ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
a5b7300ca9
TenantAtlas/specs/397-receipt-page-reduction/tasks.md
ahmido a5b7300ca9 feat: reduce receipt page surface depth and simplify evidence summaries (#468) 
Automated PR created by Codex via Gitea API.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #468
2026-06-22 11:03:10 +00:00

20 KiB
Raw Blame History

Tasks: Spec 397 - Receipt Page Reduction Pass v1

Input: specs/397-receipt-page-reduction/spec.md, specs/397-receipt-page-reduction/plan.md
Prerequisites: Existing /admin receipt-style pages, Product Surface Contract, Filament v5 / Livewire v4
Tests: Required. This spec changes rendered UI defaults and must include Feature/Filament proof plus focused browser smoke.

Test Governance Checklist

  • Lane assignment is named and is the narrowest sufficient proof for the changed behavior.
  • New or changed tests stay in the smallest honest family; Browser coverage is one explicit focused receipt proof path.
  • Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default; any widening is isolated or documented.
  • Planned validation commands cover the changed receipt surfaces without pulling in unrelated lane cost.
  • The declared surface test profile is explicit: Product Surface Receipt Page reduction.
  • Browser proof is required because rendered UI changes are expected.
  • Human Product Sanity and Product Surface implementation-report close-out are completed.
  • Any material budget, baseline, trend, or escalation note is recorded in the active spec or implementation report.

Phase 1: Discovery And Guardrails

Purpose: Confirm exact current render paths, default-visible overload, and existing tests before changing runtime files.

  • T001 Re-read specs/397-receipt-page-reduction/spec.md, specs/397-receipt-page-reduction/plan.md, and docs/product/standards/product-surface-contract.md; record the selected implementation slice in specs/397-receipt-page-reduction/implementation-report.md.
  • T002 Inspect Evidence Snapshot default-visible sections, actions, technical links, and tests in apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php, apps/platform/app/Filament/Resources/EvidenceSnapshotResource/Pages/ViewEvidenceSnapshot.php, and apps/platform/tests/Feature/Evidence/EvidenceSnapshotResourceTest.php.
  • T003 Inspect Baseline Snapshot default-visible sections, actions, long tables, and tests in apps/platform/app/Filament/Resources/BaselineSnapshotResource.php, apps/platform/app/Filament/Resources/BaselineSnapshotResource/Pages/ViewBaselineSnapshot.php, and apps/platform/tests/Feature/Filament/BaselineSnapshotTruthSurfaceTest.php.
  • T004 Inspect Restore Run default-visible sections, action hierarchy, OperationRun proof, and tests in apps/platform/app/Filament/Resources/RestoreRunResource.php, apps/platform/app/Filament/Resources/RestoreRunResource/Pages/ViewRestoreRun.php, apps/platform/app/Filament/Resources/RestoreRunResource/Presenters/RestoreRunDetailPresenter.php, and apps/platform/tests/Feature/Filament/Spec335RestoreRunDetailProductizationTest.php.
  • T005 Inspect Review Pack receipt/default output guidance in apps/platform/app/Filament/Resources/ReviewPackResource.php, apps/platform/app/Filament/Resources/ReviewPackResource/Pages/ViewReviewPack.php, apps/platform/resources/views/filament/infolists/entries/review-pack-output-guidance.blade.php, and apps/platform/tests/Feature/ReviewPack/ReviewPackResourceTest.php.
  • T006 Inspect Stored Report receipt/report boundary in apps/platform/app/Filament/Resources/StoredReportResource.php, apps/platform/app/Filament/Resources/StoredReportResource/Pages/ViewStoredReport.php, apps/platform/resources/views/review-packs/rendered-report.blade.php, and apps/platform/tests/Feature/StoredReports/StoredReportDetailPresentationTest.php.
  • T007 Confirm global search posture for touched resources in apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php, apps/platform/app/Filament/Resources/BaselineSnapshotResource.php, apps/platform/app/Filament/Resources/RestoreRunResource.php, apps/platform/app/Filament/Resources/ReviewPackResource.php, and apps/platform/app/Filament/Resources/StoredReportResource.php.
  • T008 Confirm destructive/high-impact actions that may be touched and their confirmation/authorization/audit coverage in apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php, apps/platform/app/Filament/Resources/BaselineSnapshotResource.php, apps/platform/app/Filament/Resources/RestoreRunResource.php, apps/platform/app/Filament/Resources/ReviewPackResource.php, and apps/platform/app/Filament/Resources/StoredReportResource.php; document results in specs/397-receipt-page-reduction/implementation-report.md.
  • T009 Decide whether existing browser tests can carry Spec 397 proof or whether a new file is required; record the decision in specs/397-receipt-page-reduction/implementation-report.md.

