ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects 1 Releases Wiki Activity
44898a98ac
TenantAtlas/app/Filament/Widgets/Dashboard/NeedsAttention.php
ahmido 3a2a06e8d7 feat: align tenant dashboard truth surfaces (#204) 
## Summary
- align tenant dashboard KPI, attention, compare, and operations truth so the page does not read calmer than the tenant's actual state
- preserve tenant-safe drill-through continuity into findings, baseline compare, and canonical operations, including disabled helper states for permission-limited members
- add the Spec 173 artifact set and focused regression coverage for dashboard truth alignment and drill-through behavior

## Validation
- `vendor/bin/sail bin pint --dirty --format agent`
- `vendor/bin/sail artisan test --compact tests/Feature/Filament/DashboardKpisWidgetTest.php tests/Feature/Filament/TenantDashboardTruthAlignmentTest.php tests/Feature/Monitoring/OperationsDashboardDrillthroughTest.php tests/Feature/Filament/NeedsAttentionWidgetTest.php tests/Feature/Filament/BaselineCompareNowWidgetTest.php tests/Feature/Filament/BaselineCompareSummaryConsistencyTest.php tests/Feature/Findings/FindingsListDefaultsTest.php tests/Feature/Findings/FindingsListFiltersTest.php tests/Feature/Findings/FindingAdminTenantParityTest.php tests/Feature/OpsUx/CanonicalViewRunLinksTest.php tests/Feature/Filament/TenantDashboardTenantScopeTest.php tests/Feature/Filament/TenantDashboardDbOnlyTest.php tests/Feature/Filament/TableStandardsBaselineTest.php tests/Feature/Filament/TableDetailVisibilityTest.php`
- integrated browser smoke on the tenant dashboard, including a permission-limited member scenario

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #204
2026-04-03 20:26:15 +00:00

