ahmido
2f7a521d5f
## Summary - add the full workspace/environment context browser verification audit for Spec 313 - include the surface matrix, query and clear-filter inventories, ownership map, and audit report - attach browser evidence artifacts and screenshots for the current workspace/environment context contract ## Testing - no automated tests run; this is an analysis-only spec and artifact package with no runtime changes Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #368
3.5 KiB
3.5 KiB
Query Parameter Inventory
| Query param | Pages using it | Identifier type | Allowed? | Visible to user? | Clearable? | Persisted? | Conflicts | Notes |
|---|---|---|---|---|---|---|---|---|
tenant |
Finding Exceptions Queue, Customer Review Workspace, Governance Inbox, Baseline Compare, Baseline Profiles, Baseline Snapshots | slug/external id for most pages; sometimes accepted as database id | Conditional | Sometimes | Inconsistent | Sometimes converted into table/session filter | Conflicts with managed_environment_id naming and route tenant semantics |
Browser: tenant=<slug> showed visible filter on Finding Exceptions and Customer Reviews; Customer Reviews clear did not remove URL and reload restored visible filter. |
tenant_id |
Legacy searches, compatibility code, tests | mixed | No for new context contract | Rarely | Unknown | Unknown | Conflicts with database key semantics | No high-risk browser route required tenant_id; keep as legacy cleanup target. |
managed_environment_id |
Operations, Provider Connections, Evidence Overview, Review Register, Decision Register, table filters | mixed: database id on Operations/Evidence/Reviews/Decision; slug/external id on Provider Connections | Conditional explicit filter only | Sometimes | Inconsistent | Yes through Livewire/Filament table filters on several pages | Same name carries different identifier types | Browser: Operations accepted DB id but showed "All environments"; Provider Connections accepted slug and filtered rows with no page-level clear. |
environment_id |
Search hits and compatibility code | unknown | No for new admin context contract | Not observed | Unknown | Unknown | Competes with managed_environment_id |
Not observed in browser URLs during audited flows. |
tenant_scope |
Operations | enum/string (all) |
Allowed for explicit all-environment view | Partly | Via Show all environments action | Query-backed | Interacts with managed_environment_id |
Code sets tenant_scope=all when clearing operation environment context, but the environment CTA flow did not expose a direct Clear filters action. |
tableFilters |
Filament table state across list pages; route/query search hits | serialized Livewire/Filament state | Avoid for durable environment context | Usually hidden behind filter UI | Inconsistent | Yes | Can override sidebar intent after hydration | Code state contracts mark several tableFilters carriers as session-restorable and tenant-sensitive. |
activeTab |
Operations dashboard CTA | string enum | Allowed for operations lane | Visible as tabs | Via URL/tab navigation | Query-backed | Combines with problemClass and tenant filter |
CTA used activeTab=terminal_follow_up. |
problemClass |
Operations dashboard CTA | string enum | Allowed for operations lane | Visible as tab/filters | Via URL/tab navigation | Query-backed | Can mask tenant filter impact | CTA used problemClass=terminal_follow_up. |
register_state |
Decision Register | string enum | Allowed for register lane | Visible as register tab/count | Link-based | Query-backed | Page access depends on current/filtered state | Workspace clean URL 403 for audited actor, but managed_environment_id=4 opened the page. |
Key Finding
The same logical environment prefilter is represented by at least tenant, managed_environment_id, tenant_scope, and hidden tableFilters. Identifier type also drifts: Provider Connections uses environment slug/external id under managed_environment_id, while Operations/Evidence/Reviews/Decision use database ids under the same param name.