Phase 2: Foundational Test Harness

Purpose: Add failing or adjusted tests before/alongside implementation so receipt budgets are explicit.

  • T010 [P] Add or update Evidence Snapshot receipt assertions in apps/platform/tests/Feature/Evidence/EvidenceSnapshotResourceTest.php for one primary action, no default raw source keys/detectors/raw IDs/OperationRun proof, and authorized internal detail.
  • T011 [P] Add or update Baseline Snapshot receipt assertions in apps/platform/tests/Feature/Filament/BaselineSnapshotTruthSurfaceTest.php or a narrower new apps/platform/tests/Feature/Filament/Spec397BaselineSnapshotReceiptTest.php for one primary action, table cap, and demoted payload/fidelity technical detail.
  • T012 [P] Add or update Restore Run receipt assertions in apps/platform/tests/Feature/Filament/Spec335RestoreRunDetailProductizationTest.php or a narrower new apps/platform/tests/Feature/Filament/Spec397RestoreRunReceiptTest.php for demoted OperationRun proof and preserved destructive action safety.
  • T013 [P] Add or update Review Pack receipt assertions in apps/platform/tests/Feature/ReviewPack/ReviewPackResourceTest.php or apps/platform/tests/Feature/ReviewPack/Spec397ReviewPackReceiptTest.php for customer-safe output state without default raw evidence/internal artifact links.
  • T014 [P] Add or update Stored Report receipt assertions in apps/platform/tests/Feature/StoredReports/StoredReportDetailPresentationTest.php for generated-at/scope/output availability and hidden raw artifact path/renderer metadata by default only if T006 confirms the changed surface is receipt metadata rather than report content.
  • T015 Add or update focused browser proof in apps/platform/tests/Browser/Spec397ReceiptPageReductionSmokeTest.php unless T009 proves existing browser files can cover all required receipt paths.

Phase 3: User Story 1 - Evidence Snapshot Receipt Reduction

Goal: Evidence Snapshot detail answers what evidence was captured, for which scope, whether it can be trusted, and the next action.

Independent Test: Evidence Snapshot feature test and focused browser path pass with no raw technical default content.

  • T016 [US1] Update Evidence Snapshot top-level receipt status and summary in apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php.
  • T017 [US1] Ensure Evidence Snapshot detail has exactly one dominant primary action and at most two default secondary actions in apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php.
  • T018 [US1] Demote source keys, detector output, raw IDs, technical dimensions, payloads, and OperationRun proof from the default Evidence Snapshot view in apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php.
  • T019 [US1] Move or collapse Evidence Snapshot internal detail into authorized secondary/internal sections in apps/platform/resources/views/filament/infolists/entries/evidence-dimension-summary.blade.php.
  • T020 [US1] Keep Evidence Snapshot gap/coverage detail compact and product-labeled in apps/platform/resources/views/filament/infolists/entries/evidence-gap-subjects.blade.php.
  • T021 [US1] Verify customer-safe related context links do not expose raw receipt internals in apps/platform/tests/Feature/Reviews/CustomerReviewWorkspaceLaunchLinksTest.php.
  • T022 [US1] Run the focused Evidence Snapshot tests selected in T010 and document results in specs/397-receipt-page-reduction/implementation-report.md.

