46 lines
3.6 KiB
Markdown
46 lines
3.6 KiB
Markdown
# Quickstart — Support Diagnostic Pack
|
|
|
|
## Prereqs
|
|
|
|
- Docker running
|
|
- Laravel Sail dependencies installed
|
|
- Existing workspace, tenant, run, provider, finding, report, review, and audit factories available for tests
|
|
|
|
## Run locally
|
|
|
|
- Start containers: `cd apps/platform && ./vendor/bin/sail up -d`
|
|
- Run targeted tests after implementation:
|
|
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Unit/Support/SupportDiagnostics/SupportDiagnosticBundleBuilderTest.php tests/Unit/Support/SupportDiagnostics/SupportDiagnosticBundleRedactionTest.php`
|
|
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/SupportDiagnostics/TenantSupportDiagnosticActionTest.php tests/Feature/SupportDiagnostics/OperationRunSupportDiagnosticActionTest.php tests/Feature/SupportDiagnostics/SupportDiagnosticAuthorizationTest.php tests/Feature/SupportDiagnostics/SupportDiagnosticAuditTest.php`
|
|
- Format after implementation: `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
|
|
|
|
## Manual smoke after implementation
|
|
|
|
1. Sign in to `/admin` as a workspace member with tenant entitlement and the new tenant-plane `support_diagnostics.view` capability.
|
|
2. Open one tenant at `/admin/t/{tenant}` and trigger `Open support diagnostics`.
|
|
3. Confirm the preview shows a deterministic summary, redaction note, canonical related links, and no raw provider payload or credential detail.
|
|
4. Open one canonical operation detail at `/admin/operations/{run}` for a run that resolves to the same entitled tenant scope and trigger the same action.
|
|
5. Confirm the run summary reuses the existing operation explanation language and that related links still open canonical provider, finding, review, review-pack, and audit surfaces.
|
|
6. Verify a non-member or non-entitled actor receives `404`, while an entitled actor without the support-diagnostics capability sees the action disabled in UI and receives `403` on direct action execution.
|
|
7. Verify an audit entry is recorded for bundle-open activity with redacted metadata only.
|
|
8. Verify opening diagnostics stays DB-only in this slice: no new `OperationRun` is created, no provider-backed work is dispatched, and no queued operation UX side effect appears.
|
|
|
|
## Notes
|
|
|
|
- Filament v5 remains on Livewire v4.0+ in this repo; the feature stays within native Filament page actions and read-only preview composition.
|
|
- No panel provider changes are planned; Laravel 12 provider registration remains in `bootstrap/providers.php`.
|
|
- No global-search behavior changes are involved because this slice does not add a new Filament resource.
|
|
- No destructive actions are introduced; `Open support diagnostics` remains a read-only action.
|
|
- The new `support_diagnostics.view` gate is tenant-role scoped on tenant-admin surfaces; workspace-owned and system-plane runs remain out of scope for this first slice.
|
|
|
|
## Implementation Close-out
|
|
|
|
- Guardrail result: PASS
|
|
- Latest targeted validation passed:
|
|
- `tests/Unit/Support/SupportDiagnostics/SupportDiagnosticBundleBuilderTest.php`
|
|
- `tests/Unit/Support/SupportDiagnostics/SupportDiagnosticBundleRedactionTest.php`
|
|
- `tests/Feature/SupportDiagnostics/TenantSupportDiagnosticActionTest.php`
|
|
- `tests/Feature/SupportDiagnostics/OperationRunSupportDiagnosticActionTest.php`
|
|
- `tests/Feature/SupportDiagnostics/SupportDiagnosticAuthorizationTest.php`
|
|
- `tests/Feature/SupportDiagnostics/SupportDiagnosticAuditTest.php`
|
|
- Shared-helper note: no follow-up spec is required for this slice; the implementation stayed on existing `OperationRunPolicy`, `OperationRunLinks`, `RelatedNavigationResolver`, `GovernanceRunDiagnosticSummaryBuilder`, `RedactionIntegrity`, and `WorkspaceAuditLogger` paths. |