ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
6da925bd52
TenantAtlas/specs/398-decision-page-contract-migration/tasks.md
ahmido 6da925bd52 feat: migrate decision page contracts to productized flow (#469) 
Automated PR provided by Codex via Gitea API.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #469
2026-06-22 18:16:05 +00:00

158 lines
15 KiB
Markdown
Raw Blame History

# Tasks: Spec 398 - Decision Page Contract Migration v1
**Input**: `specs/398-decision-page-contract-migration/spec.md`, `specs/398-decision-page-contract-migration/plan.md`
**Prerequisites**: Existing `/admin` decision-family surfaces, Product Surface Contract, Filament v5 / Livewire v4
**Tests**: Required. This spec changes rendered UI defaults and must include Feature/Filament proof plus focused browser smoke.
**Implementation status**: Keep all tasks unchecked until implementation work is actually completed.
## Test Governance Checklist
- [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior.
- [x] New or changed tests stay in the smallest honest family; Browser coverage is one explicit focused decision-page proof path.
- [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default; any widening is isolated or documented.
- [x] Planned validation commands cover the changed decision surfaces without pulling in unrelated lane cost.
- [x] The declared surface test profile is explicit: Product Surface Decision Page migration.
- [x] Browser proof is required because rendered UI changes are expected.
- [x] Human Product Sanity and Product Surface implementation-report close-out are planned and completed before implementation close-out.
- [x] Any material budget, baseline, trend, or escalation note is recorded in the active spec or implementation report.
## Phase 1: Discovery And Guardrails
**Purpose**: Confirm current render paths, overloaded default content, and existing tests before runtime edits.
- [x] T001 Re-read `specs/398-decision-page-contract-migration/spec.md`, `specs/398-decision-page-contract-migration/plan.md`, and `docs/product/standards/product-surface-contract.md`; record selected implementation slice in `specs/398-decision-page-contract-migration/implementation-report.md`.
- [x] T002 Inspect Baseline Compare default-visible decision, proof, readiness, diagnostics, matrix, evidence-gap, and action sections in `apps/platform/app/Filament/Pages/BaselineCompareLanding.php` and `apps/platform/resources/views/filament/pages/baseline-compare-landing.blade.php`.
- [x] T003 Inspect Baseline Compare tests that may assert old proof/diagnostics visibility in `apps/platform/tests/Feature/Filament/Spec336BaselineCompareProductProcessFlowAlignmentTest.php`, `apps/platform/tests/Feature/Filament/BaselineCompareLandingStartSurfaceTest.php`, and related Baseline Compare feature files.
- [x] T004 Inspect Restore Preview / Readiness decision sections, summary cards, preview tables, diagnostics, proof links, and safety controls in `apps/platform/app/Filament/Resources/RestoreRunResource.php`, `apps/platform/app/Filament/Resources/RestoreRunResource/Pages/CreateRestoreRun.php`, and `apps/platform/app/Filament/Resources/RestoreRunResource/Presenters/RestoreRunCreatePresenter.php`.
- [x] T005 Inspect Restore Preview tests that may assert old broad preview/readiness content in `apps/platform/tests/Feature/Filament/RestorePreviewTest.php`, `apps/platform/tests/Feature/Filament/RestoreRunPreviewProductizationTest.php`, `apps/platform/tests/Feature/Filament/Spec333RestoreCreateUxFinalProductizationTest.php`, and `apps/platform/tests/Feature/Filament/Spec390RestoreReadinessGuidanceTest.php`.
- [x] T006 Decide whether optional Risk Exception Detail is narrow enough to include by inspecting `apps/platform/app/Filament/Resources/FindingExceptionResource.php`, `apps/platform/app/Filament/Resources/FindingExceptionResource/Pages/ViewFindingException.php`, and existing Spec 354 tests.
- [x] T007 Confirm global search posture remains unchanged for `RestoreRunResource` and optional `FindingExceptionResource`; record in implementation report.
- [x] T008 Confirm destructive/high-impact actions that may be touched and their confirmation/authorization/audit coverage: Baseline Compare `Compare now`, Restore execution/confirmation, and optional Risk Exception `renew_exception` / `revoke_exception`.
- [x] T009 Decide whether existing browser tests can carry Spec 398 proof or whether a new `apps/platform/tests/Browser/Spec398DecisionPageContractMigrationSmokeTest.php` file is required; record the decision.
## Phase 2: Foundational Test Harness
**Purpose**: Add failing or adjusted tests before/alongside implementation so the decision-page contract is explicit.
- [x] T010 [P] Add or update Baseline Compare Feature/Filament assertions for one primary decision question, one primary action, top material drift/blocker visibility, no default OperationRun proof, no raw evidence links/source keys/detector output, and capped default rows.
- [x] T011 [P] Add or update Restore Preview / Readiness Feature/Filament assertions for one restore safety decision, one next action, top blockers/warnings, no default raw payload/OperationRun proof/provider responses, no all-expanded changed/unchanged/reviewed tables, and preserved safety controls.
