ahmido
bf10645dc3
## Summary - finalize the existing Customer Review Workspace as a customer-safe first-screen consumption surface - lead the page with one review decision card, readiness flow, findings summary, accepted-risk summary, and secondary proof instead of diagnostics-first presentation - keep evidence, review-pack, export, audit, and operation proof states explicit and separate so the page does not make false readiness or evidence claims - add focused Spec 342 Feature and Browser coverage plus the spec-local truth map, state contract, and screenshot artifacts - preserve the existing workspace-wide route with canonical `environment_id` filtering only and no new portal, backend generation flow, or navigation rewrite ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/Spec342CustomerReviewWorkspaceConsumptionTest.php tests/Feature/Reviews/CustomerReviewWorkspacePageTest.php` - `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec342CustomerReviewWorkspaceConsumptionSmokeTest.php tests/Browser/Reviews/CustomerReviewWorkspaceSmokeTest.php --compact` - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` - `git diff --check` ## Notes - screenshot artifacts are included under `specs/342-customer-review-workspace-final-consumption-productization/artifacts/screenshots/` - Livewire v4 compliance unchanged - Filament provider registration remains in `apps/platform/bootstrap/providers.php` - no globally searchable resource behavior changed in this slice - no new destructive action behavior was introduced - no new Filament assets; deploy `filament:assets` posture is unchanged - full suite was not run in this turn; validation stayed on the focused Spec 342 slices Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #414
8.9 KiB
8.9 KiB
Spec 342 - Repo Truth Map
Status: implemented
Created: 2026-06-01
Scope: Customer Review Workspace final customer-safe consumption
This map is the implementation guardrail for Spec 342. Runtime work must update this file before changing code when it discovers additional truth, unsupported states, or deferred concepts.
Classification Vocabulary
repo-verified: observed in current application code, tests, specs, or routes.derived from existing model: available by deriving from existing persisted model fields or relationships.foundation-real: foundation exists, but the final customer-consumption behavior may still need wiring or productization.not available: no repo-backed truth or action exists in the current codebase.deferred: intentionally out of scope for Spec 342.
Core Surface Truth
| Data point | Classification | Repo evidence | Spec 342 handling |
|---|---|---|---|
| Customer Review Workspace page | repo-verified | apps/platform/app/Filament/Pages/Reviews/CustomerReviewWorkspace.php |
Existing route and page remain the target. |
| Customer Review Workspace Blade view | repo-verified | apps/platform/resources/views/filament/pages/reviews/customer-review-workspace.blade.php |
Productize existing view; do not add a new route. |
| Canonical route | repo-verified | Page slug reviews/workspace; Filament admin panel route |
Keep /admin/reviews/workspace. |
| Environment filter | repo-verified | environmentFilterUrl() emits environment_id; workspace hub filter helpers exist |
Keep environment_id as page filter only. |
Legacy /admin/t context |
not available | Spec 341 cleanup and current roadmap boundary | Do not reintroduce. |
| Page-open audit event | repo-verified | WorkspaceAuditLogger usage in CustomerReviewWorkspace |
Preserve safe audit metadata. |
| First-screen decision card | repo-verified | Current Blade renders customer-review-decision-card; Spec 342 tests assert one primary action and false-claim prevention |
Final consumption decision card is implemented on the existing page. |
| Review package index/table | repo-verified | Existing Filament table in CustomerReviewWorkspace |
Keep secondary to first-screen decision/proof content. |
| Diagnostics section | repo-verified | Current Blade has diagnostics/disclosure payload; Spec 342 feature/browser tests assert collapsed default and hidden raw payloads | Kept collapsed by default. |
Review Truth
| Data point | Classification | Repo evidence | Spec 342 handling |
|---|---|---|---|
| Review record | repo-verified | EnvironmentReview model |
Use as review source. |
| Published/released review | derived from existing model | EnvironmentReviewStatus::Published, published_at |
Use for latest released review. |
| Review completeness | repo-verified | EnvironmentReviewCompletenessState, completeness_state |
Render as readiness dimension. |
| Review summary | repo-verified | EnvironmentReview.summary cast |
Use only customer-safe fields; avoid raw payload. |
| Current export review pack | repo-verified | current_export_review_pack_id, currentExportReviewPack() |
Use for current export/pack state. |
| Review sections | repo-verified | EnvironmentReviewSection relationship |
Use for customer-safe content only if already productized. |
| Customer acknowledgement/attestation | not available | No attestation model or workflow identified in current truth map | Do not implement; optional unavailable copy only. |
Evidence And Review Pack Truth
| Data point | Classification | Repo evidence | Spec 342 handling |
|---|---|---|---|
