ahmido
ef380b67d1
Implements Spec 104: Provider Permission Posture. What changed - Generates permission posture findings after each tenant permission compare (queued) - Stores immutable posture snapshots as StoredReports (JSONB payload) - Adds global Finding resolved lifecycle (`resolved_at`, `resolved_reason`) with `resolve()` / `reopen()` - Adds alert pipeline event type `permission_missing` (Alerts v1) and Filament option for Alert Rules - Adds retention pruning command + daily schedule for StoredReports - Adds badge mappings for `resolved` finding status and `permission_posture` finding type UX fixes discovered during manual verification - Hide “Diff” section for non-drift findings (only drift findings show diff) - Required Permissions page: “Re-run verification” now links to Tenant view (not onboarding) - Preserve Technical Details `<details>` open state across Livewire re-renders (Alpine state) Verification - Ran `vendor/bin/sail artisan test --compact --filter=PermissionPosture` (50 tests) - Ran `vendor/bin/sail artisan test --compact --filter="FindingResolved|FindingBadge|PermissionMissingAlert"` (20 tests) - Ran `vendor/bin/sail bin pint --dirty` Filament v5 / Livewire v4 compliance - Filament v5 + Livewire v4: no Livewire v3 usage. Panel provider registration (Laravel 11+) - No new panels added. Existing panel providers remain registered via `bootstrap/providers.php`. Global search rule - No changes to global-searchable resources. Destructive actions - No new destructive Filament actions were added in this PR. Assets / deploy notes - No new Filament assets registered. Existing deploy step `php artisan filament:assets` remains unchanged. Test coverage - New/updated Pest feature tests cover generator behavior, job integration, alerting, retention pruning, and resolved lifecycle. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #127
2.1 KiB
2.1 KiB
Specification Quality Checklist: Provider Permission Posture
Purpose: Validate specification completeness and quality before proceeding to planning Created: 2026-02-26 Feature: spec.md
Content Quality
- No implementation details (languages, frameworks, APIs)
- Focused on user value and business needs
- Written for non-technical stakeholders
- All mandatory sections completed
Requirement Completeness
- No [NEEDS CLARIFICATION] markers remain
- Requirements are testable and unambiguous
- Success criteria are measurable
- Success criteria are technology-agnostic (no implementation details)
- All acceptance scenarios are defined
- Edge cases are identified
- Scope is clearly bounded
- Dependencies and assumptions identified
Feature Readiness
- All functional requirements have clear acceptance criteria
- User scenarios cover primary flows
- Feature meets measurable outcomes defined in Success Criteria
- No implementation details leak into specification
Constitution Alignment
- Constitution alignment (required) -- contract registry, safety gates, tenant isolation, run observability, tests
- Constitution alignment (RBAC-UX) -- authorization planes, 404/403 semantics, capability registry
- Constitution alignment (OPS-EX-AUTH-001) -- not applicable, documented
- Constitution alignment (BADGE-001) -- new badge values documented, centralized map extended
- Constitution alignment (Filament Action Surfaces) -- exemption documented (no new surfaces)
- Constitution alignment (UX-001) -- exemption documented (no new screens)
Notes
- All checklist items pass. Spec is ready for
/speckit.clarifyor/speckit.plan. - No [NEEDS CLARIFICATION] markers; all decisions were made with informed defaults based on codebase research (Q1-Q6) and architectural decision validation from prior conversation.
- Key informed defaults documented in Assumptions section: TenantPermissionService as data source, DriftFindingGenerator pattern for idempotent upsert, Alerts v1 generic framework for new event types.