Phase 4: User Story 2 - Baseline Snapshot Receipt Reduction

Goal: Baseline Snapshot detail answers what baseline was captured, what it covers, whether it remains relevant, and the next action.

Independent Test: Baseline Snapshot feature test proves table caps/default demotion and receipt status/action hierarchy.

  • T023 [US2] Update Baseline Snapshot top-level receipt summary and canonical status mapping in apps/platform/app/Filament/Resources/BaselineSnapshotResource.php.
  • T024 [US2] Ensure Baseline Snapshot detail has exactly one dominant primary action in apps/platform/app/Filament/Resources/BaselineSnapshotResource.php.
  • T025 [US2] Cap default Baseline Snapshot summary tables to eight rows or move long lists behind expansion/internal detail in apps/platform/resources/views/filament/infolists/entries/baseline-snapshot-summary-table.blade.php.
  • T026 [US2] Demote governed subject inventory and group detail from the default product receipt in apps/platform/resources/views/filament/infolists/entries/baseline-snapshot-groups.blade.php.
  • T027 [US2] Keep payload/fidelity/support-limit detail diagnostic/internal rather than top-level receipt status in apps/platform/resources/views/filament/infolists/entries/baseline-snapshot-technical-detail.blade.php.
  • T028 [US2] Preserve existing baseline snapshot authorization and related-context behavior in apps/platform/tests/Feature/Filament/BaselineSnapshotAuthorizationTest.php and apps/platform/tests/Feature/Filament/BaselineSnapshotRelatedContextTest.php.
  • T029 [US2] Run the focused Baseline Snapshot tests selected in T011 and document results in specs/397-receipt-page-reduction/implementation-report.md.

Phase 5: User Story 3 - Restore Run Receipt Reduction

Goal: Restore Run detail shows restore outcome, source/target, validation/result summary, and one next action without default OperationRun/raw payload proof.

Independent Test: Restore Run feature test proves OperationRun proof is secondary/internal and destructive/high-impact actions remain safe.

  • T030 [US3] Update Restore Run detail presenter output to prefer receipt summary, canonical status, source/target, validation/result summary, and next action in apps/platform/app/Filament/Resources/RestoreRunResource/Presenters/RestoreRunDetailPresenter.php.
  • T031 [US3] Ensure Restore Run detail has exactly one dominant primary action in apps/platform/app/Filament/Resources/RestoreRunResource.php.
  • T032 [US3] Demote OperationRun proof and raw restore payload/detail from the default Restore Run view in apps/platform/app/Filament/Resources/RestoreRunResource.php.
  • T033 [US3] Move detailed restore proof/process detail to secondary/internal display in apps/platform/resources/views/filament/forms/components/partials/restore-run-proof-panel.blade.php.
  • T034 [US3] Keep restore result rows compact and product-labeled in apps/platform/resources/views/filament/infolists/entries/restore-results.blade.php.
  • T035 [US3] Verify delete/restore/rerun/archive actions retain confirmation, authorization, audit, and tests in apps/platform/tests/Feature/BulkDeleteRestoreRunsTest.php, apps/platform/tests/Feature/BulkRestoreRestoreRunsTest.php, and apps/platform/tests/Feature/RestoreRunArchiveGuardTest.php.
  • T036 [US3] Run the focused Restore Run tests selected in T012 and document results in specs/397-receipt-page-reduction/implementation-report.md.

Phase 6: User Story 3 - Review Pack And Stored Report Receipt Reduction

Goal: Review Pack and Stored Report receipt metadata show customer-safe state, output availability, generated/published timing, scope, and one next action without raw evidence/internal artifact defaults.

Independent Test: Review Pack and Stored Report feature tests prove customer-safe defaults and hidden internals.

