ahmido b159dacd36 feat: clean up legacy tenant environment context (#372 )

## Summary
- remove legacy tenant-scoped routing and middleware paths in favor of the current environment/workspace context flow
- update Filament pages and resources to use the cleaned-up admin surface and environment filter context
- add the related spec 317 artifacts and targeted tests for environment filter state and legacy context cleanup

## Testing
- not run as part of this commit/push/PR workflow

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #372

2026-05-16 18:25:36 +00:00

3.3 KiB

Raw Blame History

Spec 317 Tenant Usage Allowlist

Status: implementation allowlist Updated: 2026-05-16

Spec 317 blocks legacy Tenant language only when it models TenantPilot platform context. Tenant remains allowed when it means external provider identity, historical evidence, or existing domain vocabulary explicitly outside this cleanup.

Scan Paths

Guard tests should scan these current-truth paths:

apps/platform/app
apps/platform/resources
apps/platform/routes
apps/platform/tests/Feature/Guards
apps/platform/tests/Feature/Navigation
apps/platform/tests/Feature/Reviews
docs/product/spec-candidates.md
docs/product/roadmap.md
docs/product/principles.md
docs/ui
docs/architecture-guidelines.md
docs/filament-guidelines.md
docs/testing-guidelines.md

Completed historical specs, audit archives, and old research reports are not scanned as current product truth unless a current doc links to them as the active contract.

Allowed Provider-Boundary Tenant Usage

These terms are allowed when they clearly mean Microsoft, Entra, Graph, OAuth, or external provider identity:

provider_tenant_id
external_tenant_id
microsoft_tenant_id
entra_tenant_id
azure_tenant_id
tenantId in Graph or provider payloads
OAuth authority tenant segments
Microsoft tenant
Entra tenant
Provider tenant ID
Cross-tenant Microsoft/Entra feature names
Tenant-level Microsoft 365 configuration when describing provider-native product concepts

Allowed Existing Domain Vocabulary

These remain allowed in Spec 317 unless they become a Workspace hub filter/source:

tenant relationship methods on tenant-owned Eloquent models
tenant variables in existing tests that represent ManagedEnvironment fixtures
TenantOperability* services, questions, outcomes, and existing capability semantics
tenant isolation / tenant-owned data wording in security, architecture, and testing guidelines
Filament::getTenant() on environment-owned pages, widgets, and resources where the route is explicitly environment-bound

Disallowed Platform-Context Usage

These are disallowed for Workspace hub Environment filtering, generated links, shell scope, and current product-truth UI/docs:

tenant, tenant_id, managed_environment_id, tenant_scope, environment, or tableFilters as public Workspace hub Environment filter keys
tenantPrefilterUrl()
tenantScopedUrl()
CanonicalAdminTenantFilterState
WorkspaceScopedTenantRoutes
TenantPageCategory
EnsureFilamentTenantSelected
lastTenantId, rememberedTenant, rememberTenantContext, and related session key names
active /admin/t route family or TenantPanelProvider
Filament::getTenant() as a Workspace hub default scope, authorization fallback, URL source, or shell context

Review Rules

Provider-boundary Tenant language must be specific: use Microsoft tenant, Entra tenant, or Provider tenant ID when visible to operators.
Platform context must use Workspace, Environment, or Managed Environment.
Do not add compatibility aliases for renamed helpers, classes, routes, or query keys.
Do not rename provider-boundary columns or Graph payload keys for cosmetic reasons.
Add a new inventory row before allowing any active runtime Tenant-named platform seam to remain.

3.3 KiB Raw Blame History