ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
53dc89e6ef
TenantAtlas/specs/075-verification-v1-5/quickstart.md
ahmido 53dc89e6ef Spec 075: Verification Checklist Framework V1.5 (fingerprint + acknowledgements) (#93) 
Implements Spec 075 (V1.5) on top of Spec 074.

Highlights
- Deterministic report fingerprint (sha256) + previous_report_id linkage
- Viewer change indicator: "No changes" vs "Changed" when previous exists
- Check acknowledgements (fail|warn|block) with capability-first auth, confirmation, and audit event
- Verify-step UX polish (issues-first, primary CTA)

Testing
- Focused Pest coverage for fingerprint, previous resolver, change indicator, acknowledgements, badge semantics, DB-only viewer guard.

Notes
- Viewing remains DB-only (no external calls while rendering).

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #93
2026-02-05 21:44:19 +00:00

1.7 KiB
Raw Blame History

Quickstart: Verification Checklist Framework V1.5 (075)

This quickstart is for developers implementing and validating Spec 075.

Prerequisites

  • Docker + Sail
  • A seeded workspace + tenant and a user that can access the tenant plane (/admin/t/{tenant})

Local setup

  • Start containers: vendor/bin/sail up -d
  • Install deps (if needed): vendor/bin/sail composer install
  • Run migrations: vendor/bin/sail artisan migrate

Run verification (expected UX)

After implementation, the Verify surface should behave like:

  1. Navigate to the tenant-scoped Verify step (onboarding or equivalent).
  2. If no active run exists, the single primary CTA is Start verification.
  3. If a run is active, the single primary CTA is Refresh results.
  4. Results default to the Issues tab with blockers/failures/warnings ordered first.

Acknowledge a check (expected UX)

After implementation:

  1. On a fail or warn check card, click Acknowledge.
  2. Confirmation modal appears (required).
  3. Submit a short reason (≤ 160 chars) and optional expiry (informational only).
  4. The acknowledgement displays (who/when/reason) and the issue moves into the “Acknowledged issues” group.

Authorization expectations

  • Non-members attempting to access tenant-scoped verification pages: deny-as-not-found (404).
  • Tenant members without tenant_verification.acknowledge: acknowledgement attempts fail with 403.

Run the focused test suite

Once tests are implemented:

  • Run only the spec-related tests: vendor/bin/sail artisan test --compact --filter=Verification (or point at the specific test file(s)).

Formatting

  • Format only changed files before finalizing: vendor/bin/sail bin pint --dirty