ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/317-legacy-tenant-environment-context-cleanup/tasks.md
ahmido b159dacd36 feat: clean up legacy tenant environment context (#372) 
## Summary
- remove legacy tenant-scoped routing and middleware paths in favor of the current environment/workspace context flow
- update Filament pages and resources to use the cleaned-up admin surface and environment filter context
- add the related spec 317 artifacts and targeted tests for environment filter state and legacy context cleanup

## Testing
- not run as part of this commit/push/PR workflow

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #372
2026-05-16 18:25:36 +00:00

149 lines
15 KiB
Markdown
Raw Permalink Blame History

# Tasks: Legacy Tenant / Environment Context Cleanup
**Input**: [spec.md](/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/317-legacy-tenant-environment-context-cleanup/spec.md), [plan.md](/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/317-legacy-tenant-environment-context-cleanup/plan.md)
**Prerequisites**: Specs 313, 314, 315, and 316 are completed historical baseline context. Do not rewrite them as preparation artifacts.
**Important**: These tasks are for the later implementation loop. No runtime implementation was performed during preparation.
## Test Governance Checklist
- [x] Lane assignment is named and is the narrowest sufficient proof for static legacy terms, query aliases, routes, helper/API names, UI copy, and browser-visible links.
- [x] New or changed tests stay in the smallest honest family, with browser smoke explicit and limited.
- [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default; any widening is isolated or documented.
- [x] Planned validation commands cover the cleanup without pulling in unrelated lane cost.
- [x] Provider-boundary Tenant terminology is protected through an allowlist instead of blocked by naive grep.
- [x] Any material budget, baseline, trend, browser limitation, or escalation note is recorded in the active spec or implementation close-out.
## Phase 1: Guardrails and Baseline
- [x] T001 Verify the implementation starts from branch `317-legacy-tenant-environment-context-cleanup` with `git status --short --branch` and no unrelated user changes.
- [x] T002 Re-read `specs/313-workspace-environment-context-browser-verification/spec.md`, `specs/314-workspace-hub-navigation-context-contract/spec.md`, `specs/315-environment-cta-explicit-filter-contract/spec.md`, and `specs/316-workspace-hub-clear-filter-contract/spec.md` as completed historical baseline context only.
- [x] T003 Confirm Laravel/Filament/Livewire/Pest versions through Laravel Boost `application_info`.
- [x] T004 Confirm `AdminPanelProvider` and `SystemPanelProvider` remain registered through `apps/platform/bootstrap/providers.php` and no `TenantPanelProvider` is active.
- [x] T005 Confirm no migration, seeder, package, env var, queue, scheduler, storage, or deployment asset change is planned unless later inventory proves a bounded exception.
## Phase 2: Inventory and Allowlist
- [x] T006 Create `specs/317-legacy-tenant-environment-context-cleanup/legacy-inventory.md` with columns for file, symbol/method/route/label, current meaning, correct meaning, classification, action, and risk.
- [x] T007 Create `specs/317-legacy-tenant-environment-context-cleanup/tenant-usage-allowlist.md` with allowed provider-boundary examples, disallowed platform-context examples, scan paths, and review rules.
- [x] T008 Run the required Tenant/Environment search across `apps/platform/app`, `apps/platform/resources`, `apps/platform/routes`, `apps/platform/tests`, `docs`, and current/recent `specs`.
- [x] T009 Classify all high-risk occurrences of `TenantPageCategory`, `WorkspaceScopedTenantRoutes`, `CanonicalAdminTenantFilterState`, `EnsureFilamentTenantSelected`, `TenantPanelProvider`, `tenantPrefilterUrl`, `lastTenantId`, `remembered tenant`, `tenant_scope`, `tenant_id`, `managed_environment_id`, `Filament::getTenant()`, `getTenant()`, `tableFilters`, and `/admin/t`.
- [x] T010 Classify provider-boundary occurrences such as `provider_tenant_id`, `external_tenant_id`, `microsoft_tenant_id`, `entra_tenant_id`, Graph `tenantId`, and OAuth tenant authority segments as allowed provider-boundary when correct.
