ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/322-browser-no-drift-regression-guard/coverage-manifest.md
ahmido ec4ff1074c Spec 322: add browser no-drift regression guards (#379) 
## Summary
- add the Spec 322 artifact set for the browser no-drift regression guard
- add Feature navigation guards for admin surface scope, environment CTA URLs, and legacy alias rejection
- add Browser smoke coverage for workspace hubs, environment-owned surfaces, workspace-owned analysis surfaces, and alerts/audit flows
- add the Spec 322 browser support harness used by the new smoke coverage

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test tests/Feature/Navigation/Spec322AdminSurfaceScopeContractTest.php tests/Feature/Navigation/Spec322LegacyQueryAliasGuardTest.php tests/Feature/Navigation/Spec322EnvironmentCtaUrlContractTest.php --compact`
- `cd apps/platform && ./vendor/bin/sail artisan test tests/Browser/Spec322WorkspaceHubNoDriftSmokeTest.php tests/Browser/Spec322EnvironmentOwnedSurfaceSmokeTest.php tests/Browser/Spec322WorkspaceOwnedAnalysisSmokeTest.php tests/Browser/Spec322AlertsAuditNoDriftSmokeTest.php --compact`
- `cd apps/platform && ./vendor/bin/sail pint --dirty`
- `git diff --check`

## Notes
- a broader filtered regression run still reports existing Baseline Compare feature-test failures outside this diff

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #379
2026-05-17 11:34:31 +00:00

