ahmido
a3b21c48d8
## Summary - add the Spec 340 browser verification gate package for the post-338/339 workspace and environment scope contract - add a bounded Pest browser smoke that verifies clean workspace origin, environment origin, explicit `environment_id` hub filtering, remembered-environment non-authority, and Provider Connections create/view/edit authority signals - record the verification inventory, matrix, findings, checklist, and audit report under `specs/340-post-scope-contract-browser-verification-gate/` - document a `GO` recommendation with no confirmed P1/P2 drift and one backlog wording follow-up - keep the change verification-only with no runtime behavior, schema, or route-family changes ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec340PostScopeContractVerificationSmokeTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections --filter=ScopeHardening` - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` - `git diff --check --no-index /dev/null apps/platform/tests/Browser/Spec340PostScopeContractVerificationSmokeTest.php` - `git diff --check` ## Notes - Livewire v4 compliance unchanged - Filament provider registration remains in `apps/platform/bootstrap/providers.php` - no globally searchable resource behavior changed - no destructive action behavior changed or executed in this verification gate - no new Filament assets; deploy `filament:assets` posture is unchanged Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #411
5.0 KiB
5.0 KiB
Spec 340 Scope Verification Matrix
| Page / Surface | Origin | URL / Query | Shell | Sidebar | Breadcrumb / Header | Visible Filter Evidence | Reload / Back-Forward | Screenshot | Status | Finding ID |
|---|---|---|---|---|---|---|---|---|---|---|
| Workspace Overview | Clean Workspace | /admin/workspaces/{workspace}/overview |
Workspace | Workspace scope indicator | Workspace name visible | No environment filter | N/A | Not captured | pass | - |
| Operations | Clean Workspace | /admin/workspaces/{workspace}/operations |
Workspace Hub | Workspace scope indicator | Operations Hub / workbench copy |
No environment_id, no filter chip |
Existing Spec322 reload posture; Spec340 representative check passed | Not captured | pass | - |
| Operations | Environment origin filtered entry | /admin/workspaces/{workspace}/operations?environment_id=<environment> |
Workspace Hub | Workspace scope indicator | Operations Hub |
Environment filter: chip with clear link |
Spec340 reload check passed | Not captured | pass | - |
| Provider Connections List | Clean Workspace + remembered environment | /admin/provider-connections |
Workspace Hub | Workspace scope indicator | Provider Connections table | No hidden remembered filter | N/A | Not captured | pass | - |
| Provider Connections List | Filtered Hub | /admin/provider-connections?environment_id=<environment> |
Workspace Hub | Workspace scope indicator | Provider Connections table | Environment filter: chip and create link carries environment_id |
Spec340 clear/back/forward check passed | Not captured | pass | - |
| Provider Connections Create | Clean Workspace | /admin/provider-connections/create |
Authorization boundary | N/A | Error / blocked page expected | No environment authority | N/A | Not captured | pass | - |
| Provider Connection View | Record route | /admin/provider-connections/{record} |
Record-derived | Workspace scope indicator | Provider connection name and target scope visible | Optional environment_id is record-derived and matched to the connection environment |
N/A | Not captured | pass | - |
| Provider Connection Edit | Filtered record route | /admin/provider-connections/{record}/edit?environment_id=<environment> |
Record-derived + explicit query | Workspace scope indicator | Provider connection name visible | Explicit environment_id query |
N/A | Not captured | pass | - |
| Evidence Overview | Clean Workspace | /admin/evidence/overview |
Workspace Hub | Workspace scope indicator | Evidence proof workbench | No environment filter | Existing Spec322 reload/back-forward posture | Not captured | pass | - |
| Alerts | Clean Workspace | /admin/alerts |
Workspace Hub | Workspace scope indicator | Alerts heading | No environment filter | N/A | Not captured | pass | - |
| Audit Log | Clean Workspace | /admin/audit-log |
Workspace Hub | Workspace scope indicator | Audit Log heading | No environment filter | N/A | Not captured | pass | - |
| Review Register | Clean Workspace | /admin/reviews |
Workspace Hub | Workspace scope indicator | Review Register heading | No environment filter | N/A | Not captured | pass | - |
| Customer Review Workspace | Clean Workspace | /admin/reviews/workspace |
Workspace Hub | Workspace scope indicator | Customer Review Workspace heading | No environment filter | N/A | Not captured | pass | - |
| Governance Inbox | Clean Workspace | /admin/governance/inbox |
Workspace Hub | Workspace scope indicator | Governance Inbox heading | No environment filter | N/A | Not captured | pass | - |
| Decision Register | Clean Workspace | /admin/governance/decisions |
Workspace Hub | Workspace scope indicator | Decision Register heading | No environment filter | N/A | Not captured | pass | - |
| Finding Exceptions Queue | Clean Workspace | /admin/finding-exceptions/queue |
Workspace Hub | Workspace scope indicator | Finding exceptions queue text | No environment filter | N/A | Not captured | pass | - |
| Baseline Profiles | Clean Workspace | /admin/baseline-profiles |
Workspace-owned analysis | Workspace scope indicator | Baseline Profiles heading | No environment filter | N/A | Not captured | pass | - |
| Baseline Snapshots | Clean Workspace | /admin/baseline-snapshots |
Workspace-owned analysis | Workspace scope indicator | Baseline Snapshots heading | No environment filter | N/A | Not captured | pass | - |
| Environment Dashboard | Environment origin | /admin/workspaces/{workspace}/environments/{environment} |
Environment | Environment scope indicator | Environment name visible | Route-owned environment, no environment_id query |
N/A | Not captured | pass | - |
Coverage Notes
- Browser automation uses
apps/platform/tests/Browser/Spec340PostScopeContractVerificationSmokeTest.php. - Existing related browser coverage remains relevant context:
Spec322WorkspaceHubNoDriftSmokeTestSpec322EnvironmentOwnedSurfaceSmokeTestSpec338ScopeContractSmokeTest
- The matrix is intentionally representative for reload/back-forward instead of exhaustive across every hub, matching the fixture-cost limits in the active plan.