231 lines
8.1 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Filament\Widgets\Dashboard;
use App\Filament\Pages\BaselineCompareLanding;
use App\Filament\Resources\FindingResource;
use App\Models\FindingException;
use App\Models\OperationRun;
use App\Models\Tenant;
use App\Models\User;
use App\Support\Auth\Capabilities;
use App\Support\Baselines\TenantGovernanceAggregate;
use App\Support\Baselines\TenantGovernanceAggregateResolver;
use App\Support\OperationRunLinks;
use App\Support\OpsUx\ActiveRuns;
use App\Support\Rbac\UiTooltips;
use Filament\Facades\Filament;
use Filament\Widgets\Widget;
class NeedsAttention extends Widget
{
protected string $view = 'filament.widgets.dashboard.needs-attention';
/**
* @return array<string, mixed>
*/
protected function getViewData(): array
{
$tenant = Filament::getTenant();
if (! $tenant instanceof Tenant) {
return [
'pollingInterval' => null,
'items' => [],
'healthyChecks' => [],
];
}
$tenantId = (int) $tenant->getKey();
$aggregate = $this->governanceAggregate($tenant);
$compareAssessment = $aggregate->summaryAssessment;
$items = [];
$overdueOpenCount = $aggregate->overdueOpenFindingsCount;
$lapsedGovernanceCount = $aggregate->lapsedGovernanceCount;
$expiringGovernanceCount = $aggregate->expiringGovernanceCount;
$highSeverityCount = $aggregate->highSeverityActiveFindingsCount;
$operationsFollowUpCount = (int) OperationRun::query()
->where('tenant_id', $tenantId)
->dashboardNeedsFollowUp()
->count();
$activeRuns = (int) OperationRun::query()
->where('tenant_id', $tenantId)
->healthyActive()
->count();
if ($lapsedGovernanceCount > 0) {
$items[] = [
'key' => 'lapsed_governance',
'title' => 'Lapsed accepted-risk governance',
'body' => "{$lapsedGovernanceCount} accepted-risk finding(s) no longer have valid supporting governance.",
'badge' => 'Governance',
'badgeColor' => 'danger',
...$this->findingsAction(
$tenant,
'Open findings',
[
'tab' => 'risk_accepted',
'governance_validity' => FindingException::VALIDITY_MISSING_SUPPORT,
],
),
];
}
if ($overdueOpenCount > 0) {
$items[] = [
'key' => 'overdue_findings',
'title' => 'Overdue findings',
'body' => "{$overdueOpenCount} open finding(s) are overdue and still need workflow follow-up.",
'badge' => 'Findings',
'badgeColor' => 'danger',
...$this->findingsAction(
$tenant,
'Open findings',
['tab' => 'overdue'],
),
];
}
if ($expiringGovernanceCount > 0) {
$items[] = [
'key' => 'expiring_governance',
'title' => 'Expiring accepted-risk governance',
'body' => "{$expiringGovernanceCount} accepted-risk finding(s) need governance review soon.",
'badge' => 'Governance',
'badgeColor' => 'warning',
...$this->findingsAction(
$tenant,
'Open findings',
[
'tab' => 'risk_accepted',
'governance_validity' => FindingException::VALIDITY_EXPIRING,
],
),
];
}
if ($highSeverityCount > 0) {
$items[] = [
'key' => 'high_severity_active_findings',
'title' => 'High severity active findings',
'body' => "{$highSeverityCount} high or critical finding(s) are still active.",
'badge' => 'Findings',
'badgeColor' => 'danger',
...$this->findingsAction(
$tenant,
'Open findings',
[
'tab' => 'needs_action',
'high_severity' => 1,
],
),
];
}
if ($compareAssessment->stateFamily !== 'positive') {
$items[] = [
'key' => 'baseline_compare_posture',
'title' => 'Baseline compare posture',
'body' => $compareAssessment->headline,
'supportingMessage' => $compareAssessment->supportingMessage,
'badge' => 'Baseline',
'badgeColor' => $compareAssessment->tone,
'actionLabel' => 'Open Baseline Compare',
'actionUrl' => BaselineCompareLanding::getUrl(panel: 'tenant', tenant: $tenant),
];
}
if ($operationsFollowUpCount > 0) {
$items[] = [
'key' => 'operations_follow_up',
'title' => 'Operations need follow-up',
'body' => "{$operationsFollowUpCount} run(s) failed, completed with warnings, or look stalled.",
'badge' => 'Operations',
'badgeColor' => 'danger',
'actionLabel' => 'Open operations',
'actionUrl' => OperationRunLinks::index($tenant, activeTab: 'blocked'),
];
}
$healthyChecks = [];
if ($items === []) {
$healthyChecks = [
[
'title' => 'Baseline compare looks trustworthy',
'body' => $aggregate->headline,
],
[
'title' => 'No overdue findings',
'body' => 'No open findings are currently overdue for this tenant.',
],
[
'title' => 'Accepted-risk governance is healthy',
'body' => 'No accepted-risk findings currently need governance follow-up.',
],
[
'title' => 'No high severity active findings',
'body' => 'No high severity findings are currently open for this tenant.',
],
$activeRuns > 0
? [
'title' => 'Operations are active',
'body' => "{$activeRuns} run(s) are active, but nothing currently needs follow-up.",
]
: [
'title' => 'No active operations',
'body' => 'Nothing is currently running for this tenant.',
],
];
}
return [
'pollingInterval' => ActiveRuns::existForTenant($tenant) ? '10s' : null,
'items' => $items,
'healthyChecks' => $healthyChecks,
];
}
/**
* @param array<string, mixed> $parameters
* @return array<string, mixed>
*/
private function findingsAction(Tenant $tenant, string $label, array $parameters): array
{
$url = $this->canOpenFindings($tenant)
? FindingResource::getUrl('index', $parameters, panel: 'tenant', tenant: $tenant)
: null;
return [
'actionLabel' => $label,
'actionUrl' => $url,
'actionDisabled' => $url === null,
'helperText' => $url === null ? UiTooltips::INSUFFICIENT_PERMISSION : null,
];
}
private function canOpenFindings(Tenant $tenant): bool
{
$user = auth()->user();
return $user instanceof User
&& $user->canAccessTenant($tenant)
&& $user->can(Capabilities::TENANT_FINDINGS_VIEW, $tenant);
}
private function governanceAggregate(Tenant $tenant): TenantGovernanceAggregate
{
/** @var TenantGovernanceAggregateResolver $resolver */
$resolver = app(TenantGovernanceAggregateResolver::class);
/** @var TenantGovernanceAggregate $aggregate */
$aggregate = $resolver->forTenant($tenant);
return $aggregate;
}
}
Reference in New Issue View Git Blame Copy Permalink