66 lines
9.9 KiB
Markdown
Raw Permalink Blame History

# Spec 322 Coverage Manifest
This manifest is the review surface for durable Workspace / Environment no-drift coverage.
Coverage statuses:
- `existing`: already covered by a related test before Spec 322.
- `spec322`: covered by the Spec 322 implementation.
- `spec322-partial`: partially covered by Spec 322 browser coverage with deterministic Feature/static fallback.
- `gap`: browser coverage is blocked or intentionally excluded; notes must explain the deterministic fallback.
Spec 322 browser fixture boundary: browser tests create one workspace, two active Managed Environments, one user with workspace/environment membership, and only the records needed to prove visible/hidden scope across operations, provider connections, evidence, alerts, audit log, governance, reviews, baselines, findings, and settings. Exhaustive surface permutations stay in Feature/static guards.
| Surface | Classification | Clean URL | Filtered URL supported? | Environment route required? | Clear supported? | Browser covered? | Feature covered? | Notes |
| --- | --- | --- | --- | --- | --- | --- | --- | --- |
| Operations | workspace_hub | `/admin/workspaces/{workspace}/operations` | yes | no | yes | spec322-partial | spec322 | Spec322 browser covers clean entry/reload; filtered clear/history remains covered by existing Spec316 browser and Spec322 Feature guards. |
| Governance Inbox | workspace_hub | `/admin/governance/inbox` | yes | no | yes | spec322-partial | spec322 | Spec322 browser covers clean entry/reload; existing Spec314/316 browser plus Spec322 Feature guards cover filtered permutations. |
| Decision Register | workspace_hub | `/admin/governance/decisions` | yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 Feature guards include classification and URL contracts. |
| Finding Exceptions Queue | workspace_hub | `/admin/finding-exceptions/queue` | yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 representative legacy alias browser guard includes this surface. |
| Provider Connections | workspace_hub | `/admin/provider-connections` | yes | no | yes | spec322 | spec322 | Spec322 browser covers clean, filtered chip, clear, reload, back/forward, and representative legacy alias behavior. |
| Evidence Overview | workspace_hub | `/admin/evidence/overview` | yes | no | yes | spec322 | spec322 | Spec322 browser covers clean, filtered chip, clear, reload, and back/forward behavior. |
| Reviews | workspace_hub | `/admin/reviews` | yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 Feature guards include classification and URL contracts. |
| Customer Reviews | workspace_hub | `/admin/reviews/workspace` | yes | no | yes | existing | spec322 | Existing Spec314/316 browser coverage remains the browser anchor; Spec322 Feature guards include classification and URL contracts. |
| Alert Deliveries | workspace_hub | `/admin/alerts/alert-deliveries` | yes | no | yes | spec322 | spec322 | Spec322 browser covers filtered chip, clear, reload, and back/forward alignment. |
| Audit Log | workspace_hub | `/admin/audit-log` | yes | no | yes | spec322-partial | spec322 | Spec322 browser covers filtered and clean/reload shell state; clear/back-forward remains covered by Spec321/Spec322 Feature guards because browser click timing was unstable on this page. |
| Alerts Overview | workspace_hub | `/admin/alerts` | yes | no | yes | spec322-partial | spec322 | Spec322 browser covers clean and filtered shell state; clear contract remains covered by Spec321/Spec322 Feature guards. |
| Environment Dashboard | environment_owned_page | `/admin/workspaces/{workspace}/environments/{environment}` | no | yes | no | spec322 | spec322 | Browser covers Environment-owned route/shell and reload. |
| Baseline Compare | environment_owned_page | `/admin/workspaces/{workspace}/environments/{environment}/baseline-compare` | no | yes | no | spec322 | spec322 | Browser covers Environment-owned route/shell, reload, and old workspace-style invalid access. |
| Required Permissions | environment_owned_page | `/admin/workspaces/{workspace}/environments/{environment}/required-permissions` | no | yes | no | spec322 | spec322 | Browser covers route/shell and reload; Feature guards cover URL contract. |
| Provider Readiness / Onboarding Readiness | environment_owned_page | Environment Dashboard readiness section | no | yes | no | spec322-partial | spec322 | No separate route was confirmed; Environment Dashboard browser smoke and Feature URL/scope guards are the deterministic fallback. |
| Inventory / Inventory Coverage | environment_owned_page | `/admin/workspaces/{workspace}/environments/{environment}/inventory` and `/admin/workspaces/{workspace}/environments/{environment}/inventory/inventory-coverage` | no | yes | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature URL/scope guards cover the route contract. |
| Environment Diagnostics | environment_owned_page | `/admin/workspaces/{workspace}/environments/{environment}/diagnostics` | no | yes | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature URL/scope guards cover the route contract. |
| Baseline Profiles | workspace_owned_analysis_surface | `/admin/baseline-profiles` | no unless explicitly supported | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
| Baseline Snapshots | workspace_owned_analysis_surface | `/admin/baseline-snapshots` | no unless explicitly supported | no | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature classification and clean URL guards cover the contract. |
| My Findings | workspace_owned_analysis_surface | `/admin/findings/my-work` | no unless explicitly supported | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
| Findings Intake | workspace_owned_analysis_surface | `/admin/findings/intake` | no unless explicitly supported | no | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature classification and clean URL guards cover the contract. |
| Findings Hygiene | workspace_owned_analysis_surface | `/admin/findings/hygiene` | no unless explicitly supported | no | no | gap | spec322 | Browser coverage intentionally excluded for runtime cost; Feature classification and clean URL guards cover the contract. |
| Cross-environment Compare | workspace_owned_analysis_surface | `/admin/cross-environment-compare` | no unless explicitly supported | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
| Alert Rules | workspace_configuration_surface | `/admin/alerts/alert-rules` | no | no | no | spec322 | spec322 | Browser covers stray `environment_id` rejection with no chip/shell. |
| Alert Destinations | workspace_configuration_surface | `/admin/alerts/alert-destinations` | no | no | no | spec322 | spec322 | Browser covers stray `environment_id` rejection with no chip/shell. |
| Workspace Settings | workspace_configuration_surface | `/admin/settings/workspace` | no | no | no | spec322 | spec322 | Browser covers Workspace-only shell cutover from Environment origin plus reload. |
| `/admin/t` legacy routes | out_of_scope | N/A | no | no | no | not applicable | spec322 | Spec322 Feature guard verifies no active legacy routes or TenantPanelProvider. |
| TenantPanelProvider | out_of_scope | N/A | no | no | no | not applicable | spec322 | Spec322 Feature guard verifies no runtime tenant panel registration or provider file. |
| Provider-boundary Tenant terminology | out_of_scope | N/A | no | no | no | not applicable | spec322 | Spec322 Feature guard checks retired platform-context Tenant terminology does not return outside allowed provider-boundary contexts. |
## Optional Surfaces
| Surface | Classification | Clean URL | Filtered URL supported? | Environment route required? | Clear supported? | Browser covered? | Feature covered? | Notes |
| --- | --- | --- | --- | --- | --- | --- | --- | --- |
| Notification Routing | workspace_configuration_surface | Not confirmed in Spec 322 prep | no unless explicitly supported | no | no | gap | gap | Optional; excluded until route/surface is confirmed. |
| Operational Controls | workspace_configuration_surface | Not confirmed in Spec 322 prep | no unless explicitly supported | no | no | gap | gap | Optional; excluded until route/surface is confirmed. |
| Customer Health | workspace_hub | Not confirmed in Spec 322 prep | not confirmed | no | not confirmed | gap | gap | Optional; not part of required Spec 322 surface list. |
| Stored Reports | environment_owned_page or workspace_hub depending route | Not confirmed in Spec 322 prep | not confirmed | route-specific | not confirmed | gap | existing | Existing environment route exclusions exist; not required for Spec 322 unless implementation discovers current drift. |
| Support Requests | out_of_scope | Not confirmed in Spec 322 prep | no | no | no | gap | existing | Modal/action support surface, not a primary no-drift browser target. |
| Review Packs / Exports | out_of_scope | Not confirmed in Spec 322 prep | no | route-specific | no | gap | existing | Artifact/download flows remain outside this guard unless linked from required surfaces. |
| Control Catalog | workspace_configuration_surface | Not confirmed in Spec 322 prep | no | no | no | gap | gap | Optional and excluded pending route/surface confirmation. |
## Required Gap Handling
If any planned browser coverage cannot be executed because of local browser profile lock, unavailable fixture, route unreachability, missing seeded data, or external process conflict:
1. Keep or add deterministic Feature/Unit coverage for the same product contract.
2. Mark the row `gap` or `spec322-partial` with exact reason.
3. Do not claim full browser coverage for that surface.
4. Include the blocker in the final implementation report.
Reference in New Issue View Git Blame Copy Permalink