ahmido
f6dbc89edb
Adds browser fixture coverage for evidence system surfaces as described in Spec 376. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #447
37 lines
2.7 KiB
Markdown
37 lines
2.7 KiB
Markdown
# Fixture Design
|
|
|
|
## Design Decision
|
|
|
|
No new fixture route or command is needed. Existing repo-native patterns are sufficient:
|
|
|
|
- Admin-plane surfaces use `GET /admin/local/smoke-login` in `local`/`testing`.
|
|
- System-plane surfaces use Pest Browser `actingAs($platformUser, 'platform')`.
|
|
- Data is created with existing factories and test helpers.
|
|
|
|
## Per-Surface Fixture Contract
|
|
|
|
| Surface | Auth | Scope | Data source | Existing fixture source | New fixture source | Local/testing guarantee | Browser URL | Failure mode if regressed |
|
|
|---|---|---|---|---|---|---|---|---|
|
|
| Evidence Snapshot View | `web` guard through `admin.local.smoke-login` | workspace + environment | `seedEnvironmentReviewEvidence()` | Spec 372 smoke pattern | Spec 376 local test fixture | smoke-login route is local/testing-only | `EvidenceSnapshotResource::getUrl('view', ...)` | `auth-blocked`, `scope-blocked`, or `data-blocked` |
|
|
| Required Permissions | `web` guard through `admin.local.smoke-login` | workspace + environment | `ManagedEnvironmentPermission` rows from configured permission registry | Spec 353/283 patterns | Spec 376 local permission seed helper | smoke-login route is local/testing-only | `ManagedEnvironmentLinks::requiredPermissionsUrl()` | `auth-blocked`, `scope-blocked`, or `data-blocked` |
|
|
| System Dashboard | `platform` guard via Pest Browser `actingAs` | platform plane | `PlatformUser` capabilities | Spec 276 pattern | Spec 376 platform user fixture | no HTTP fixture route added | `/system` | `auth-blocked` or `capability-blocked` |
|
|
| System Operations | `platform` guard via Pest Browser `actingAs` | platform plane | same `PlatformUser`; empty-state data allowed | Spec 276 pattern | Spec 376 platform user fixture | no HTTP fixture route added | `/system/ops/runs` | `auth-blocked` or `capability-blocked` |
|
|
| Provider Connection Detail | `web` guard through existing admin session | workspace + record-derived environment authority | `ProviderConnection::factory()->platform()->verifiedHealthy()` plus explicit `environment_id` | Spec 353/281 patterns | Spec 376 local provider connection fixture | no new route added | `ManagedEnvironmentLinks::providerConnectionUrl(..., 'view', $environment)` | `scope-blocked`, `data-blocked`, or `timeout-blocked` |
|
|
|
|
## Route Safety
|
|
|
|
- No system smoke-login route was added.
|
|
- No admin smoke-login behavior was changed.
|
|
- No redirect validation behavior was changed.
|
|
- No production route or product UI route was added.
|
|
|
|
## Browser Screenshot Contract
|
|
|
|
Screenshots are saved under `artifacts/screenshots/`:
|
|
|
|
- `001-evidence-snapshot-view.png`
|
|
- `002-required-permissions.png`
|
|
- `003-system-dashboard.png`
|
|
- `004-system-operations.png`
|
|
- `005-provider-connection-detail.png`
|