| Evidence snapshot | repo-verified | EvidenceSnapshot model and relation from EnvironmentReview |
Use as evidence availability/proof source. |
| Evidence status/completeness | repo-verified | EvidenceSnapshotStatus, EvidenceCompletenessState |
Render evidence states truthfully. |
| Evidence items | repo-verified | EvidenceSnapshotItem relationship |
Use as proof count/detail only when customer-safe. |
| Stored report | repo-verified | StoredReport model and Evidence Overview references |
Link/show only when repo-backed for selected review context. |
| Review pack | repo-verified | ReviewPack model |
Use as review-pack state source. |
| Review pack status | repo-verified | ReviewPackStatus, model constants |
Render queued/generating/ready/failed/expired. |
| Review pack file metadata | repo-verified | file_disk, file_path, file_size, sha256, generated_at, expires_at |
Download/export available only when ready and authorized. |
| Signed download route | repo-verified | ReviewPackDownloadController, route admin.review-packs.download |
Use only when existing authorization and file truth permit. |
| External delivery/email/PSA | not available | No repo-backed delivery mechanism for this surface | Show unavailable/deferred only if useful. |
Findings And Accepted Risk Truth
| Data point | Classification | Repo evidence | Spec 342 handling |
|---|---|---|---|
| Finding records | repo-verified | Finding model |
Use for customer-safe finding summaries. |
| Finding status/severity | repo-verified | Finding constants and fields |
Show counts/labels where repo-backed. |
| Owner/assignee/due fields | repo-verified | owner_user_id, assignee_user_id, due_at |
Show only if loaded and customer-safe. |
| Accepted risk / exception records | repo-verified | FindingException model |
Summarize accepted risks visibly. |
| Exception status | repo-verified | FindingException status constants |
Use shared badge/status semantics. |
| Exception validity | repo-verified | current_validity_state, validity constants |
Surface expired/expiring/missing-support states. |
| Owner/rationale/expiry/review date | repo-verified | owner_user_id, request_reason, expires_at, review_due_at, decision records; Spec 342 tests assert owner, rationale, next review, and missing review-date copy |
Visible in the accepted-risk summary when repo-backed. |
| Exception decision history | repo-verified | FindingExceptionDecision relationship |
Use as proof only when customer-safe and authorized. |
| Accepted risk lifecycle beyond current exception truth | deferred | Follow-up candidate in user draft | Do not add lifecycle backend in Spec 342. |
Audit And Operation Proof
| Data point | Classification | Repo evidence | Spec 342 handling |
|---|---|---|---|
| OperationRun proof | repo-verified | OperationRun model and links from review/evidence/pack |
Show as secondary proof only. |
| Operation status/outcome | repo-verified | OperationRunStatus, OperationRunOutcome |
Do not collapse into evidence or customer-safe output truth. |
| OperationRun raw payload/context | repo-verified but diagnostics-only | OperationRun.context, summary_counts, failure_summary |
Hidden by default; capability-gated if shown. |
| Audit log | repo-verified | AuditLog, WorkspaceAuditLogger, page-open event |
Preserve and link only if repo-backed/authorized. |
| Customer-visible audit export | deferred | Not required by Spec 342 | Leave to follow-up if needed. |
RBAC And Context Truth
| Data point | Classification | Repo evidence | Spec 342 handling |
|---|---|---|---|
| Workspace membership | repo-verified | WorkspaceContext, workspace membership models |
Required for page access. |
| Managed environment entitlement | repo-verified | EnvironmentReviewRegisterService::authorizedTenants() and policies |
Required before rendering environment-bound records. |
| Capability-aware actions | repo-verified | Capabilities, policies, UiEnforcement patterns |
Use existing action visibility/authorization. |
Cross-workspace environment_id |
repo-verified guard expectation | Spec 341 and existing navigation/filter tests | Return safe no-access/404. |
| Diagnostics capability | repo-verified | Existing capability/policy patterns; customer workspace diagnostics remain collapsed and raw/support data hidden by default | Hide/unavailable when not authorized. |
Implementation Close-Out
- No new persisted entity, enum/status family, generic readiness framework, migration, package, env var, queue, scheduler, Graph scope, route, or Filament asset was introduced.
- No standalone presenter class was added. The existing
CustomerReviewWorkspacepage now exposes bounded page-local derived payload helpers for the decision card, six-step flow, findings panel, accepted-risk panel, and proof separation. - Browser screenshots cover not-ready/evidence-incomplete, ready-with-evidence, review-pack-available, findings-need-attention, accepted-risks-present, diagnostics-collapsed, and dark-mode states under
artifacts/screenshots/. - The explicit "evidence missing" screenshot name from planning was represented by the repo-backed evidence-incomplete/not-ready state; no backend truth was faked to manufacture a separate missing-evidence path.
- UI coverage docs were not changed because this spec productizes the existing
/admin/reviews/workspaceroute and does not add navigation, a new route, or a new archetype.