ahmido
ec4ff1074c
## Summary - add the Spec 322 artifact set for the browser no-drift regression guard - add Feature navigation guards for admin surface scope, environment CTA URLs, and legacy alias rejection - add Browser smoke coverage for workspace hubs, environment-owned surfaces, workspace-owned analysis surfaces, and alerts/audit flows - add the Spec 322 browser support harness used by the new smoke coverage ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test tests/Feature/Navigation/Spec322AdminSurfaceScopeContractTest.php tests/Feature/Navigation/Spec322LegacyQueryAliasGuardTest.php tests/Feature/Navigation/Spec322EnvironmentCtaUrlContractTest.php --compact` - `cd apps/platform && ./vendor/bin/sail artisan test tests/Browser/Spec322WorkspaceHubNoDriftSmokeTest.php tests/Browser/Spec322EnvironmentOwnedSurfaceSmokeTest.php tests/Browser/Spec322WorkspaceOwnedAnalysisSmokeTest.php tests/Browser/Spec322AlertsAuditNoDriftSmokeTest.php --compact` - `cd apps/platform && ./vendor/bin/sail pint --dirty` - `git diff --check` ## Notes - a broader filtered regression run still reports existing Baseline Compare feature-test failures outside this diff Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #379
9.9 KiB
9.9 KiB
Spec 322 Coverage Manifest
This manifest is the review surface for durable Workspace / Environment no-drift coverage.
Coverage statuses:
existing: already covered by a related test before Spec 322.spec322: covered by the Spec 322 implementation.spec322-partial: partially covered by Spec 322 browser coverage with deterministic Feature/static fallback.gap: browser coverage is blocked or intentionally excluded; notes must explain the deterministic fallback.
Spec 322 browser fixture boundary: browser tests create one workspace, two active Managed Environments, one user with workspace/environment membership, and only the records needed to prove visible/hidden scope across operations, provider connections, evidence, alerts, audit log, governance, reviews, baselines, findings, and settings. Exhaustive surface permutations stay in Feature/static guards.
| Surface | Classification | Clean URL | Filtered URL supported? | Environment route required? | Clear supported? | Browser covered? | Feature covered? | Notes |
|---|---|---|---|---|---|---|---|---|
| Operations | workspace_hub | /admin/workspaces/{workspace}/operations |
yes | no | yes | spec322-partial | spec322 | Spec322 browser covers clean entry/reload; filtered clear/history remains covered by existing Spec316 browser and Spec322 Feature guards. |
| Governance Inbox | workspace_hub | /admin/governance/inbox |
yes | no | yes | spec322-partial | spec322 | Spec322 browser covers clean entry/reload; existing Spec314/316 browser plus Spec322 Feature guards cover filtered permutations. |
| Decision Register | workspace_hub | /admin/governance/decisions |
yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 Feature guards include classification and URL contracts. |
| Finding Exceptions Queue | workspace_hub | /admin/finding-exceptions/queue |
yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 representative legacy alias browser guard includes this surface. |
| Provider Connections | workspace_hub | /admin/provider-connections |
yes | no | yes | spec322 | spec322 | Spec322 browser covers clean, filtered chip, clear, reload, back/forward, and representative legacy alias behavior. |
| Evidence Overview | workspace_hub | /admin/evidence/overview |
yes | no | yes | spec322 | spec322 | Spec322 browser covers clean, filtered chip, clear, reload, and back/forward behavior. |
| Reviews | workspace_hub | /admin/reviews |
yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 Feature guards include classification and URL contracts. |
| Customer Reviews | workspace_hub | /admin/reviews/workspace |
yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 Feature guards include classification and URL contracts. |
| Alert Deliveries | workspace_hub | /admin/alerts/alert-deliveries |
yes | no | yes | spec322 | spec322 | Spec322 browser covers filtered chip, clear, reload, and back/forward alignment. |
| Audit Log | workspace_hub | /admin/audit-log |
yes | no | yes | spec322-partial | spec322 | Spec322 browser covers filtered and clean/reload shell state; clear/back-forward remains covered by Spec321/Spec322 Feature guards because browser click timing was unstable on this page. |
| Alerts Overview | workspace_hub | /admin/alerts |
yes | no | yes | spec322-partial | spec322 | Spec322 browser covers clean and filtered shell state; clear contract remains covered by Spec321/Spec322 Feature guards. |
| Environment Dashboard | environment_owned_page | /admin/workspaces/{workspace}/environments/{environment} |
no | yes | no | spec322 | spec322 | Browser covers Environment-owned route/shell and reload. |
| Baseline Compare | environment_owned_page | /admin/workspaces/{workspace}/environments/{environment}/baseline-compare |
no | yes | no | spec322 | spec322 | Browser covers Environment-owned route/shell, reload, and old workspace-style invalid access. |
| Required Permissions | environment_owned_page | /admin/workspaces/{workspace}/environments/{environment}/required-permissions |
no | yes | no | spec322 | spec322 | Browser covers route/shell and reload; Feature guards cover URL contract. |
