ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
548a37c888
TenantAtlas/specs/303-admin-directory-groups-cutover/checklists/requirements.md
ahmido 1cd8d48474 feat: cut over admin directory groups (#358) 
## Summary
- cut over `EntraGroupResource` to an environment-bound admin Directory Groups surface in the workspace-first runtime
- adopt workspace-scoped admin list/detail URLs and add the bounded `Directory > Groups` navigation entry in the admin panel
- keep workspace-home navigation clean while preserving existing scoped list, detail, and global-search behavior
- update focused feature coverage and add a browser smoke for the rendered sidebar drilldown path
- include the Spec 303 package under `specs/303-admin-directory-groups-cutover/`

## Testing
- updated focused Pest coverage for admin navigation segregation, Entra group admin scoping, Entra group global search scoping, and directory group browsing
- added browser smoke coverage in `apps/platform/tests/Browser/Spec303AdminDirectoryGroupsCutoverSmokeTest.php`

## Filament / Runtime Notes
- remains compliant with Filament v5 on Livewire v4
- no provider registration changes; provider registration location remains `apps/platform/bootstrap/providers.php`
- `EntraGroupResource` remains eligible for global search because it has a View page
- no destructive actions were added or changed; confirmation and authorization behavior is unchanged
- no asset registration changes; existing `cd apps/platform && php artisan filament:assets` deploy posture is unchanged

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #358
2026-05-14 22:44:44 +00:00

92 lines
5.6 KiB
Markdown
Raw Blame History

# Requirements Checklist: Admin Directory Groups Cutover
**Purpose**: Validate that the Spec 303 preparation package is complete, bounded, and ready for implementation.
**Created**: 2026-05-14
**Feature**: [spec.md](../spec.md)
## Applicability And Low-Impact Gate
- [x] The package explicitly changes an operator-facing navigation/resource/search surface and does not use a false low-impact `N/A`.
- [x] `spec.md`, `plan.md`, and `tasks.md` carry the same native Filament navigation/resource/search classification, shared-family relevance, and no-new-action decision.
## Candidate Selection
- [x] The selected candidate exists in `docs/product/spec-candidates.md` as `admin-directory-groups-cutover`.
- [x] The candidate was explicitly manually promoted by the user and assigned number `303`.
- [x] Spec 301 is treated as completed Inventory context and is not modified.
- [x] Spec 302 is treated as completed audit evidence and is not modified.
- [x] Close alternatives are deferred: `navigation-contract-split`, `tenant-panel-dead-code-retirement`, and any broader Directory/Admin Roles IA.
## Scope And Requirements
- [x] Entra Groups has an explicit admin role as a secondary environment-bound Directory/Identity surface.
- [x] Workspace-home sidebar cleanliness remains an explicit negative-control requirement.
- [x] Environment-bound Groups visibility is explicit and testable.
- [x] List, View, and global-search scoping requirements cover no-context, cross-environment, and cross-workspace cases.
- [x] Global-search View destination requirements explicitly reject legacy `/admin/t` routes.
- [x] No generic M365 Admin mirror or broad Identity Center is in scope.
- [x] No new group mutation/admin action is in scope.
- [x] No new persistence, migration, model, service, job, provider contract, route family, asset, or provider registration change is introduced.
## Native, Shared-Family, And State Ownership
- [x] The surface remains native Filament resource navigation, table, View page, and global search.
- [x] The shared paths to reuse are named as `NavigationScope`, `OperateHubShell`, `ScopesGlobalSearchToTenant`, `ResolvesPanelTenantContext`, and tenant-owned record helpers.
- [x] Shell, page, route context, remembered environment context, and record resolution are named without introducing a second state owner.
- [x] The likely next operator action is coherent: open or inspect Groups inside the selected environment.
## Shared Pattern Reuse
- [x] Navigation and search interaction classes are explicitly marked.
- [x] The package extends existing navigation/context/search helpers instead of adding a Directory navigation framework.
- [x] No direct-route posture is retained; Entra Groups uses workspace/environment resource routes.
## OperationRun Start UX Contract
- [x] The package explicitly says it does not create, queue, deduplicate, resume, block, complete, or deep-link to a new `OperationRun`.
- [x] Existing directory group sync behavior remains outside new behavior and must continue using existing shared operation-start helpers if touched.
- [x] No queued or terminal notification policy changes are introduced.
## Provider Boundary And Vocabulary
- [x] The package explicitly classifies the provider/platform boundary as mixed and bounded.
- [x] Microsoft Entra terminology remains provider-owned and does not become platform-core identity truth.
- [x] Operator-visible terms prefer Workspace, Managed Environment, Directory Groups, and Directory inventory.
## Signals, Exceptions, And Test Depth
- [x] The triggered repository signal is classified as a review-mandatory Groups navigation/search repair.
- [x] No broad exception is needed; `WorkspaceScopedTenantRoutes` was adopted and verified.
- [x] The required surface profile is `standard-native-filament`.
- [x] Planned proof stays focused on Pest feature tests plus one explicit Browser smoke for the rendered sidebar navigation path.
- [x] Fixture/helper cost remains low and reuses existing workspace/environment test helpers.
## Audience-Aware Disclosure And Decision Hierarchy
- [x] Directory Groups is secondary context, not a primary decision surface.
- [x] Workspace home remains workspace-level and avoids environment-owned default-visible content.
- [x] Raw/support diagnostics are not promoted by navigation.
- [x] Exactly one dominant navigation intent is preserved: open Groups within the active environment.
## Filament v5 Checklist
- [x] Filament v5 targets Livewire v4.0+; this repo currently uses Livewire 4.1.4.
- [x] No provider registration changes are planned; existing providers remain registered in `apps/platform/bootstrap/providers.php`.
- [x] `EntraGroupResource` has a View page, so global search destination eligibility is satisfied.
- [x] Global-search result URL customization is explicitly covered by requirements and tasks.
- [x] No destructive actions are introduced or changed.
- [x] No assets are registered; deploy `filament:assets` posture remains unchanged.
- [x] Planned tests target Filament navigation/resource/search behavior using Feature tests.
## Review Outcome
- [x] Review outcome class: `acceptable-special-case`.
- [x] Workflow outcome: `document-in-feature`.
- [x] Final note location: active feature PR close-out entry `Guardrail / Exception / Smoke Coverage`.
## Preparation Result
- No application implementation was performed while preparing this package.
- Preparation analysis found no critical or high-severity cross-artifact issues.
- Spec Readiness Gate passes for preparation: `spec.md`, `plan.md`, `tasks.md`, and this checklist exist, contain no placeholders, and keep implementation scope bounded to Spec 303.
Reference in New Issue View Git Blame Copy Permalink