- [x] T011 Mark completed historical spec/doc occurrences as `allowed_historical_archived_doc` unless they are current product truth.
- [x] T012 Mark ambiguous cases as `needs_product_decision` and do not guess or implement those specific renames without a bounded decision.
## Phase 3: Tests First - Static and Contract Guards
- [x] T013 Add `it_platform_context_does_not_use_legacy_tenant_terms` in an appropriate guard test under `apps/platform/tests/Feature/Guards/` with allowlist support from the Spec 317 allowlist artifact.
- [x] T014 Add `it_workspace_hubs_do_not_accept_legacy_tenant_query_aliases` covering Operations, Governance Inbox, Decision Register, Finding Exceptions Queue, Provider Connections, Evidence, Review Register, and Customer Review Workspace.
- [x] T015 Add assertions that `tenant`, `tenant_id`, `managed_environment_id`, `tenant_scope`, `environment`, and `tableFilters` do not show an Environment chip or filter Workspace hub data without `environment_id`.
- [x] T016 Add assertions that valid `environment_id` still applies the Spec 315/316 canonical Environment filter behavior.
- [x] T017 Add `it_workspace_hubs_do_not_use_filament_tenant_or_remembered_tenant_as_scope` with static checks for `Filament::getTenant()`, `getTenant()`, `lastTenantId`, and remembered Tenant fallback in Workspace hub classes.
- [x] T018 Add `it_admin_has_no_active_legacy_tenant_panel_routes` proving no active `/admin/t` routes and no active `TenantPanelProvider` registration.
- [x] T019 Add helper/API rename coverage proving `tenantPrefilterUrl()` is gone and the Environment-named replacement is used.
- [x] T020 Add helper/class guard coverage for `TenantPageCategory`, `WorkspaceScopedTenantRoutes`, `CanonicalAdminTenantFilterState`, and `EnsureFilamentTenantSelected` once each is renamed, removed, or quarantined.
- [x] T021 Add or update rendered-view/UI copy guard `it_active_workspace_environment_ui_uses_environment_not_tenant` for active Workspace/Environment surfaces, with provider-boundary exceptions.
## Phase 4: Query and URL Cleanup
- [x] T022 Update `apps/platform/app/Support/Navigation/WorkspaceHubEnvironmentFilter.php` so only `environment_id` is a valid Environment filter source.
- [x] T023 Update `apps/platform/app/Support/Navigation/WorkspaceHubRegistry.php` and related clean URL helpers so generated Workspace hub links never emit legacy Tenant query params.
- [x] T024 Update `apps/platform/app/Support/Navigation/WorkspaceHubFilterStateResetter.php` so legacy Tenant-like keys can be cleared/neutralized but never become valid Environment filter sources.
- [x] T025 Remove Workspace hub handling for `tenant`, `tenant_id`, `managed_environment_id`, `tenant_scope`, `environment`, and `tableFilters` as Environment filter aliases.
- [x] T026 Confirm Environment-owned CTA helpers still generate `environment_id` and do not regress Spec 315 behavior.
- [x] T027 Confirm clear-filter links still remove legacy keys and do not regress Spec 316 behavior.
## Phase 5: Helper, Class, and Fallback Cleanup
- [x] T028 Rename or remove `tenantPrefilterUrl()` on `apps/platform/app/Filament/Pages/Reviews/CustomerReviewWorkspace.php` with no deprecated alias.
- [x] T029 Rename `tenantId`, `tenantLabel`, `tenantFilter`, and `tenantScope` variables/properties when they mean Managed Environment on Workspace hub code paths.
- [x] T030 Rename, remove, or explicitly quarantine `apps/platform/app/Support/Tenants/TenantPageCategory.php` based on actual responsibility after cleanup.
- [x] T031 Rename, remove, or explicitly quarantine `apps/platform/app/Filament/Concerns/WorkspaceScopedTenantRoutes.php` based on actual route responsibility after cleanup.
