keep `292` untouched.
|
|
3. Land baseline classification before any fix PR merges so later reviewers can tell which failures are still cutover-owned.
|
|
4. Serialize merges around `tests/Pest.php`, `ActionSurfaceContractTest.php`, `OperationRunLinks.php`, `OperateHubShell.php`, and the browser anchors because those are likely conflict hotspots.
|
|
|
|
---
|
|
|
|
## Explicit Follow-Ups / Out of Scope
|
|
|
|
- Package Execution
|
|
- Guided Operations
|
|
- Microsoft Starter Pack
|
|
- Virtual Consultant
|
|
- new product features
|
|
- new UI surfaces
|
|
- UI polish
|
|
- broad refactors
|
|
- reactivation of TenantPanel
|
|
- reactivation of `/admin/t/...`
|
|
- reactivation of tenant-scoped required-permissions fallback routes
|
|
- reactivation of tenant-scoped provider-connection fallback routes
|
|
- unrelated full-suite cleanup not tied to the cutover |