TenantAtlas/specs/376-browser-audit-fixture-coverage-evidence-system-surfaces/artifacts/route-reachability-report.md
ahmido f6dbc89edb test: add spec 376 browser fixture coverage (#447)
Adds browser fixture coverage for evidence system surfaces as described in Spec 376.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #447
2026-06-13 11:22:19 +00:00

29 lines
2.8 KiB
Markdown

# Route Reachability Report
## Final Browser Outcomes
| Surface | Route/path | Panel | Auth guard | Required parameters | Fixture parameters | HTTP/browser outcome | Final URL pattern | Verification label |
|---|---|---|---|---|---|---|---|---|
| Evidence Snapshot View | `/admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` | admin | `web` | workspace slug, environment slug, evidence snapshot id | `Test Workspace`, `Spec376 Browser Evidence Environment`, seeded snapshot | Rendered in browser, no JS errors, no console logs, screenshot captured | `/admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` | `browser-verified` |
| Required Permissions | `/admin/workspaces/{workspace}/environments/{environment}/required-permissions` | admin | `web` | workspace slug, environment slug | same workspace/environment, seeded permission rows | Rendered in browser, no JS errors, no console logs, screenshot captured | `/admin/workspaces/{workspace}/environments/{environment}/required-permissions` | `browser-verified` |
| System Dashboard | `/system` | system | `platform` | platform user with `platform.access_system_panel` plus dashboard capability | `PlatformUser` with `ACCESS_SYSTEM_PANEL`, `CONSOLE_VIEW`, `OPERATIONS_VIEW` | Rendered in browser, no JS errors, no console logs, screenshot captured | `/system` | `browser-verified` |
| System Operations | `/system/ops/runs` | system | `platform` | platform user with operations capability | same `PlatformUser` | Rendered empty state in browser, no JS errors, no console logs, screenshot captured | `/system/ops/runs` | `browser-verified` |
| Provider Connection Detail | `/admin/provider-connections/{record}?environment_id={environment}` | admin | `web` | provider connection id, explicit `environment_id`, workspace session | `Spec376 Provider Connection Detail` for the selected environment | Rendered in browser, no JS errors, no console logs, screenshot captured | `/admin/provider-connections/{record}?environment_id={environment}` | `browser-verified` |
## Route Inventory Sources
- Laravel Boost `list_routes(path: admin)` confirmed:
- `admin/local/smoke-login`
- `admin/workspaces/{workspace}/environments/{environment}/evidence/{record}`
- `admin/workspaces/{workspace}/environments/{environment}/required-permissions`
- `admin/provider-connections/{record}`
- Laravel Boost `list_routes(path: system)` confirmed:
- `system`
- `system/ops/runs`
## Redirect/Login Behavior
- Admin surfaces used `admin.local.smoke-login` once, with redirect to Evidence Snapshot View. Subsequent admin surface visits used the same authenticated browser session.
- System surfaces did not use a smoke-login route. They used Pest Browser `actingAs($platformUser, 'platform')`, preserving platform-plane separation.
- No tested surface redirected to `/admin/login` or `/system/login`.