- [x] T032 Rename, remove, or explicitly quarantine `apps/platform/app/Support/Filament/CanonicalAdminTenantFilterState.php` based on actual table/filter responsibility after cleanup.
- [x] T033 Rename, remove, or explicitly quarantine `apps/platform/app/Support/Middleware/EnsureFilamentTenantSelected.php` based on actual Environment context responsibility after cleanup.
- [x] T034 Remove Workspace hub use of `Filament::getTenant()` or `getTenant()` as scope, fallback, query source, or shell context.
- [x] T035 Remove Workspace hub use of `lastTenantId`, remembered Tenant state, or session Tenant state as data scope or Environment fallback.
- [x] T036 Verify any remaining `lastEnvironmentId` behavior is switcher convenience only and cannot affect Workspace hub URLs, filters, queries, authorization, or shell context.
## Phase 6: Route and Provider Boundary Cleanup
- [x] T037 Inspect `apps/platform/routes/web.php` and remove or neutralize active `/admin/t` route assumptions where they remain product-facing.
- [x] T038 Inspect `apps/platform/app/Providers/Filament/AdminPanelProvider.php` for Tenant page category, context, render hook, or navigation assumptions and rename/remove them.
- [x] T039 Inspect `apps/platform/app/Support/ManagedEnvironmentLinks.php` and `apps/platform/app/Support/Operations/OperationRunLinks.php` for generated legacy Tenant query params or route helpers.
- [x] T040 Inspect Provider Connections surfaces and preserve only provider-boundary Tenant labels such as Microsoft Tenant, Entra Tenant, and Provider Tenant ID.
- [x] T041 Confirm provider external tenant identifiers are never used as Workspace hub `environment_id` substitutes.
## Phase 7: Active UI Copy Cleanup
- [x] T042 Update Workspace Overview active copy and links so Tenant wording is not used for Managed Environment context.
- [x] T043 Update Environment Dashboard active copy, CTAs, and provider readiness snippets so Environment and Provider Tenant terms are distinct.
- [x] T044 Update Operations active copy, chips, filters, and empty states where Tenant wording means Environment.
- [x] T045 Update Governance Inbox, Decision Register, and Finding Exceptions Queue active copy where Tenant wording means Environment.
- [x] T046 Update Provider Connections active copy so provider-boundary Tenant terminology is explicit and Environment filters use Environment wording.
- [x] T047 Update Evidence, Reviews, Customer Reviews, Provider Readiness, and Required Permissions active copy where Tenant wording means Environment.
## Phase 8: Docs and Current Spec Truth Cleanup
- [x] T048 Update `docs/product/spec-candidates.md` current queue/follow-up wording so it reflects Workspace-first / Environment-second platform context and the selected Spec 317 numbering.
- [x] T049 Update `docs/product/roadmap.md` only where current product truth or numbering notes conflict with Spec 317; leave strategic historical context intact when not current truth.
- [x] T050 Update relevant current docs under `docs/product`, `docs/ui`, `docs/architecture-guidelines.md`, `docs/filament-guidelines.md`, and `docs/testing-guidelines.md` only where they describe Tenant as platform context.
- [x] T051 Do not rewrite completed Specs 313-316 except for an explicit current-truth note if implementation proves they are used as current docs rather than history.
- [x] T052 Document any intentionally quarantined legacy names in `legacy-inventory.md` with reason, risk, and follow-up.
## Phase 9: Regression Safety
- [x] T053 Re-run or update Spec 314 regression coverage proving sidebar/global Workspace hub entry remains clean and workspace-wide.
- [x] T054 Re-run or update Spec 315 regression coverage proving Environment-owned CTAs use `environment_id`, visible chip renders when filtered, legacy params remain invalid, and cross-workspace IDs are rejected.
- [x] T055 Re-run or update Spec 316 regression coverage proving clear removes URL/page/table/session state and does not restore stale Environment filters.
- [x] T056 Confirm no globally searchable resource behavior changed; if a Resource is touched, verify it has Edit/View page or global search disabled.