  • T037 [US3] Update Review Pack detail receipt sections to show output state, generated/published timestamp, scope, output availability, and one primary action in apps/platform/app/Filament/Resources/ReviewPackResource.php.
  • T038 [US3] Demote raw evidence links, operation proof, source keys, detector output, and technical generation metadata from default Review Pack output guidance in apps/platform/resources/views/filament/infolists/entries/review-pack-output-guidance.blade.php.
  • T039 [US3] Preserve Review Pack customer output gate and route authorization behavior in apps/platform/app/Http/Controllers/ReviewPackRenderedReportController.php.
  • T040 [US3] If T006 confirms Stored Report receipt metadata is product-facing, update Stored Report detail receipt metadata to separate report content from receipt proof in apps/platform/app/Filament/Resources/StoredReportResource.php; otherwise record the no-runtime-edit decision in specs/397-receipt-page-reduction/implementation-report.md.
  • T041 [US3] If T040 proceeds, demote raw artifact path, renderer metadata, evidence snapshot technical links, OperationRun links, and payload/profile internals from default Stored Report receipt metadata in apps/platform/app/Filament/Resources/StoredReportResource.php.
  • T042 [US3] Ensure rendered report content remains customer-safe and does not gain raw technical receipt detail in apps/platform/resources/views/review-packs/rendered-report.blade.php.
  • T043 [US3] Run the focused Review Pack tests selected in T013 and the Stored Report tests selected in T014 only when T040 proceeds; document results in specs/397-receipt-page-reduction/implementation-report.md.

Phase 7: User Story 4 - Customer-Safe Boundary Proof

Goal: Customer-safe/default paths stay free from raw receipt internals while internal audit depth remains available where authorized.

Independent Test: Customer-safe or read-only actor cannot see raw Evidence Snapshot IDs, OperationRun links, source keys, detector names, fingerprints, payloads, or internal reason ownership by default.

  • T044 [US4] Verify Customer Review Workspace links into evidence/review/report receipt surfaces remain customer-safe in apps/platform/tests/Feature/Reviews/CustomerReviewWorkspaceLaunchLinksTest.php.
  • T045 [US4] Update or add customer-safe route assertions for Review Pack output in apps/platform/tests/Feature/ReviewPack/Spec392CustomerOutputRouteGateTest.php.
  • T046 [US4] Update or add Stored Report entitlement assertions for hidden technical receipt metadata in apps/platform/tests/Feature/StoredReports/StoredReportEntitlementEnforcementTest.php.
  • T047 [US4] Verify internal/operator technical detail access remains authorized and deliberate in apps/platform/tests/Feature/Evidence/EvidenceSnapshotResourceTest.php, apps/platform/tests/Feature/Filament/BaselineSnapshotAuthorizationTest.php, and apps/platform/tests/Feature/ReviewPack/ReviewPackRbacTest.php.
  • T048 [US4] Run the focused customer-safe boundary tests selected in T044-T047 and document results in specs/397-receipt-page-reduction/implementation-report.md.

Phase 8: Browser Proof, Product Surface Close-Out, And Validation

Purpose: Prove rendered UI reduction and close the Product Surface Contract gate.

