ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/368-platform-ui-signal-to-noise-browser-audit/artifacts/raw/browser-notes.md
Ahmed Darrazi b15d325701 docs(spec): add artifacts and documents for spec 368 platform UI signal-to-noise browser audit 
Added browser captures, scorecard, recommendations, and follow-up spec candidates for the UI signal-to-noise browser audit.
2026-06-09 02:43:27 +02:00

51 lines
2.7 KiB
Markdown
Raw Permalink Blame History

# Browser Notes
# Browser Notes
Audit date: 2026-06-08
## Setup
- Verification level: repo-verified
- Laravel/Sail stack was already running when checked with `cd apps/platform && ./vendor/bin/sail ps`.
- Local platform URL from Laravel Boost: `http://localhost/admin`.
- Local system URL from Laravel Boost: `http://localhost/system`.
- In-app Browser was connected in the background.
- Viewport used for browser pass: 1440x1000 desktop.
- Screenshot target directories were created under `specs/368-platform-ui-signal-to-noise-browser-audit/artifacts/screenshots/`.
## Auth/Data Strategy
- Verification level: repo-verified
- Used the repo-provided local smoke-login route concept instead of building a new auth flow.
- Route: `/admin/local/smoke-login`.
- Smoke login route is limited to `local` and `testing` environments and validates user, workspace, environment, membership, tenant access, and redirect target.
- Existing fixture configs found:
- `tenantpilot.backup_health.browser_smoke_fixture`
- `tenantpilot.review_output.browser_smoke_fixture`
- The main intended audit workspace/environment was `spec-351-review-output-smoke` / `spec-351-browser-ready-draft`, with `spec-352-guidance-browser-audit` as a supplementary fixture set.
## Runtime Interruption
- Verification level: repo-verified
- During the audit, Postgres logged a PANIC: `could not fdatasync file "000000010000000000000039": Input/output error`.
- The failed process was a session update against the `sessions` table.
- Postgres terminated active server processes and entered crash recovery.
- Several subsequent read-only SQL attempts returned: `FATAL: the database system is in recovery mode`.
- Because TenantPilot uses database sessions locally, authenticated browser page access was not reliable while recovery was active.
## Browser Coverage Outcome
- Verification level: browser-verified for attempted pages.
- Postgres recovery completed and the browser pass resumed.
- Browser-audited pages: 19.
- Browser-reachable pages: 15.
- Browser-blocked pages: 4.
- Newly captured screenshots using the 368 naming convention: 19.
- Total screenshots available in the audit directory, including pre-existing audit screenshots that were already inside the allowed directory: 43.
- Blocked pages:
- Evidence Snapshot detail redirected to `/admin/login`.
- Required Permissions redirected to `/admin/login`.
- System dashboard redirected to `/system/login`.
- System operations redirected to `/system/login`.
- Provider Connection detail was attempted after Provider Connections list, but browser screenshot capture timed out on that detail page. The list page was captured; the detail page remains not browser-audited in `page-inventory.csv`.
Reference in New Issue View Git Blame Copy Permalink