TenantAtlas/specs/315-environment-cta-explicit-filter-contract/tasks.md

Tasks: Environment CTA Explicit Filter Contract

Input: spec.md, plan.md
Prerequisites: Spec 313 audit context and Spec 314 clean sidebar/global workspace hub contract are treated as completed baseline context.

Important: These are implementation tasks for the next phase. This preparation pass does not implement runtime code.

Phase 1: Guardrails and Baseline

• T001 Verify the work starts from branch 315-environment-cta-explicit-filter-contract and the worktree has no unrelated user changes before runtime edits.
• T002 Re-read Spec 313 and Spec 314 summaries for the sidebar/global clean-entry baseline before changing workspace hub query behavior.
• T003 Confirm current Laravel/Filament/Livewire versions through Laravel Boost application_info before implementation.
• T004 Confirm no migration, seeder, package, env var, queue, scheduler, storage, or deployment asset change is required.
• T005 Identify the concrete Environment Dashboard and Environment-owned CTA/link call sites that target critical workspace hubs.

Phase 2: Tests First - Canonical Contract

• T006 Add focused resolver tests for a valid environment_id, absent environment_id, malformed environment_id, and cross-workspace environment_id.
• T007 Add it_environment_owned_ctas_use_environment_id_for_workspace_hub_filters covering Operations, Governance Inbox, Decision Register, Finding Exceptions Queue, Provider Connections, Evidence, Reviews, and Customer Reviews.
• T008 Add it_workspace_hubs_accept_environment_id_as_explicit_filter for critical hubs with visible chip, filtered seeded data where available, and clean clear link assertions.
• T009 Add it_workspace_hubs_do_not_apply_legacy_environment_filter_params covering tenant, tenant_id, managed_environment_id, tenant_scope, environment, and tableFilters.
• T010 Add it_environment_filter_must_belong_to_current_workspace for at least one representative hub, then extend through shared resolver coverage.
• T011 Add it_environment_filtered_workspace_hubs_keep_workspace_shell_context for critical hubs where shell/context assertions are testable.
• T012 Add it_environment_filtered_workspace_hubs_do_not_show_all_environments_as_primary_scope covering Operations, Provider Connections, Customer Reviews, and Finding Exceptions Queue.
• T013 Add it_environment_filter_chip_clear_link_points_to_clean_workspace_hub_url for each critical hub.
• T014 Add it_sidebar_workspace_hub_entry_remains_clean_after_environment_cta_filter_work as a Spec 314 regression test.
• T015 Add it_decision_register_supports_clean_and_environment_filtered_workspace_urls.

Phase 3: Shared Resolver and URL Contract

• T016 Create or reuse apps/platform/app/Support/Navigation/WorkspaceHubEnvironmentFilter.php as a narrow request-scoped resolver.
• T017 Make the resolver read only environment_id and ignore all legacy keys as filter inputs.
• T018 Make the resolver validate Managed Environment by primary key inside the current Workspace only.
• T019 Make invalid or cross-workspace environment_id return 404 or the existing safe no-access convention without leaking existence.
• T020 Add resolver helpers for hasFilter(), environment(), environmentId(), displayName(), applyToQuery(), and clean hub clear URL generation, adjusted to repo style.
• T021 Keep the resolver independent from Filament::getTenant(), remembered Environment state, provider external tenant IDs, slugs, and workspace switching.
• T022 Update WorkspaceHubRegistry only as needed to keep Spec 314 clean-entry behavior separate from valid explicit Environment CTA filter entry.

Phase 4: Environment-Owned CTA URL Hard Cutover

• T023 Update apps/platform/app/Support/ManagedEnvironmentLinks.php so workspace hub Environment filters use environment_id with the Managed Environment database ID.
• T024 Update apps/platform/app/Support/Operations/OperationRunLinks.php where Environment-owned links target workspace hubs.
• T025 Update Environment Dashboard cards/header actions to emit environment_id for in-scope workspace hub CTAs.
• T026 Update Environment Governance Overview, provider readiness/onboarding, required permissions, permission posture, findings/drift, evidence, review, support, report, and provider connection link helpers where they target workspace hubs.
• T027 Remove CTA generation of tenant, tenant_id, managed_environment_id, tenant_scope, environment, and tableFilters for Environment CTA filter behavior.
• T028 Add or update tests proving no Environment-owned CTA to a workspace hub emits legacy Environment filter params.

Phase 5: Shared Visible Filter Chip

• T029 Create or reuse a shared chip partial/primitive under apps/platform/resources/views/filament/ for workspace hub Environment filters.
• T030 Ensure the chip renders only for a valid resolver result and displays Environment filter: {display name} or equivalent Environment wording.
• T031 Ensure the chip includes a Clear filter link to the clean workspace hub URL without environment_id or legacy params.
• T032 Ensure the chip does not use Tenant, current tenant, active Environment shell wording, ad-hoc status colors, or a new styling system.

