TenantAtlas/specs/351-review-output-resolve-actions-v1/contracts/review-output-resolve-action-map.md
ahmido d4e4d2d109 feat: review output resolve actions v1 (spec 351) (#422)
Implemented the first version of review output resolve actions. Included a ReviewOutputResolveActionMapper, commands to seed browser fixtures, updated CustomerReviewWorkspace, EnvironmentReviewResource, UI enforcement, and related views. Also added extensive unit, feature, and browser tests, and updated the design coverage matrix.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #422
2026-06-04 00:55:02 +00:00

5.2 KiB

Review Output Resolve Action Map: Spec 351

Status: preparation contract
Updated: 2026-06-03
Feature: specs/351-review-output-resolve-actions-v1/spec.md

This file records which candidate resolve actions are truly repo-backed today, where they come from, and what fallback the mapper must use when the execution surface is missing or unsafe.

Action Matrix

Candidate action Repo-backed today? Current source Capability / policy Mutating? Confirmation today? Audit / OperationRun behavior Allowed UI contexts now Fallback if unavailable
Open successor review partial existing Environment Review view route via EnvironmentReviewResource::environmentScopedUrl() when a target review is already known existing view policy no n/a no new audit / run detail or workspace only when a concrete successor review target is known Create next review or review/detail fallback
Create next review yes ViewEnvironmentReview::createNextReviewAction() -> EnvironmentReviewLifecycleService::createNextReview() Capabilities::ENVIRONMENT_REVIEW_MANAGE, EnvironmentReviewPolicy::createNextReview() yes no current confirmation audit: EnvironmentReviewSuccessorCreated; successor review creation reuses existing review composition OperationRun path detail today; workspace can reuse as page action review/detail fallback
Refresh review yes ViewEnvironmentReview::refreshReviewAction() -> EnvironmentReviewService::refresh() Capabilities::ENVIRONMENT_REVIEW_MANAGE, EnvironmentReviewPolicy::refresh() yes yes audit: EnvironmentReviewRefreshed; review composition OperationRun path reused detail today; workspace can reuse as page action Open evidence basis
Publish review yes ViewEnvironmentReview::publishReviewAction() -> EnvironmentReviewLifecycleService::publish() Capabilities::ENVIRONMENT_REVIEW_MANAGE, EnvironmentReviewPolicy::publish() yes yes audit: EnvironmentReviewPublished; no new run detail today; workspace can reuse as page action open review / detail fallback
Open evidence basis yes existing Evidence Snapshot detail route from review surfaces Capabilities::EVIDENCE_VIEW for link visibility no n/a none workspace and detail today open review / limitations fallback
Refresh evidence yes, but outside review-output surfaces ViewEvidenceSnapshot::refresh_evidence -> EvidenceSnapshotService::refresh() Capabilities::EVIDENCE_MANAGE yes yes evidence-owned audit/queue semantics evidence detail only today Open evidence basis
Open operation proof yes OperationRunLinks::tenantlessView() or scoped operation link current operation visibility no n/a none workspace and detail today when a run URL exists review/detail fallback
Download internal review pack yes EnvironmentReviewResource::currentReviewPackDownloadUrlFor() Capabilities::REVIEW_PACK_VIEW no n/a current download audit path remains workspace and detail today when pack is ready review/detail fallback
Review section limitations yes current review detail URL existing view policy no n/a none workspace and detail today review/detail fallback
Review PII / redaction state yes as disclosure/navigation current review detail URL and current output-guidance limitations existing view policy no n/a none workspace and detail today review/detail fallback
Review output limitations yes as disclosure/navigation current review detail URL and current output-guidance limitations existing view policy no n/a none workspace and detail today none

Primary Ranking Rules For Spec 351

Use this order, but only when the action is truly safe and available on the current surface:

  1. Open successor review when a concrete successor review target is known.
  2. Create next review for blocked or limited published reviews.
  3. Refresh review for mutable blocked reviews.
  4. Publish review for ready mutable reviews.
  5. Open evidence basis when no stronger review lifecycle action is safely executable.
  6. Open operation proof or review/detail disclosure when the blocker is proof-owned or no execution path exists.

Hard Constraints

  • Do not emit successor-review-open navigation unless a concrete target review ID is known.
  • Do not emit executable actions that bypass existing confirmation, authorization, audit, or service-owned OperationRun semantics.
  • If a workspace viewer lacks the manage capability, downgrade executable review actions to truthful fallback navigation/disclosure.
  • If create_next_review is used as a dominant executable CTA, the implementation must add confirmation before reuse; otherwise it must degrade to truthful navigation/disclosure fallback.
  • Do not create a new generic action engine; reuse Filament page/record actions.

Deferred Actions

These are real or plausible adjacent actions, but they are outside the primary Spec 351 slice unless implementation proves they are needed without broadening scope:

  • workspace-side refresh_evidence
  • provider-readiness actions
  • governance-inbox top recommendation reuse
  • environment-dashboard resolve-action reuse