- [x] T012 [P] If Risk Exception Detail is included, add or update assertions for hidden Source ID, Fingerprint, JSON summary payload, and raw evidence references by default while renew/revoke remain confirmed and authorized. N/A - Risk Exception deferred.
- [x] T013 Add or update authorized detail/audit path assertions for Baseline Compare and Restore Preview; include optional Risk Exception technical detail only if touched.
- [x] T014 Add or update focused browser proof in `apps/platform/tests/Browser/Spec398DecisionPageContractMigrationSmokeTest.php` unless T009 proves existing browser files cover every required surface. Existing browser files carry proof.
## Phase 3: User Story 1 - Baseline Compare Decision Migration
**Goal**: Baseline Compare answers which baseline drift requires action and what the operator should do next.
**Independent Test**: Baseline Compare Feature/Filament and browser tests pass with decision-first default content and demoted technical proof.
- [x] T015 [US1] Update Baseline Compare decision card/status mapping in `apps/platform/app/Filament/Pages/BaselineCompareLanding.php` to use Product Surface status vocabulary.
- [x] T016 [US1] Ensure `apps/platform/resources/views/filament/pages/baseline-compare-landing.blade.php` shows one primary decision question, recommendation, impact, top material drift/blockers, and one primary action above technical/proof detail.
- [x] T017 [US1] Demote OperationRun proof from default product content in `BaselineCompareLanding.php` and the Blade view; keep authorized technical/audit access where repo-supported.
- [x] T018 [US1] Move or collapse full diagnostics, evidence-gap internals, source keys, detector output, raw payloads, RBAC diagnostic grids, and full compare/matrix launch details behind secondary/detail/audit paths.
- [x] T019 [US1] Cap default Baseline Compare material drift/detail rows to at most eight visible rows, preferring top three material items for summary.
- [x] T020 [US1] Preserve `Compare now` confirmation, capability gating, OperationRun creation/link behavior, queued toast, and browser event behavior.
- [x] T021 [US1] Run the focused Baseline Compare tests selected in T010 and document results in `implementation-report.md`.
## Phase 4: User Story 2 - Restore Preview / Readiness Decision Migration
**Goal**: Restore Preview / Readiness answers whether restore is safe to continue and what must be resolved before execution.
**Independent Test**: Restore Feature/Filament and browser tests pass with a compact decision sub-surface and preserved restore safety controls.
- [x] T022 [US2] Update `RestoreRunCreatePresenter` output to prefer one restore decision status, source/target, top blockers/warnings, impact summary, and one next action.
- [x] T023 [US2] Reduce duplicate readiness/proof summaries and broad default summary card count in `RestoreRunResource` / `RestoreRunCreatePresenter` without removing safety blockers.
- [x] T024 [US2] Move or collapse raw restore payloads, OperationRun proof, internal job IDs, raw provider responses, low-level validation logs, raw backup metadata, and full diagnostics behind deliberate detail/audit paths.
- [x] T025 [US2] Cap default changed/unchanged/all-reviewed or equivalent restore preview tables to at most eight visible rows, or move full tables behind details.
- [x] T026 [US2] Preserve dry-run default behavior where applicable, acknowledgement, typed environment confirmation, confirmation protection, capability checks, and final execution gates.
- [x] T027 [US2] Preserve existing restore preparation and execution authorization tests, adding assertions only where the Product Surface migration changes visible affordances.
- [x] T028 [US2] Run the focused Restore tests selected in T011 and document results in `implementation-report.md`.
## Phase 5: User Story 3 - Optional Risk Exception Detail Cleanup
**Goal**: Include Risk Exception Detail only if the implementation remains narrow and does not reopen Spec 354.
**Independent Test**: If included, Finding Exception tests prove raw evidence fields are not default-visible and renew/revoke safety remains intact.
- [x] T029 [US3] Record the include/defer decision for Risk Exception Detail in `implementation-report.md`.
- [x] T030 [US3] If included, demote Source ID, Fingerprint, JSON summary payload, raw evidence references, detector output, and source keys from the default `FindingExceptionResource` detail view. N/A - Risk Exception deferred.
- [x] T031 [US3] If included, keep accepted-risk guidance as the top product decision using existing Spec 354 paths; do not create a new accepted-risk workflow layer. N/A - Risk Exception deferred.
- [x] T032 [US3] If included, ensure `renew_exception` and `revoke_exception` remain confirmation-protected, authorized, service-backed, notification-backed, and visually separated. N/A - Risk Exception deferred.
- [x] T033 [US3] If included, run focused Finding Exception tests selected in T012 and document results in `implementation-report.md`. N/A - Risk Exception deferred.
## Phase 6: User Story 4 - Technical Detail And Authorization Proof
**Goal**: Product simplification does not remove authorized diagnostics, auditability, or tenant/workspace isolation.
**Independent Test**: Authorized detail/audit paths remain reachable and unauthorized users do not see technical internals.
- [x] T034 [US4] Verify Baseline Compare authorized detail/audit paths remain reachable where supported and unauthorized users cannot access out-of-scope operation/evidence/baseline records.