Phase 6: Critical Hub Runtime Changes

• T033 Update Operations to read the shared resolver, accept only environment_id, filter data to the selected Environment, render the shared chip, and avoid primary All environments wording while filtered.
• T034 Update Governance Inbox to hard-cut existing Environment filtering to environment_id, render the shared chip, filter data, and keep clean URL workspace-wide.
• T035 Update Decision Register to hard-cut existing Environment filtering to environment_id, support clean and filtered URLs, render the shared chip, and avoid 403 caused by absent filter.
• T036 Update Finding Exceptions Queue to replace legacy tenant CTA query behavior with environment_id, render the shared chip, filter data, and keep clean URL workspace-wide.
• T037 Update Provider Connections / Integrations to accept only environment_id for explicit Environment CTA filtering and avoid provider external tenant ID as the CTA filter key.
• T038 Update Evidence Overview to accept only environment_id, render the shared chip, filter rows/search/list data consistently, and document if filtering remains in-memory.
• T039 Update Reviews / Review Register to accept only environment_id, render the shared chip, filter review list data, and keep clean URL workspace-wide.
• T040 Update Customer Review Workspace to accept only environment_id, render the shared chip, filter customer-safe data, and remain workspace-scoped.

Phase 7: Conditional Hubs and Exclusions

• T041 Classify Audit Log as Environment-filterable or not. If filterable, implement environment_id and visible chip; otherwise prevent Environment CTAs from passing filters and document exclusion.
• T042 Classify Alerts / Alert Deliveries / Rules / Destinations as Environment-filterable or not, then implement or exclude according to the spec.
• T043 Classify Reports / Stored Reports as workspace-owned Environment-filterable or environment-routed, then implement or exclude according to the spec.
• T044 Classify Support Requests as workspace-owned Environment-filterable or out of scope, then implement or exclude according to the spec.

Phase 8: Legacy Alias Rejection and Clean Entry Regression

• T045 Search for workspace hub parsing of tenant, tenant_id, managed_environment_id, tenant_scope, environment, and tableFilters; remove or quarantine acceptance for the Spec 315 Environment CTA filter contract.
• T046 Preserve any unrelated legacy behavior only when outside Environment CTA filter scope, and document any intentionally deferred cleanup for Spec 317.
• T047 Re-run Spec 314 workspace hub navigation tests to confirm sidebar/global clean entry remains workspace-wide.
• T048 Verify clean hub URLs do not restore Environment filter state through remembered Environment or shell context.

Phase 9: Browser Verification

• T049 Start the local platform stack using Sail or the repo's platform dev command.
• T050 Run Flow A from Environment Dashboard CTA for Operations, Governance Inbox, Decision Register, Finding Exceptions Queue, Provider Connections, Evidence, Reviews, and Customer Reviews.
• T051 Run Flow B clean sidebar/global regression for the same critical hubs.
• T052 Run Flow C clear-link smoke for the same critical hubs.
• T053 Save screenshots where useful under specs/315-environment-cta-explicit-filter-contract/artifacts/screenshots/.
• T054 Document any clear-filter limitations deferred to Spec 316.

Phase 10: Final Validation

• T055 Run focused Pest tests for Spec 315 resolver, CTA URL, page contract, legacy param rejection, cross-workspace rejection, clear link, Decision Register, and sidebar regression coverage.
• T056 Run existing related Spec 314 tests to prove no clean-entry regression.
• T057 Run formatting/static checks expected by the touched files, including Pint if PHP files changed.
• T058 Run git diff --check.
• T059 Prepare final implementation report with changed behavior, canonical filter, files changed, tests, browser verification, remaining follow-ups, hubs supporting environment_id, CTAs updated, legacy params removed/ignored, intentional exclusions, and clear-filter limitations.
• T060 Confirm final report states no migrations, seeders, packages, env vars, queues, scheduler, storage changes, compatibility layer, or legacy alias support were introduced.

Explicit Non-Tasks

• NT001 Do not implement full persisted/session/deferred clear-filter internals; leave to Spec 316 unless immediate clean URL correctness fails.
• NT002 Do not perform broad legacy Tenant / Environment naming cleanup; leave to Spec 317.
• NT003 Do not build durable browser regression guard infrastructure; leave to Spec 318.
• NT004 Do not make workspace hubs Environment-owned pages.
• NT005 Do not introduce dual-param support, compatibility middleware, or adapter layers.