## Summary - add persisted customer review acknowledgement truth with capability gating and audit emission - extend the customer review workspace with acknowledgement state, evidence basis details, and accepted-risk lifecycle visibility - add focused feature and browser coverage plus Spec 343 screenshot artifacts and UI audit updates ## Scope - Livewire v4 / Filament v5 surface only; no panel provider changes - no new global assets; no `filament:assets` deployment change for this slice - includes a PostgreSQL migration for `environment_review_acknowledgements` ## Guardrail / Exception / Smoke Coverage - reachable UI surface changed: existing `/admin/reviews/workspace` customer-safe page - UI audit updated in `docs/ui-ux-enterprise-audit/page-reports/ui-006-customer-review-workspace.md` - screenshot artifacts included under `specs/343-customer-review-attestation-accepted-risk-lifecycle/artifacts/screenshots/` - spec package includes plan, tasks, repo-truth map, and state contract for the implemented slice ## Notes - target branch requested: `platform-dev` - branch pushed from commit `aaaad441fd13dbac54e971ab48765c502ced6b3f` Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #415
127 lines
4.5 KiB
Markdown
127 lines
4.5 KiB
Markdown
# Spec 343 - Review Attestation & Accepted Risk State Contract
|
|
|
|
Status: draft
|
|
Created: 2026-06-01
|
|
Scope: Derived UI state contract for Customer Review Workspace acknowledgement + accepted-risk lifecycle
|
|
|
|
This document defines the **derived display contract** for Spec 343. It is not a new persisted truth source. The UI must not fabricate states; unsupported concepts must render as `not available` or `deferred`.
|
|
|
|
## Contract Rules
|
|
|
|
- Derived-only: all states come from repo-backed models/fields (plus “absence of record”).
|
|
- No legal/e-signature semantics.
|
|
- No compliance/certification claims.
|
|
- Diagnostics are collapsed by default and capability-gated.
|
|
|
|
## Recommended Contract Shape (illustrative)
|
|
|
|
Exact implementation may differ, but the UI should consume one coherent contract where practical:
|
|
|
|
```php
|
|
[
|
|
'review' => [
|
|
'id' => 123,
|
|
'status' => 'published',
|
|
],
|
|
'attestation' => [
|
|
'state' => 'required', // not_available | required | acknowledged | re_ack_required
|
|
'label' => 'Customer acknowledgement required',
|
|
'reason' => 'Review pack is available, but no acknowledgement is recorded.',
|
|
'impact' => 'The review is consumable, but not yet acknowledged.',
|
|
'primary_next_action' => 'Acknowledge review',
|
|
'basis' => [
|
|
'review_pack' => 'available', // available | not_available | preparing | expired | unknown
|
|
'evidence' => 'available', // available | incomplete | not_available | unknown
|
|
],
|
|
],
|
|
'accepted_risks' => [
|
|
'total' => 3,
|
|
'expiring' => 1,
|
|
'expired' => 1,
|
|
'pending' => 0,
|
|
'missing_support' => 0,
|
|
'missing_required_fields' => 1,
|
|
],
|
|
'diagnostics_state' => 'collapsed',
|
|
]
|
|
```
|
|
|
|
## Attestation States
|
|
|
|
### 1) Not Available
|
|
|
|
Use only when repo truth shows acknowledgement is intentionally unsupported.
|
|
|
|
| Field | Contract |
|
|
|---|---|
|
|
| Visible status | Acknowledgement not available |
|
|
| Reason | This review does not support acknowledgement yet. |
|
|
| Impact | Review consumption is available, but acknowledgement is not tracked. |
|
|
| Primary next action | Review accepted risks / findings |
|
|
| Action | None (no fake acknowledge button) |
|
|
| Diagnostics default | Collapsed |
|
|
|
|
### 2) Required
|
|
|
|
| Field | Contract |
|
|
|---|---|
|
|
| Visible status | Customer acknowledgement required |
|
|
| Reason | Review pack (and/or evidence basis) is available, but no acknowledgement is recorded. |
|
|
| Impact | The review can be consumed, but acknowledgement is not yet tracked. |
|
|
| Primary next action | Acknowledge review |
|
|
| Action | Show acknowledge action only when authorized |
|
|
| Diagnostics default | Collapsed |
|
|
|
|
### 3) Acknowledged
|
|
|
|
| Field | Contract |
|
|
|---|---|
|
|
| Visible status | Review acknowledged |
|
|
| Reason | A customer/stakeholder acknowledgement is recorded. |
|
|
| Impact | Review consumption has an audit trail. |
|
|
| Primary next action | Review accepted risks |
|
|
| Action | No “revoke” in v1 unless explicitly in scope + authorized |
|
|
| Diagnostics default | Collapsed |
|
|
|
|
### 4) Re-acknowledgement Required
|
|
|
|
Use only when repo truth can detect basis drift after acknowledgement (e.g., review pack/evidence snapshot changed).
|
|
|
|
| Field | Contract |
|
|
|---|---|
|
|
| Visible status | Re-acknowledgement required |
|
|
| Reason | Review content changed after the last acknowledgement. |
|
|
| Impact | Previous acknowledgement may no longer represent the current review package. |
|
|
| Primary next action | Re-acknowledge review |
|
|
| Diagnostics default | Collapsed |
|
|
|
|
## Accepted Risk Lifecycle Contract
|
|
|
|
Accepted risks are sourced from `FindingException` (and their decisions). Customer-safe display should map to these lifecycle signals where repo-backed:
|
|
|
|
- total accepted risks on record
|
|
- expiring soon
|
|
- expired
|
|
- pending approval
|
|
- missing governance support (`missing_support`)
|
|
- missing required fields for defensible governance (owner/rationale/review date), when repo-backed
|
|
|
|
### Copy boundaries
|
|
|
|
- “No accepted risks recorded for this review” is allowed when the count is zero.
|
|
- “No risks exist” is forbidden unless there is a separate, explicit product truth that proves it (not expected).
|
|
|
|
## Evidence / Review Pack Basis
|
|
|
|
Every attestation state should show what it is based on:
|
|
|
|
- review pack availability/status
|
|
- evidence snapshot availability/completeness
|
|
- audit linkage availability (only if repo-backed)
|
|
|
|
If evidence is missing:
|
|
|
|
- show “Evidence basis unavailable” (truthful)
|
|
- do not block acknowledgement unless the product explicitly requires evidence for acknowledgement (decision must be recorded in spec if introduced)
|
|
|