ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/312-customer-review-workspace-v1-completion/tasks.md
ahmido bbc594efbb feat: complete customer review workspace v1 (#367) 
## Summary
- productize the customer review workspace as a workspace-wide customer-safe review hub
- add customer-safe latest review, decision summary, accepted risks, evidence basis, and review-pack presentation updates
- update localized copy, focused feature coverage, browser smoke coverage, and Spec 312 artifacts

## Testing
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Reviews/CustomerReviewWorkspacePageTest.php tests/Feature/Reviews/CustomerReviewWorkspacePackAccessTest.php tests/Browser/Reviews/CustomerReviewWorkspaceSmokeTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `git diff --check`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #367
2026-05-15 22:28:15 +00:00

174 lines
16 KiB
Markdown
Raw Permalink Blame History

# Tasks: Customer Review Workspace v1 Completion
**Input**: `specs/312-customer-review-workspace-v1-completion/spec.md`, `specs/312-customer-review-workspace-v1-completion/plan.md`
**Prerequisites**: Spec 308 and Spec 311 are completed context; do not reopen their runtime scope.
**Tests**: Required. Use Pest 4 focused Feature tests and existing bounded Browser smoke when rendered UI changes.
## Test Governance Checklist
- [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior.
- [x] New or changed tests stay in existing focused Review, EnvironmentReview, ReviewPack, and Browser families.
- [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default.
- [x] Planned validation commands cover the change without pulling unrelated suite cost.
- [x] The declared `standard-native-filament` / `shared-detail-family` / conditional `global-context-shell` profile is explicit.
- [x] Any material budget, baseline, trend, or escalation note is recorded in the active feature close-out.
## Phase 1: Setup And Repo Verification
**Purpose**: Confirm the branch, dependency specs, repo-real names, and forbidden boundaries before implementation.
- [x] T001 Confirm current branch is `312-customer-review-workspace-v1-completion`.
- [x] T002 Confirm the working tree does not contain uncommitted Spec 311 shell/sidebar/topbar files.
- [x] T003 Read `specs/312-customer-review-workspace-v1-completion/spec.md`, `plan.md`, `tasks.md`, and `checklists/requirements.md`.
- [x] T004 Read `specs/308-decision-register-summary-review-pack/spec.md`, `plan.md`, and `tasks.md` as completed context only.
- [x] T005 Read `specs/311-workspace-environment-surface-scope-contract/spec.md`, `plan.md`, and `tasks.md` as completed shell/scope dependency only.
- [x] T006 Inspect any old WIP patch or stash only selectively, and list candidate Customer Review Workspace files before applying anything.
- [x] T007 Reject any old WIP changes touching `OperateHubShell`, `TenantPageCategory`, `NavigationScope`, `WorkspaceSidebarNavigation`, sidebar composition, topbar context, or route-scope contracts.
- [x] T008 Inspect `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/Reviews/CustomerReviewWorkspace.php`.
- [x] T009 Inspect `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/resources/views/filament/pages/reviews/customer-review-workspace.blade.php`.
- [x] T010 Inspect `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Services/EnvironmentReviews/EnvironmentReviewRegisterService.php` for repo-real latest review query behavior.
- [x] T011 Inspect `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Models/EnvironmentReview.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/EnvironmentReviewStatus.php`, `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Models/ReviewPack.php`, and `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Support/ReviewPackStatus.php`.
- [x] T012 Confirm no migration, model, policy, OperationRun type, asset, package, or Review Pack generation semantics change is needed; stop and update spec/plan if false.
## Phase 2: Tests First - Workspace, Latest Review, And Filters
**Purpose**: Prove workspace-wide behavior, deterministic latest review, and filter-aware empty states before runtime changes.
- [x] T013 [US1] Extend `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Reviews/CustomerReviewWorkspacePageTest.php` to assert a latest/current released review section is visible when released reviews exist.
- [x] T014 [US1] Add deterministic latest selection coverage for `published_at desc`, repo-real timestamp fallback (`generated_at desc` unless implementation verifies another field), and `id desc` tie-breaker.
- [x] T015 [US1] Add coverage proving draft/ready/failed/internal-only reviews cannot become latest customer-visible reviews.
- [x] T016 [US4] Add filtered empty-state coverage where active `managed_environment_id` or `tenant` filter has no matching released reviews but actor-visible released reviews exist elsewhere in the workspace.
- [x] T017 [US4] Add global empty-state coverage where no actor-visible released reviews exist anywhere in the workspace.
- [x] T018 [US4] Add assertions that environment filter labels/copy describe a page-level filter and do not imply global environment context.
- [x] T019 [US4] Add assertions that query parameters do not introduce `/admin/t` links or shell/sidebar/topbar-specific customer workspace behavior.
## Phase 3: Tests First - Decision Summary, Accepted Risks, Evidence
**Purpose**: Prove customer-safe summary states and no raw leakage.
- [x] T020 [US2] Add decision summary `requires_awareness` rendered HTML assertions using existing Spec 308 `governance_package.decision_summary` content.
- [x] T021 [US2] Add decision summary `none` rendered HTML assertions proving "No decisions require awareness" is distinct from incomplete/unavailable evidence.