| Provider Readiness / Onboarding Readiness | environment_owned_page | Environment Dashboard readiness section | no | yes | no | spec322-partial | spec322 | No separate route was confirmed; Environment Dashboard browser smoke and Feature URL/scope guards are the deterministic fallback. |
| Inventory / Inventory Coverage | environment_owned_page | /admin/workspaces/{workspace}/environments/{environment}/inventory and /admin/workspaces/{workspace}/environments/{environment}/inventory/inventory-coverage |
no | yes | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature URL/scope guards cover the route contract. |
| Environment Diagnostics | environment_owned_page | /admin/workspaces/{workspace}/environments/{environment}/diagnostics |
no | yes | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature URL/scope guards cover the route contract. |
| Baseline Profiles | workspace_owned_analysis_surface | /admin/baseline-profiles |
no unless explicitly supported | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
| Baseline Snapshots | workspace_owned_analysis_surface | /admin/baseline-snapshots |
no unless explicitly supported | no | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature classification and clean URL guards cover the contract. |
| My Findings | workspace_owned_analysis_surface | /admin/findings/my-work |
no unless explicitly supported | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
| Findings Intake | workspace_owned_analysis_surface | /admin/findings/intake |
no unless explicitly supported | no | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature classification and clean URL guards cover the contract. |
| Findings Hygiene | workspace_owned_analysis_surface | /admin/findings/hygiene |
no unless explicitly supported | no | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature classification and clean URL guards cover the contract. |
| Cross-environment Compare | workspace_owned_analysis_surface | /admin/cross-environment-compare |
no unless explicitly supported | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
| Alert Rules | workspace_configuration_surface | /admin/alerts/alert-rules |
no | no | no | spec322 | spec322 | Browser covers stray environment_id rejection with no chip/shell. |
| Alert Destinations | workspace_configuration_surface | /admin/alerts/alert-destinations |
no | no | no | spec322 | spec322 | Browser covers stray environment_id rejection with no chip/shell. |
| Workspace Settings | workspace_configuration_surface | /admin/settings/workspace |
no | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
/admin/t legacy routes |
out_of_scope | N/A | no | no | no | not applicable | spec322 | Spec322 Feature guard verifies no active legacy routes or TenantPanelProvider. |
| TenantPanelProvider | out_of_scope | N/A | no | no | no | not applicable | spec322 | Spec322 Feature guard verifies no runtime tenant panel registration or provider file. |
| Provider-boundary Tenant terminology | out_of_scope | N/A | no | no | no | not applicable | spec322 | Spec322 Feature guard checks retired platform-context Tenant terminology does not return outside allowed provider-boundary contexts. |
Optional Surfaces
| Surface | Classification | Clean URL | Filtered URL supported? | Environment route required? | Clear supported? | Browser covered? | Feature covered? | Notes |
|---|---|---|---|---|---|---|---|---|
| Notification Routing | workspace_configuration_surface | Not confirmed in Spec 322 prep | no unless explicitly supported | no | no | gap | gap | Optional; excluded until route/surface is confirmed. |
| Operational Controls | workspace_configuration_surface | Not confirmed in Spec 322 prep | no unless explicitly supported | no | no | gap | gap | Optional; excluded until route/surface is confirmed. |
| Customer Health | workspace_hub | Not confirmed in Spec 322 prep | not confirmed | no | not confirmed | gap | gap | Optional; not part of required Spec 322 surface list. |
| Stored Reports | environment_owned_page or workspace_hub depending route | Not confirmed in Spec 322 prep | not confirmed | route-specific | not confirmed | gap | existing | Existing environment route exclusions exist; not required for Spec 322 unless implementation discovers current drift. |
| Support Requests | out_of_scope | Not confirmed in Spec 322 prep | no | no | no | gap | existing | Modal/action support surface, not a primary no-drift browser target. |
| Review Packs / Exports | out_of_scope | Not confirmed in Spec 322 prep | no | route-specific | no | gap | existing | Artifact/download flows remain outside this guard unless linked from required surfaces. |
| Control Catalog | workspace_configuration_surface | Not confirmed in Spec 322 prep | no | no | no | gap | gap | Optional and excluded pending route/surface confirmation. |
Required Gap Handling
If any planned browser coverage cannot be executed because of local browser profile lock, unavailable fixture, route unreachability, missing seeded data, or external process conflict:
- Keep or add deterministic Feature/Unit coverage for the same product contract.
- Mark the row
gaporspec322-partialwith exact reason. - Do not claim full browser coverage for that surface.
- Include the blocker in the final implementation report.