TenantAtlas/specs/351-review-output-resolve-actions-v1/contracts/review-output-resolve-action-map.md
ahmido d4e4d2d109 feat: review output resolve actions v1 (spec 351) (#422)
Implemented the first version of review output resolve actions. Included a ReviewOutputResolveActionMapper, commands to seed browser fixtures, updated CustomerReviewWorkspace, EnvironmentReviewResource, UI enforcement, and related views. Also added extensive unit, feature, and browser tests, and updated the design coverage matrix.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #422
2026-06-04 00:55:02 +00:00

52 lines
5.2 KiB
Markdown

# Review Output Resolve Action Map: Spec 351
**Status**: preparation contract
**Updated**: 2026-06-03
**Feature**: `specs/351-review-output-resolve-actions-v1/spec.md`
This file records which candidate resolve actions are truly repo-backed today, where they come from, and what fallback the mapper must use when the execution surface is missing or unsafe.
## Action Matrix
| Candidate action | Repo-backed today? | Current source | Capability / policy | Mutating? | Confirmation today? | Audit / `OperationRun` behavior | Allowed UI contexts now | Fallback if unavailable |
|---|---|---|---|---|---|---|---|---|
| Open successor review | partial | existing Environment Review view route via `EnvironmentReviewResource::environmentScopedUrl()` when a target review is already known | existing `view` policy | no | n/a | no new audit / run | detail or workspace only when a concrete successor review target is known | `Create next review` or review/detail fallback |
| Create next review | yes | `ViewEnvironmentReview::createNextReviewAction()` -> `EnvironmentReviewLifecycleService::createNextReview()` | `Capabilities::ENVIRONMENT_REVIEW_MANAGE`, `EnvironmentReviewPolicy::createNextReview()` | yes | **no current confirmation** | audit: `EnvironmentReviewSuccessorCreated`; successor review creation reuses existing review composition `OperationRun` path | detail today; workspace can reuse as page action | review/detail fallback |
| Refresh review | yes | `ViewEnvironmentReview::refreshReviewAction()` -> `EnvironmentReviewService::refresh()` | `Capabilities::ENVIRONMENT_REVIEW_MANAGE`, `EnvironmentReviewPolicy::refresh()` | yes | yes | audit: `EnvironmentReviewRefreshed`; review composition `OperationRun` path reused | detail today; workspace can reuse as page action | `Open evidence basis` |
| Publish review | yes | `ViewEnvironmentReview::publishReviewAction()` -> `EnvironmentReviewLifecycleService::publish()` | `Capabilities::ENVIRONMENT_REVIEW_MANAGE`, `EnvironmentReviewPolicy::publish()` | yes | yes | audit: `EnvironmentReviewPublished`; no new run | detail today; workspace can reuse as page action | open review / detail fallback |
| Open evidence basis | yes | existing Evidence Snapshot detail route from review surfaces | `Capabilities::EVIDENCE_VIEW` for link visibility | no | n/a | none | workspace and detail today | open review / limitations fallback |
| Refresh evidence | yes, but outside review-output surfaces | `ViewEvidenceSnapshot::refresh_evidence` -> `EvidenceSnapshotService::refresh()` | `Capabilities::EVIDENCE_MANAGE` | yes | yes | evidence-owned audit/queue semantics | evidence detail only today | `Open evidence basis` |
| Open operation proof | yes | `OperationRunLinks::tenantlessView()` or scoped operation link | current operation visibility | no | n/a | none | workspace and detail today when a run URL exists | review/detail fallback |
| Download internal review pack | yes | `EnvironmentReviewResource::currentReviewPackDownloadUrlFor()` | `Capabilities::REVIEW_PACK_VIEW` | no | n/a | current download audit path remains | workspace and detail today when pack is ready | review/detail fallback |
| Review section limitations | yes | current review detail URL | existing `view` policy | no | n/a | none | workspace and detail today | review/detail fallback |
| Review PII / redaction state | yes as disclosure/navigation | current review detail URL and current output-guidance limitations | existing `view` policy | no | n/a | none | workspace and detail today | review/detail fallback |
| Review output limitations | yes as disclosure/navigation | current review detail URL and current output-guidance limitations | existing `view` policy | no | n/a | none | workspace and detail today | `none` |
## Primary Ranking Rules For Spec 351
Use this order, but only when the action is truly safe and available on the current surface:
1. Open successor review when a concrete successor review target is known.
2. Create next review for blocked or limited published reviews.
3. Refresh review for mutable blocked reviews.
4. Publish review for ready mutable reviews.
5. Open evidence basis when no stronger review lifecycle action is safely executable.
6. Open operation proof or review/detail disclosure when the blocker is proof-owned or no execution path exists.
## Hard Constraints
- Do not emit successor-review-open navigation unless a concrete target review ID is known.
- Do not emit executable actions that bypass existing confirmation, authorization, audit, or service-owned `OperationRun` semantics.
- If a workspace viewer lacks the manage capability, downgrade executable review actions to truthful fallback navigation/disclosure.
- If `create_next_review` is used as a dominant executable CTA, the implementation must add confirmation before reuse; otherwise it must degrade to truthful navigation/disclosure fallback.
- Do not create a new generic action engine; reuse Filament page/record actions.
## Deferred Actions
These are real or plausible adjacent actions, but they are outside the primary Spec 351 slice unless implementation proves they are needed without broadening scope:
- workspace-side `refresh_evidence`
- provider-readiness actions
- governance-inbox top recommendation reuse
- environment-dashboard resolve-action reuse