- [x] T057 Confirm no destructive action behavior changed; if a touched surface has destructive actions, verify `->action(...)`, `->requiresConfirmation()`, authorization, and audit behavior remain intact.
- [x] T058 Confirm no Graph calls, OperationRun lifecycle behavior, queue behavior, scheduler behavior, env var, storage, or asset registration changed.
## Phase 10: Browser Verification
- [x] T059 Start the local platform stack using Sail or the repo's platform dev command.
- [x] T060 Resolve the absolute local app URL using Laravel Boost `get_absolute_url`.
- [x] T061 Browser smoke Workspace Overview, Environment Dashboard, Operations, Governance Inbox, Decision Register, Finding Exceptions Queue, Provider Connections, Evidence, Reviews, Customer Reviews, Provider Readiness, and Required Permissions.
- [x] T062 Verify active platform UI does not say Tenant when it means Environment.
- [x] T063 Verify provider-specific details may still say Microsoft Tenant, Entra Tenant, or Provider Tenant ID only where provider-owned.
- [x] T064 Verify sidebar/global clean entry still works and no old query params appear in generated links.
- [x] T065 Verify Environment CTA filtered entry still uses `environment_id`.
- [x] T066 Verify clear filter still returns to clean Workspace hub state.
- [x] T067 Verify no `/admin/t` route appears in active navigation or generated links.
- [x] T068 Save screenshots where useful under `specs/317-legacy-tenant-environment-context-cleanup/artifacts/screenshots/`.
## Phase 11: Final Validation and Report
- [x] T069 Run focused Spec 317 Pest guard/contract tests.
- [x] T070 Run existing related Spec 314, Spec 315, and Spec 316 regression tests.
- [x] T071 Run formatting/static checks expected by touched files, including Pint if PHP files changed.
- [x] T072 Run `git diff --check`.
- [x] T073 Prepare the final implementation report with changed behavior, legacy cleanup summary, provider-boundary Tenant usages kept, removed/renamed legacy platform usages, files changed, tests, browser verification, known issues, and Spec 318 follow-up.
- [x] T074 Confirm the final report lists paths to `legacy-inventory.md` and `tenant-usage-allowlist.md`, renamed classes/helpers, removed query handlers, UI copy changes, docs/spec artifacts updated, and quarantined names with reasons.
- [x] T075 Confirm the final report states no backwards compatibility layer was introduced, no legacy query alias support was preserved, and no provider-boundary Tenant concepts were incorrectly removed.
## Explicit Non-Tasks
- [x] NT001 Do not implement durable browser no-drift infrastructure; leave to Spec 318.
- [x] NT002 Do not add compatibility redirects, dual-param support, alias readers, or adapter layers.
- [x] NT003 Do not perform broad cosmetic database renames.
- [x] NT004 Do not remove provider-boundary Microsoft/Entra/provider Tenant terminology.
- [x] NT005 Do not add Environment CTA support to pages excluded from Specs 315/316.
- [x] NT006 Do not rewrite completed historical specs or implementation close-out evidence.
- [x] NT007 Do not create migrations, seeders, packages, env vars, queues, scheduler changes, storage changes, or asset registration unless a bounded implementation finding explicitly requires and documents the exception.
## Dependencies
- T001-T005 block all runtime work.
- T006-T012 block cleanup edits.
- T013-T021 should be added before or alongside the corresponding cleanup changes.
- T022-T041 can proceed after inventory classifications are complete.
- T042-T052 can proceed after UI/docs inventory classification.
- T053-T058 run after code/test cleanup.
- T059-T068 run after local validation is green enough for browser smoke.
- T069-T075 close the implementation.
## Suggested MVP Scope
Complete Phases 1-5 plus focused guards first. That proves the core hard-cut cleanup: inventory, allowlist, canonical `environment_id`, no helper aliases, and no Workspace hub Tenant fallback. UI/docs/browser phases then verify and close the visible product-truth layer.
Reference in New Issue View Git Blame Copy Permalink