ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/334-nested-filament-context-contract-hardening/checklists/requirements.md
ahmido f967db7983 Spec 334: harden nested Filament Livewire context contract (#395) 
## Summary
- harden nested Filament and Livewire tenant-context handling across the backup schedule operation runs relation manager, managed-environment triage arrival continuity, the backup set policy picker table, and the Operate Hub shell
- add architecture, feature, and browser coverage for nested Filament tenant-context continuity and restore-run resource behavior
- add the Spec 334 artifacts (`spec.md`, `plan.md`, `tasks.md`, and the requirements checklist)

## Testing
- Not run as part of this commit/push/PR workflow

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #395
2026-05-24 21:33:19 +00:00

36 lines
2.0 KiB
Markdown
Raw Permalink Blame History

# Spec 334 Requirements Checklist
- Purpose: Preparation-quality validation for Spec 334 before runtime implementation.
- Created: 2026-05-24
- Feature: [spec.md](../spec.md)
## Content Quality
- [x] Spec is focused on a concrete operator-visible defect class (nested context loss) and does not drift into a tenancy rewrite.
- [x] Spec Candidate Check is filled and justifies why this is Core Enterprise work (correctness + blocker removal).
- [x] Non-goals explicitly exclude routing/panel/RBAC rewrites and broad repo sweeps.
- [x] Acceptance criteria are testable and bounded to confirmed surfaces.
- [x] Preparation artifacts contain no runtime implementation code changes.
## Repo Truth
- [x] Confirmed scope file paths were verified as existing:
- `apps/platform/app/Livewire/BackupSetPolicyPickerTable.php`
- `apps/platform/app/Filament/Resources/RestoreRunResource.php`
- `apps/platform/app/Filament/Concerns/ResolvesPanelTenantContext.php`
- `apps/platform/app/Filament/Resources/BackupScheduleResource/RelationManagers/BackupScheduleOperationRunsRelationManager.php`
- `apps/platform/app/Filament/Widgets/ManagedEnvironment/ManagedEnvironmentTriageArrivalContinuity.php`
- [x] Repo-truth deviation is documented: user draft references Spec 332 WIP, but `platform-dev` has no `specs/332-*` directory today.
## Security / Isolation / RBAC
- [x] Contract explicitly treats UI visibility as non-authorization and requires mutation-time rechecks.
- [x] Fail-closed posture is explicit: no broadening, no silent tenant override, no cross-scope selection/attachment.
- [x] Unsafe model-derived `Filament::setTenant(...)` switching is explicitly guarded.
## Test And Smoke Readiness
- [x] Plan includes the intended lane mix (Feature/Livewire + architecture guard; browser smoke only where user-visible bugs exist).
- [x] Tasks include a guardrail-first step and explicit validation commands.
- [x] Browser smoke scenarios are explicitly listed for the two originally user-visible bugs.
Reference in New Issue View Git Blame Copy Permalink