- [x] T035 [US4] Verify Restore detail/audit/diagnostic paths remain reachable where supported and unauthorized users cannot access out-of-scope restore, backup, operation, or provider detail.
- [x] T036 [US4] If Risk Exception is included, verify evidence/detail access remains authorized and no raw fields appear by default. N/A - Risk Exception deferred.
- [x] T037 [US4] Run focused authorization/detail tests selected in T013 and document results in `implementation-report.md`.
## Phase 7: UI Coverage, Browser Proof, Product Sanity, And Validation
**Purpose**: Prove rendered UI reduction and close the Product Surface Contract gate.
- [x] T038 Update `docs/ui-ux-enterprise-audit/route-inventory.md` for every changed target surface; if a planned surface is skipped, record no-update rationale in `implementation-report.md`.
- [x] T039 Update `docs/ui-ux-enterprise-audit/design-coverage-matrix.md` for every changed target surface; if a planned surface is skipped, record no-update rationale in `implementation-report.md`.
- [x] T040 Run focused Spec 398 browser smoke for Baseline Compare and Restore Preview / Readiness, and Risk Exception Detail only if included.
- [x] T041 Capture browser proof as screenshots under `specs/398-decision-page-contract-migration/artifacts/screenshots/` or record equivalent textual proof in `implementation-report.md`.
- [x] T042 Complete Human Product Sanity review and record the result in `implementation-report.md`.
- [x] T043 Record Product Surface exceptions as `none` or document approved exceptions in `implementation-report.md`; unapproved exceptions block completion.
- [x] T044 Record Livewire v4 compliance, provider registration location, global search posture, destructive/high-impact actions, asset strategy, tests/browser result, visible complexity outcome, and deployment impact in `implementation-report.md`.
- [x] T045 Run focused Feature/Filament tests selected in T010-T013 and T034-T037; document exact commands and results.
- [x] T046 Run affected existing browser tests if shared flows changed; document exact commands and results.
- [x] T047 Run `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`.
- [x] T048 Run `git diff --check`.
- [x] T049 Confirm no application code introduced migrations, new persisted truth, new broad decision framework, Graph render calls, compatibility toggles, new assets, new routes, or panel/provider changes; record the result.
## Dependencies
- Phase 1 must complete before runtime edits.
- Phase 2 tests should be added before or alongside each corresponding implementation phase.
- Baseline Compare and Restore Preview work can proceed in parallel after discovery because they touch different primary files.
- Optional Risk Exception work depends on T006/T029 include decision.
- Browser proof and Human Product Sanity depend on all touched rendered surfaces.
## Requirement Coverage Map
| Requirement | Primary task coverage |
|---|---|
| FR-398-001 Baseline Compare decision layout | T010, T015-T016, T040-T044 |
| FR-398-002 Baseline Compare technical demotion | T010, T017-T018, T034 |
| FR-398-003 Baseline Compare table caps | T010, T019 |
| FR-398-004 Restore decision sub-surface | T011, T022-T023, T040-T044 |
| FR-398-005 Restore technical demotion | T011, T024-T025, T035 |
| FR-398-006 Restore safety preserved | T011, T026-T027 |
| FR-398-007 Risk Exception optional demotion | T012, T029-T033, T036 |
| FR-398-008 One primary action | T010-T012, T016, T022, T031 |
| FR-398-009 Authorized detail/audit paths | T013, T034-T037 |
| FR-398-010 Canonical status vocabulary | T015, T022, T044 |
| FR-398-011 High-impact action safety | T008, T020, T026, T032, T044 |
| FR-398-012 No new framework/persistence | T001, T049 |
| FR-398-013 Tests updated from old behavior | T003, T005, T010-T013, T045 |
| FR-398-014 Focused browser proof | T014, T040-T041 |
| NFR-398-001 Visible complexity decreases | T040-T044 |
| NFR-398-002 No Graph calls during render | T049 |
| NFR-398-003 Safety blockers visible | T016, T022-T026 |
| NFR-398-004 Focused browser scope | T009, T014, T040-T041 |
| NFR-398-005 Fixture/helper cost bounded | T014, T040-T046 |
## Parallel Execution Examples
```text
After Phase 1:
- Agent A: T010, T015-T021 for Baseline Compare.
- Agent B: T011, T022-T028 for Restore Preview / Readiness.
- Agent C: T012, T029-T033 only if Risk Exception is included.
- Agent D: T034-T039 coverage and authorization proof once implementation surfaces stabilize.
```
## Explicit Non-Goals For Implementation
- Do not create a new Decision Page engine, Technical Annex framework, persisted decision state, enum/status family, registry, resolver, provider abstraction, restore behavior, baseline compare engine behavior, evidence generation flow, navigation architecture, or compatibility toggle.
- Do not rewrite completed specs or remove their validation, browser, screenshot, task, or close-out history.
- Do not reopen Review Publication Resolution, Decision Register, Governance Inbox, Customer Review Workspace, receipt pages, dashboard/inbox link budgets, or system panel surfaces inside this spec.
Reference in New Issue View Git Blame Copy Permalink