ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
9e435ea91f
TenantAtlas/docs/ui-ux-enterprise-audit/page-reports/ui-042-review-pack-detail.md
ahmido 9cd06e8b66 feat: review pack pdf and html renderer v1 (spec 356) (#427) 
Implemented the first version of the PDF and HTML renderer for review packs. Added ReviewPackRenderedReportController and related blade views to render reports. Updated EnvironmentReviewResource, ReviewPackResource, ReviewPackService, and routing. Added new tests for the renderer and download actions, and updated UI documentation.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #427
2026-06-05 20:39:13 +00:00

2.8 KiB
Raw Blame History

UI-042 Review Pack Detail

Field Value
Route /admin/workspaces/{workspace}/environments/{environment}/review-packs/{record}
Source ReviewPackResource::view
Area / scope Reviews / environment artifact detail
Archetype Evidence / Audit
Design depth Strategic Surface
Repo truth repo-verified
Screenshot -
Browser status Reached in the live in-app browser on 2026-06-05 via the Spec 351 review-output fixture; verified the preview-first action model, ZIP download secondary action, and customer-workspace return context.

First Five Seconds

The page should answer three questions immediately:

  1. is this pack the current stakeholder-safe export or only a historical artifact
  2. should the actor open the rendered report, download the ZIP, or stop
  3. does this surface permit operator mutation or only read-first inspection

Productization Review

  • Decision-first: Spec 356 moves the primary inspect path to the rendered report instead of treating ZIP download as the first read.
  • Evidence-first: status, expiry, evidence snapshot linkage, and package contract stay visible as artifact truth.
  • Context: environment-bound artifact detail with optional customer-workspace return context.
  • Capability/RBAC awareness: preview and download remain view-authorized; regenerate stays manage-only and confirmation-gated.
  • Customer/auditor safety: rendered preview is only available for the current ready non-expired review-derived pack.
  • Diagnostics/default hierarchy: the ZIP remains the structured appendix and downloadable artifact, not the first-read surface.

Information Inventory

Default-visible content should show pack status, generated/expiry timing, linked review/evidence context, sharing boundary, executive entrypoint guidance, and the current rendered-report launch affordance.

Dangerous Actions

  • Dangerous or high-impact actions: regenerate on the operator detail surface.
  • Current confirmation/evidence posture: regenerate is capability-gated and ->requiresConfirmation(); customer-workspace flow suppresses it entirely.
  • Target handling: keep preview and download read-only; do not let historical/expired packs impersonate the current report path.

Spec 356 Follow-up

Spec 356 productizes this page as the owner-side artifact detail:

  • Open rendered report is now the primary action for current ready packs.
  • ZIP download remains available as the structured appendix artifact.
  • Customer-workspace detail flow keeps regenerate hidden so the page does not compete with read-first stakeholder handoff.

Target Direction

Keep this surface artifact-truth-first and narrowly scoped. Future work should deepen proof hierarchy and browser evidence, not invent a second portal or artifact family.