- [x] T022 [US2] Add decision summary `unavailable` assertions for legacy released review without Spec 308 summary content.
- [x] T023 [US2] Add decision summary `incomplete` assertions for review/evidence states where customer-safe decision evidence is incomplete.
- [x] T024 [US2] Add accepted-risk customer-safe display assertions for title/state/summary/review-due context where existing released-review truth provides it.
- [x] T025 [US2] Add accepted-risk redaction assertions proving internal workflow notes, approvers/owners when not customer-safe, raw exception payloads, and mutation controls do not appear.
- [x] T026 [US2] Add evidence basis assertions for `complete`, `no_awareness_required`, `incomplete`, `unavailable`, and `not_generated` derived display states where repo-real fixtures can support them.
- [x] T027 [US2] Add leakage assertions for raw evidence JSON, provider payload dumps, source fingerprints, internal reason-family labels, raw OperationRun URLs, storage paths, policy internals, and debug details.
## Phase 4: Tests First - Review Pack Status, Access, Links, And Actions
**Purpose**: Prove pack status mapping, CTA hierarchy, authorization preservation, and customer-safe handoffs.
- [x] T028 [US3] Extend `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Reviews/CustomerReviewWorkspacePackAccessTest.php` for ready/downloadable pack showing Available and the dominant download/open CTA when actor is authorized.
- [x] T029 [US3] Add queued/generating pack coverage mapping to Preparing.
- [x] T030 [US3] Add missing/null pack or missing-file coverage mapping to Not available yet.
- [x] T031 [US3] Add expired pack coverage mapping to Expired.
- [x] T032 [US3] Add failed/blocked/unavailable pack coverage if repo-real status exists, mapping to Unavailable.
- [x] T033 [US3] Add evidence-incomplete review/pack context coverage mapping to Evidence incomplete without changing Review Pack status truth.
- [x] T034 [US3] Add pack exists but actor lacks download capability coverage proving no download URL is rendered.
- [x] T035 [US3] Add CTA hierarchy assertions: download/open pack dominates when available and authorized, otherwise open review, filtered empty state uses clear filter.
- [x] T036 [US3] Extend `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/tests/Feature/Reviews/CustomerReviewWorkspaceLaunchLinksTest.php` for canonical environment-bound review detail handoff and preservation of `customer_workspace=1` / source context.
- [x] T037 [US3] Add no lifecycle action assertions for approve, reject, renew, revoke, close, delete, force delete, restore, rerun, generate, regenerate, and expire.
- [x] T038 [US3] Add no `/admin/t` link assertions over rendered workspace HTML and generated hrefs.
- [x] T039 [US3] Add visible-label assertions proving raw database identifiers are not used as customer-facing labels, headings, badge text, summaries, empty-state copy, or CTA text.
## Phase 5: Runtime - Page Payload And Query Behavior
**Purpose**: Implement only the minimal workspace page shaping required by the failing tests.
- [x] T040 [US1] Build or refine a private page payload in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Pages/Reviews/CustomerReviewWorkspace.php` for latest released review, decision summary, accepted risks, evidence basis, pack status, and primary CTA.
- [x] T041 [US1] Keep latest released review selection scoped to current workspace, actor-entitled environments, optional page-level environment filter, and deterministic repo-real ordering.
- [x] T042 [US4] Implement filtered empty-state distinction using scoped existence queries rather than unbounded scans.
- [x] T043 [US4] Preserve existing explicit `tenant` and `managed_environment_id` query prefilter behavior as page-level filters only.
- [x] T044 [US1] Avoid broad loading of raw evidence payloads; eager-load only existing review, evidence summary, and current pack relationships needed for display.
## Phase 6: Runtime - Customer-safe Rendering
**Purpose**: Render the customer-safe consumption surface using existing Filament/Blade conventions.
- [x] T045 [US1] Update `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/resources/views/filament/pages/reviews/customer-review-workspace.blade.php` to render the latest/current review section before the list.
- [x] T046 [US2] Render Decision Summary from existing released-review/governance-package summary content and customer-safe fallback states.
- [x] T047 [US2] Render accepted risks only from customer-safe released-review truth; do not query or display internal workflow history as customer-facing content.
- [x] T048 [US2] Render evidence basis with clear complete/no-awareness/incomplete/unavailable/not-generated states.
- [x] T049 [US3] Render review-pack availability with customer-safe state labels and explanations based on existing Review Pack truth.
- [x] T050 [US3] Render exactly one visually dominant primary CTA per current review context.
- [x] T051 [US3] Hide review-pack download/open URL when actor lacks existing capability/policy.
- [x] T052 [US4] Render filter-aware empty states with clear filter copy and a single clear-filter CTA when appropriate.
- [x] T053 [US2] Keep raw/internal/support diagnostics absent from the default workspace page.
- [x] T054 [US2] Use existing Filament/Blade visual language; do not add CSS, JS, images, icon packs, or ad-hoc styling systems.
## Phase 7: Runtime - Localization And Handoff Preservation
**Purpose**: Add minimal copy keys and preserve existing route/link contracts.
- [x] T055 Add minimal English localization keys in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/lang/en/localization.php`.