  • T049 Run the focused Spec 397 browser smoke in apps/platform/tests/Browser/Spec397ReceiptPageReductionSmokeTest.php or the exact existing browser files selected in T009 for every changed receipt surface.
  • T050 Capture browser proof for Evidence Snapshot, Baseline Snapshot, Restore Run, and every changed Review Pack or Stored Report receipt surface under specs/397-receipt-page-reduction/artifacts/screenshots/ or record equivalent textual browser proof in specs/397-receipt-page-reduction/implementation-report.md.
  • T051 Complete Human Product Sanity review and record the result in specs/397-receipt-page-reduction/implementation-report.md.
  • T052 Record Product Surface exceptions as none or document any approved exception in specs/397-receipt-page-reduction/implementation-report.md.
  • T053 Record Livewire v4 compliance, provider registration location, global search posture for changed resources, destructive/high-impact actions, asset strategy, tests/browser result, and deployment impact in specs/397-receipt-page-reduction/implementation-report.md.
  • T054 Update docs/ui-ux-enterprise-audit/route-inventory.md for each target surface whose default rendered UI changes; if a planned target surface is skipped, record the no-update rationale in specs/397-receipt-page-reduction/implementation-report.md.
  • T055 Update docs/ui-ux-enterprise-audit/design-coverage-matrix.md for each target surface whose default rendered UI changes; if a planned target surface is skipped, record the no-update rationale in specs/397-receipt-page-reduction/implementation-report.md.
  • T056 Run the focused Feature/Filament tests selected in T010-T014 and T044-T047 from apps/platform and record results in specs/397-receipt-page-reduction/implementation-report.md.
  • T057 Attempt full cd apps/platform && ./vendor/bin/sail pint --test; record that the unscoped run was interrupted after broad repo-wide findings/long runtime and that changed-file Pint is the relevant passed check for this slice.
  • T058 Run git diff --check.
  • T059 Run broader affected tests only if the implementation touched shared helpers or shared resources; document exact commands and results in specs/397-receipt-page-reduction/implementation-report.md.
  • T060 Confirm no application code introduced migrations, new persisted truth, new broad receipt/annex framework, Graph render calls, or compatibility toggles; record the result in specs/397-receipt-page-reduction/implementation-report.md.

Dependencies

  • Phase 1 must complete before runtime edits.
  • Phase 2 tests should be added before or alongside each corresponding implementation phase.
  • US1 and US2 can run in parallel after discovery because they touch different resources/views/tests.
  • Restore, Review Pack, and Stored Report work can run in parallel after discovery if no shared helper is introduced.
  • Browser proof and implementation report close-out depend on all touched page changes.

Requirement Coverage Map

Requirement Primary task coverage
FR-397-001 Receipt page classification T001-T006, T049-T053
FR-397-002 Default receipt summary T016, T023, T030, T037, T040
FR-397-003 One dominant primary action T017, T024, T031, T037
FR-397-004 Hide raw technical default content T018-T020, T025-T027, T032-T034, T038-T042
FR-397-005 Preserve authorized internal detail T019, T027, T033, T047
FR-397-006 Customer-safe/read-only internals hidden T021, T039, T042, T044-T048
FR-397-007 Cap long default tables T011, T025, T034
FR-397-008 Product Surface status vocabulary T016, T023, T030, T037, T040
FR-397-009 Diagnostic labels stay secondary T019, T027, T033, T038, T041
FR-397-010 Destructive/high-impact action safety T008, T035, T053
FR-397-011 No new persisted truth/framework T001, T052, T060
FR-397-012 Global search safety T007, T053
FR-397-013 No Graph/remote render work T060
FR-397-014 Focused browser proof T015, T049-T050
NFR-397-001 Five-second scan T050-T053
NFR-397-002 Visible complexity not increased T052-T053, T060
NFR-397-003 DB-only render and bounded table cost T025, T034, T060
NFR-397-004 Focused browser scope T009, T015, T049-T050
NFR-397-005 Narrow test lane fit T010-T015, T056, T059

Parallel Execution Examples

After Phase 1:
- Agent A: T010, T016-T022 for Evidence Snapshot.
- Agent B: T011, T023-T029 for Baseline Snapshot.
- Agent C: T012, T030-T036 for Restore Run.
- Agent D: T013-T014, T037-T043 for Review Pack / Stored Report.

Implementation Strategy

  1. MVP first: Evidence Snapshot and Baseline Snapshot receipt reductions because they have the clearest Product Surface overload and browser audit evidence.
  2. Then reduce Restore Run receipt proof and Review Pack / Stored Report receipt metadata.
  3. Finish with customer-safe boundary proof, focused browser smoke, human sanity, and implementation report.

Explicit Non-Goals For Implementation

  • Do not create a new receipt engine, Technical Annex framework, persisted receipt state, enum/status family, registry, resolver, provider abstraction, report-generation flow, restore behavior, evidence generation flow, navigation architecture, or compatibility toggle.
  • Do not rewrite completed specs or remove their validation, browser, screenshot, task, or close-out history.