## Summary - add the Spec 323 Tenantial enterprise UI audit foundation package - add the UI/UX audit registry artifacts, templates, and supporting brand context placeholder - update Spec Kit prompts/templates plus PR fast-feedback guardrails for ongoing UI productization coverage ## Scope - docs-first audit foundation only - no runtime Laravel, Filament, Livewire, route, auth, or database behavior changes intended ## Validation - [x] `git diff --check` - [ ] application test suite run ## Notes - primary spec: `specs/323-tenantial-enterprise-ui-audit-foundation/` - this branch also updates `.gitea/pull_request_template.md`, `.gitea/workflows/test-pr-fast-feedback.yml`, and `scripts/check-ui-productization-coverage` to make the coverage gate durable for future UI work Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #383
49 lines
2.0 KiB
Markdown
49 lines
2.0 KiB
Markdown
# UI-009 Provider Connections
|
|
|
|
| Field | Value |
|
|
| --- | --- |
|
|
| Route | `/admin/provider-connections` |
|
|
| Source | `ProviderConnectionResource` |
|
|
| Area / scope | Provider / integration / workspace |
|
|
| Archetype | Provider / Integration |
|
|
| Design depth | Strategic Surface |
|
|
| Repo truth | repo-verified |
|
|
| Screenshot | `../screenshots/desktop/ui-009-provider-connections.png` |
|
|
| Browser status | Reached through workspace route. |
|
|
|
|
## First Five Seconds
|
|
|
|
The surface is the main integration authority. It should make connection health, scope, credentials/consent state, and safe next action legible without exposing secrets or raw provider errors by default.
|
|
|
|
## Productization Review
|
|
|
|
- Decision-first: medium; table needs stronger next-action state.
|
|
- Evidence-first: provider health and verification can support decisions.
|
|
- Context: workspace-owned provider connection surface.
|
|
- Customer/auditor safety: internal/operator only.
|
|
- Diagnostics: raw provider details must stay hidden or support-gated.
|
|
|
|
## Information Inventory
|
|
|
|
Default content should include provider, connection type, target scope, health, permissions/consent, last verification, and next action. Diagnostic details should explain missing policy/scopes without raw secrets.
|
|
|
|
## Dangerous Actions
|
|
|
|
Credential rotation, disconnect/disable, reverify, and delete are high-impact. Target design must include authorization, confirmation, audit, and recovery guidance.
|
|
|
|
## Scores
|
|
|
|
| IA | Density | User Clarity | Sellability | Disclosure | Hierarchy | DS Fit | A11y | Responsive | Components | UX Writing | Perf |
|
|
| ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: |
|
|
| 3 | 4 | 3 | 4 | 3 | 3 | 4 | 3 | 3 | 4 | 3 | 4 |
|
|
|
|
## Top Issues
|
|
|
|
1. Needs stronger health/permission summary over raw integration detail.
|
|
2. Dangerous provider actions require target confirmation and audit treatment.
|
|
3. Provider-specific terminology should not leak into platform-core copy.
|
|
|
|
## Target Direction
|
|
|
|
P0 individual target mockup. This is a trust-critical setup and recovery surface.
|