- [x] T056 Add matching German localization keys in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/lang/de/localization.php`.
- [x] T057 Preserve existing customer-safe review detail handoff query parameters in links from Customer Review Workspace.
- [x] T058 Preserve existing Review Pack download/open authorization and route behavior; do not touch generation/regeneration/expire semantics.
- [x] T059 Only if tests prove unavoidable, update `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Resources/EnvironmentReviewResource.php` for customer-safe handoff without redesigning the resource.
- [x] T060 Only if tests prove unavoidable, update `/Users/ahmeddarrazi/Documents/projects/wt-plattform/apps/platform/app/Filament/Resources/ReviewPackResource.php` for customer-safe download/open handoff without redesigning the resource.
## Phase 8: Guardrails
**Purpose**: Confirm the implementation stayed inside Spec 312.
- [x] T061 Confirm no shell/sidebar/topbar files changed: `OperateHubShell`, `TenantPageCategory`, `NavigationScope`, `WorkspaceSidebarNavigation`.
- [x] T062 Confirm no RBAC/policy files changed unless a repo-real inconsistency was documented before implementation.
- [x] T063 Confirm no migrations, tables, columns, models, OperationRun types, persisted status families, or enum/status families were added.
- [x] T064 Confirm no assets, packages, CSS, JS, images, or icon packs were added.
- [x] T065 Confirm no Review Pack generation, storage, status machine, expire/regenerate, or OperationRun lifecycle semantics changed.
- [x] T066 Confirm no operator-only actions appear on the customer-safe workspace.
- [x] T067 Confirm no pack mutation actions appear on the customer-safe workspace.
- [x] T068 Confirm no `/admin/t` links appear in rendered customer-safe workspace HTML.
- [x] T069 Confirm no raw payload, fingerprint, debug, OperationRun, storage path, policy, or provider-payload leakage appears.
- [x] T070 Confirm no cross-workspace or cross-environment data influences counts, summaries, links, or empty states.
## Phase 9: Validation
**Purpose**: Run focused lanes and record any non-run reason.
- [x] T071 Run Customer Review Workspace lane:
`cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Reviews/CustomerReviewWorkspacePageTest.php tests/Feature/Reviews/CustomerReviewWorkspaceAuthorizationTest.php tests/Feature/Reviews/CustomerReviewWorkspacePackAccessTest.php tests/Feature/Reviews/CustomerReviewWorkspaceLaunchLinksTest.php`
- [x] T072 Run Environment Review lane:
`cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/EnvironmentReview/EnvironmentReviewExecutivePackTest.php tests/Feature/EnvironmentReview/EnvironmentReviewCreationTest.php`
- [x] T073 Run Review Pack lane:
`cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ReviewPack/EnvironmentReviewDerivedReviewPackTest.php tests/Feature/ReviewPack/ReviewPackDownloadTest.php tests/Feature/ReviewPack/ReviewPackRbacTest.php`
- [x] T074 Run Spec 311 regression lane only if shell/sidebar/topbar-adjacent files were touched:
`cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/PanelNavigationSegregationTest.php tests/Feature/Workspaces/GlobalContextShellContractTest.php tests/Feature/Filament/WorkspaceContextTopbarAndTenantSelectionTest.php`
- [x] T075 Run browser smoke if available:
`cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Reviews/CustomerReviewWorkspaceSmokeTest.php`
- [x] T076 Run dirty Pint:
`cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- [x] T077 Run `git diff --check`.
## Phase 10: Close-out
**Purpose**: Record implementation evidence and non-goal confirmations.
- [x] T078 Record changed files in `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/312-customer-review-workspace-v1-completion/plan.md`.
- [x] T079 Record fulfilled acceptance criteria.
- [x] T080 Record tests run with outcomes.
- [x] T081 Record tests not run and exact reason.
- [x] T082 Record browser smoke result or non-run reason plus rendered HTML compensation.
- [x] T083 Confirm no migration, no RBAC/policy change, no asset, no OperationRun type, no new persistence/status family.
- [x] T084 Confirm no Shell/Sidebar/Topbar work.
- [x] T085 Confirm no ReviewPack generation semantics change.
- [x] T086 Record leakage guard confirmation.
- [x] T087 Record remaining gaps and follow-up candidates.
## Explicit Non-goal Checklist
- [x] No shell/sidebar/topbar work.
- [x] No `OperateHubShell`, `TenantPageCategory`, `NavigationScope`, or `WorkspaceSidebarNavigation` changes.
- [x] No RBAC or policy changes unless documented as unavoidable before implementation.
- [x] No migrations, models, tables, columns, persisted status families, or OperationRun types.
- [x] No provider connection scope hardening.
- [x] No billing/entitlement work.
- [x] No artifact lifecycle/retention work.
- [x] No AI summary generation.
- [x] No PSA/support handoff.
- [x] No broad localization adoption.
- [x] No Review Pack generation/status/storage semantics change.
- [x] No customer approval workflow.
- [x] No canonical link/query cleanup beyond preserving existing handoff.
Reference in New Issue View Git Blame Copy Permalink