ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
a92dd81232
TenantAtlas/specs/162-baseline-gap-details/quickstart.md
Ahmed Darrazi a92dd81232 feat: add baseline gap details surfaces
2026-03-24 20:04:41 +01:00

2.4 KiB
Raw Blame History

Quickstart: Enterprise Evidence Gap Details for Baseline Compare

Prerequisites

  1. Start the local stack.
vendor/bin/sail up -d
  1. Ensure the app is clean enough to run focused tests.

Focused Verification

Run the minimum regression pack for the feature:

vendor/bin/sail artisan test --compact tests/Feature/Baselines/BaselineCompareAmbiguousMatchGapTest.php tests/Feature/Baselines/BaselineCompareResumeTokenTest.php tests/Feature/Filament/OperationRunEnterpriseDetailPageTest.php

Format touched files before shipping implementation updates:

vendor/bin/sail bin pint --dirty --format agent

Manual Verification Flow

  1. Trigger or locate a completed baseline_compare run with evidence gaps.
  2. Open the canonical run detail page at /admin/operations/{run}.
  3. Confirm the page shows outcome/trust guidance before diagnostics.
  4. Confirm the Evidence gap details section is visible when subject-level details exist.
  5. Use Search gap details to filter by:
    • reason text such as ambiguous
    • policy type such as deviceConfiguration
    • subject key fragment such as part of a display name or GUID
  6. Confirm raw JSON evidence remains available in the separate Baseline compare evidence section.

Legacy-Run Verification

  1. Open an older baseline compare run that contains evidence_gaps.count but no evidence_gaps.subjects.
  2. Confirm the UI distinguishes missing recorded detail from the absence of gaps.
  3. Confirm the page still renders successfully and does not imply a healthy compare result.

Tenant-Safety Verification

  1. Verify an entitled user can inspect the same run through canonical monitoring.
  2. Verify a non-member cannot discover tenant-owned detail through canonical or tenant-scoped surfaces.
  3. Verify member-but-underprivileged behavior remains enforced by existing authorization rules.

Render-Safety Verification

  1. Bind the fail-hard graph client in the affected UI tests.
  2. Verify the canonical run detail renders evidence-gap detail without invoking GraphClientInterface.
  3. Verify the tenant landing evidence-gap state renders without invoking GraphClientInterface.

Deployment Notes

  • No new database migration is required.
  • No new Filament assets are registered, so this feature does not add a new filament:assets deployment requirement.
  • Filament remains on Livewire v4-compatible patterns and requires no panel provider changes.