ahmido
e0c2cdb1f4
## Summary - enforce the canonical workspace/environment scope contract for workspace hubs and environment-owned surfaces - replace first-party Operations deep links that leaked Filament `tableFilters[...]` internals with stable product-level query behavior - add the sidebar scope indicator and split environment-page navigation into explicit `Workspace-wide` and `Workspace admin` groups - remove redundant tenantless `All environments` scope badges from workspace-wide pages while preserving explicit environment filter affordances - include the Spec 338 artifacts, guard tests, and browser smoke coverage for the new contract ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Navigation/Spec338EnvironmentSidebarSeparationTest.php tests/Feature/Navigation/Spec338OperationRunLinksQueryContractTest.php tests/Feature/Navigation/Spec338SidebarScopeIndicatorTest.php tests/Feature/Filament/PanelNavigationSegregationTest.php` - `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec338ScopeContractSmokeTest.php --compact` ## Notes - Livewire v4 compliance unchanged - Filament provider registration remains in `bootstrap/providers.php` - no destructive action behavior changed - no migrations, env var changes, or new Filament asset registration Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #409
145 lines
4.6 KiB
PHP
145 lines
4.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Support\Navigation;
|
|
|
|
use App\Support\Tenants\TenantInteractionLane;
|
|
use Illuminate\Http\Request;
|
|
|
|
enum AdminSurfaceScope: string
|
|
{
|
|
case WorkspaceWideSurface = 'workspace_wide_surface';
|
|
case WorkspaceOwnedAnalysisSurface = 'workspace_owned_analysis_surface';
|
|
case WorkspaceScoped = 'workspace_scoped';
|
|
case WorkspaceChooserException = 'workspace_chooser_exception';
|
|
case EnvironmentBound = 'environment_bound';
|
|
case OnboardingWorkflow = 'onboarding_workflow';
|
|
case CanonicalWorkspaceRecordViewer = 'canonical_workspace_record_viewer';
|
|
|
|
public static function fromRequest(?Request $request = null): self
|
|
{
|
|
if (! $request instanceof Request) {
|
|
return self::WorkspaceScoped;
|
|
}
|
|
|
|
return self::fromPath(self::effectivePath($request));
|
|
}
|
|
|
|
public static function fromPath(string $path): self
|
|
{
|
|
$normalizedPath = '/'.ltrim($path, '/');
|
|
|
|
if ($normalizedPath === '/admin/choose-workspace') {
|
|
return self::WorkspaceChooserException;
|
|
}
|
|
|
|
if (preg_match('#^/admin/workspaces/[^/]+/operations/[^/]+$#', $normalizedPath) === 1) {
|
|
return self::CanonicalWorkspaceRecordViewer;
|
|
}
|
|
|
|
if (self::isWorkspaceWideSurfacePath($normalizedPath)) {
|
|
return self::WorkspaceWideSurface;
|
|
}
|
|
|
|
if (self::isWorkspaceOwnedAnalysisSurfacePath($normalizedPath)) {
|
|
return self::WorkspaceOwnedAnalysisSurface;
|
|
}
|
|
|
|
if (preg_match('#^/admin/onboarding(?:/[^/]+)?$#', $normalizedPath) === 1) {
|
|
return self::OnboardingWorkflow;
|
|
}
|
|
|
|
if (preg_match('#^/admin/workspaces/[^/]+/environments/[^/]+(?:/|$)#', $normalizedPath) === 1) {
|
|
return self::EnvironmentBound;
|
|
}
|
|
|
|
return self::WorkspaceScoped;
|
|
}
|
|
|
|
public function allowsQueryEnvironmentHints(): bool
|
|
{
|
|
return match ($this) {
|
|
self::WorkspaceWideSurface, self::WorkspaceScoped, self::OnboardingWorkflow => true,
|
|
default => false,
|
|
};
|
|
}
|
|
|
|
public function allowsRememberedEnvironmentRestore(): bool
|
|
{
|
|
return match ($this) {
|
|
self::WorkspaceScoped, self::OnboardingWorkflow, self::CanonicalWorkspaceRecordViewer => true,
|
|
default => false,
|
|
};
|
|
}
|
|
|
|
public function allowsEnvironmentlessState(): bool
|
|
{
|
|
return match ($this) {
|
|
self::WorkspaceWideSurface,
|
|
self::WorkspaceOwnedAnalysisSurface,
|
|
self::WorkspaceScoped,
|
|
self::WorkspaceChooserException,
|
|
self::OnboardingWorkflow,
|
|
self::CanonicalWorkspaceRecordViewer => true,
|
|
default => false,
|
|
};
|
|
}
|
|
|
|
public function forcesEnvironmentlessShellContext(): bool
|
|
{
|
|
return match ($this) {
|
|
self::WorkspaceWideSurface,
|
|
self::WorkspaceOwnedAnalysisSurface,
|
|
self::WorkspaceChooserException => true,
|
|
self::CanonicalWorkspaceRecordViewer => false,
|
|
default => false,
|
|
};
|
|
}
|
|
|
|
public function requiresExplicitEnvironment(): bool
|
|
{
|
|
return match ($this) {
|
|
self::EnvironmentBound => true,
|
|
default => false,
|
|
};
|
|
}
|
|
|
|
public function lane(): TenantInteractionLane
|
|
{
|
|
return TenantInteractionLane::fromSurfaceScope($this);
|
|
}
|
|
|
|
private static function isWorkspaceWideSurfacePath(string $normalizedPath): bool
|
|
{
|
|
return WorkspaceHubRegistry::isWorkspaceHubPath($normalizedPath);
|
|
}
|
|
|
|
private static function isWorkspaceOwnedAnalysisSurfacePath(string $normalizedPath): bool
|
|
{
|
|
return preg_match('#^/admin/(baseline-profiles|baseline-snapshots)(?:/.*)?$#', $normalizedPath) === 1
|
|
|| preg_match('#^/admin/findings/(?:my-work|intake|hygiene)/?$#', $normalizedPath) === 1
|
|
|| preg_match('#^/admin/cross-environment-compare/?$#', $normalizedPath) === 1;
|
|
}
|
|
|
|
private static function effectivePath(Request $request): string
|
|
{
|
|
$path = '/'.ltrim((string) $request->path(), '/');
|
|
|
|
if (! self::isLivewireRequestPath($path) && ! $request->headers->has('x-livewire')) {
|
|
return $path;
|
|
}
|
|
|
|
$refererPath = parse_url((string) $request->headers->get('referer', ''), PHP_URL_PATH);
|
|
|
|
return is_string($refererPath) && $refererPath !== ''
|
|
? '/'.ltrim($refererPath, '/')
|
|
: $path;
|
|
}
|
|
|
|
private static function isLivewireRequestPath(string $path): bool
|
|
{
|
|
return preg_match('#^/(?:livewire(?:-[^/]+)?/update|livewire-unit-test-endpoint)(?:/|$)#', $path) === 1;
|
|
}
|
|
}
|