ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/368-platform-ui-signal-to-noise-browser-audit/artifacts/raw/browser-notes.md
Ahmed Darrazi b15d325701 docs(spec): add artifacts and documents for spec 368 platform UI signal-to-noise browser audit 
Added browser captures, scorecard, recommendations, and follow-up spec candidates for the UI signal-to-noise browser audit.
2026-06-09 02:43:27 +02:00

2.7 KiB
Raw Permalink Blame History

Browser Notes

Browser Notes

Audit date: 2026-06-08

Setup

  • Verification level: repo-verified
  • Laravel/Sail stack was already running when checked with cd apps/platform && ./vendor/bin/sail ps.
  • Local platform URL from Laravel Boost: http://localhost/admin.
  • Local system URL from Laravel Boost: http://localhost/system.
  • In-app Browser was connected in the background.
  • Viewport used for browser pass: 1440x1000 desktop.
  • Screenshot target directories were created under specs/368-platform-ui-signal-to-noise-browser-audit/artifacts/screenshots/.

Auth/Data Strategy

  • Verification level: repo-verified
  • Used the repo-provided local smoke-login route concept instead of building a new auth flow.
  • Route: /admin/local/smoke-login.
  • Smoke login route is limited to local and testing environments and validates user, workspace, environment, membership, tenant access, and redirect target.
  • Existing fixture configs found:
    • tenantpilot.backup_health.browser_smoke_fixture
    • tenantpilot.review_output.browser_smoke_fixture
  • The main intended audit workspace/environment was spec-351-review-output-smoke / spec-351-browser-ready-draft, with spec-352-guidance-browser-audit as a supplementary fixture set.

Runtime Interruption

  • Verification level: repo-verified
  • During the audit, Postgres logged a PANIC: could not fdatasync file "000000010000000000000039": Input/output error.
  • The failed process was a session update against the sessions table.
  • Postgres terminated active server processes and entered crash recovery.
  • Several subsequent read-only SQL attempts returned: FATAL: the database system is in recovery mode.
  • Because TenantPilot uses database sessions locally, authenticated browser page access was not reliable while recovery was active.

Browser Coverage Outcome

  • Verification level: browser-verified for attempted pages.
  • Postgres recovery completed and the browser pass resumed.
  • Browser-audited pages: 19.
  • Browser-reachable pages: 15.
  • Browser-blocked pages: 4.
  • Newly captured screenshots using the 368 naming convention: 19.
  • Total screenshots available in the audit directory, including pre-existing audit screenshots that were already inside the allowed directory: 43.
  • Blocked pages:
    • Evidence Snapshot detail redirected to /admin/login.
    • Required Permissions redirected to /admin/login.
    • System dashboard redirected to /system/login.
    • System operations redirected to /system/login.
  • Provider Connection detail was attempted after Provider Connections list, but browser screenshot capture timed out on that detail page. The list page was captured; the detail page remains not browser-audited in page-inventory.csv.