ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
9e435ea91f
TenantAtlas/specs/297-managed-environment-canonical-route-cutover/research.md
ahmido 3ec582a182 feat: retire legacy tenant route surfaces (#352) 
## Summary
- retire legacy `/admin/t` and active `/admin/tenants` product surfaces in favor of canonical workspace-scoped managed-environment routes
- centralize runtime URL generation through `ManagedEnvironmentLinks` and update intended URL handling to reject legacy tenant paths
- remove dormant tenant panel runtime, rename test helpers to the admin environment context, and add guard coverage for route/helper regressions

## Validation
- targeted Feature guard, workspace, provider connection, required permissions, and Filament test lanes run under Sail
- browser smoke coverage run for provider connection and workspace RBAC environment access flows
- formatting and diff checks completed with Pint and `git diff --check`

## Notes
- Filament remains on v5 with Livewire v4
- provider registration stays in `apps/platform/bootstrap/providers.php`
- retired tenant resource global search is disabled and destructive action confirmation rules remain unchanged

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #352
2026-05-12 23:35:03 +00:00

79 lines
4.8 KiB
Markdown
Raw Blame History

# Research: Managed Environment Canonical Route Cutover & Legacy Tenant Surface Retirement
**Date**: 2026-05-12
**Scope**: Preparation research only. No application implementation performed.
## Decisions
### Decision 1: Default legacy behavior is 404, not compatibility redirect
**Decision**: `/admin/t...` and unsafe `/admin/tenants...` requests should be absent or return 404. A redirect is allowed only when the implementation can prove a unique, authorized workspace + managed-environment canonical URL.
**Rationale**: The repo is pre-production under LEAN-001. Compatibility shims would preserve old product truth and contradict the explicit user instruction.
**Alternatives rejected**:
- Keep `/admin/tenants...` as hidden compatibility routes: rejected because hidden-but-routable surfaces still become test/runtime truth.
- Redirect all old tenant URLs broadly: rejected because workspace/environment resolution can be ambiguous and unsafe.
### Decision 2: Canonical link generation gets one owner
**Decision**: Use an existing repo-real managed-environment route helper if present. If none exists, add a bounded `ManagedEnvironmentLinks` helper that maps only current workspace/environment objects to current named routes.
**Rationale**: Route names are currently spread through Filament resources/pages/tests. Centralizing the canonical contract makes guard tests meaningful without creating a routing framework.
**Alternatives rejected**:
- Scatter `route(...)` calls in each runtime surface: rejected because it recreates drift.
- Add a generic route registry/framework: rejected as disproportionate for current release truth.
### Decision 3: TenantPanelProvider should be deleted if no true dependency exists
**Decision**: Delete `TenantPanelProvider.php` when implementation confirms no runtime registration/dependency. If deletion is blocked, document the true dependency and guard against any route/provider activation.
**Rationale**: Dormant runtime-ready panel code is a resurrection risk after the cutover.
**Alternatives rejected**:
- Leave the file as dormant code: rejected because it keeps tenant panel reactivation cheap and ambiguous.
- Keep tests that require the file to exist: rejected because tests should protect route/provider behavior, not dead code.
### Decision 4: Test helper vocabulary must change without alias
**Decision**: Replace `setTenantPanelContext()` with a canonical admin/workspace/environment helper such as `setAdminEnvironmentContext()` or `setManagedEnvironmentContext()` and keep no alias.
**Rationale**: The helper name is product semantics. Keeping an alias preserves the retired panel as current test truth.
**Alternatives rejected**:
- Keep alias for migration ease: rejected under LEAN-001 and explicit user instruction.
- Rename only new tests: rejected because old tests would still encode the wrong product model.
### Decision 5: Technical `Tenant` references may remain only as implementation detail
**Decision**: Internal model/table/class names may remain where DB/model rename is out of scope. Product-facing routes, copy, and link truth must move to workspace/managed-environment terminology.
**Rationale**: The spec explicitly forbids a DB rename migration and targets product, routing, UI, test, and link truth.
**Alternatives rejected**:
- Rename all Tenant classes/tables now: rejected as out of scope and high blast radius.
- Leave user-facing tenant-first copy in touched files: rejected because it contradicts the cutover.
## Repo Findings From Preparation Audit
| Finding | Evidence | Decision |
|---|---|---|
| Active `/admin/tenants` routes remain | `route:list --path=admin/tenants` shows TenantResource index/view/edit/memberships | Retire as active product surface |
| Canonical environment routes exist | `route:list --path=admin/workspaces` shows `/admin/workspaces/{workspace}/environments...` and workspace operations | Reuse as canonical target |
| TenantPanelProvider exists | `apps/platform/app/Providers/Filament/TenantPanelProvider.php` | Delete if no true dependency |
| Old helper remains | `apps/platform/tests/Pest.php` defines `setTenantPanelContext()` | Rename with no alias |
| Runtime/test legacy link calls remain | `rg` finds TenantResource/TenantDashboard/TenantRequiredPermissions URL generation | Replace or document allowed technical references |
## Open Research Items For Implementation
- Exact repo-real helper owner, if any, for managed-environment links.
- Exact route names for environment index/detail and access-scope route after TenantResource retirement.
- Whether TenantResource can be removed from discovery directly or must be moved/neutralized to preserve internal tests during the cutover.
- Whether any old `/admin/tenants...` request can be safely resolved to a canonical workspace/environment URL. Default remains 404.
Reference in New Issue View Git Blame Copy Permalink