ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
b3e6dfdb7c
TenantAtlas/specs/386-review-publication-resolution-workflow-v1/tasks.md
ahmido ba7622a158 feat: implement ReviewPublicationResolutionWorkflow (Spec 386) (#457) 
## Summary\n- Implements the ReviewPublicationResolutionWorkflow for Spec 386.\n- Adds resolution case/step persistence, policies, services, audit action IDs, and Filament integration.\n- Updates specs, UI/UX documentation, screenshots, and Pest coverage.\n\n## Tests\n- Not run during this handoff; branch was already clean and pushed.\n\n## Target\n- Base: platform-dev\n- Head/topic: 386-review-publication-resolution-workflow-v1

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #457
2026-06-18 21:06:20 +00:00

225 lines
20 KiB
Markdown
Raw Blame History

# Tasks: Spec 386 - Review Publication Resolution Workflow v1
**Input**: Design documents from `/specs/386-review-publication-resolution-workflow-v1/`
**Prerequisites**: `spec.md`, `plan.md`
**Tests**: Required. This feature adds persistence, policy-sensitive workflow state, a new operator workflow surface, and browser-visible behavior.
## Test Governance Checklist
- [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior.
- [x] New or changed tests stay in the smallest honest family, and any PostgreSQL/browser addition is explicit.
- [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default; any widening is isolated or documented.
- [x] Planned validation commands cover the change without pulling in unrelated lane cost.
- [x] The declared workflow-detail surface profile and shared-detail-family proof coverage are explicit.
- [ ] Any material budget, baseline, trend, or escalation note is recorded in the active spec or PR.
## Phase 1: Preparation and Repo Truth
**Purpose**: Confirm exact runtime surfaces and prevent scope bleed before implementation.
- [x] T001 Confirm current branch/status and re-read `specs/386-review-publication-resolution-workflow-v1/spec.md`, `plan.md`, and `tasks.md` before runtime edits.
- [x] T002 Verify completed-spec guardrail for `specs/350-operator-resolution-guidance-framework-v1/`, `specs/351-review-output-resolve-actions-v1/`, `specs/367-operationrun-actionability-system/`, and `specs/385-evidence-review-readiness/`; do not modify those packages.
- [x] T003 Inspect exact Environment Review model, resource, page, policy, and route names before adding the resolution entry point.
- [x] T004 Inspect existing review readiness/publish/export gates and record which service(s) are authoritative for publication blockers.
- [x] T005 Inspect existing EvidenceSnapshotService and evidence generation OperationRun behavior before adding evidence step execution.
- [x] T006 Inspect existing StoredReport/report-generation services for permission posture, admin roles, findings summary, accepted-risk summary, and baseline posture before mapping report steps.
- [x] T007 Inspect existing Review Pack generation service/job/action behavior before mapping review-pack steps.
- [x] T008 Inspect existing OperationRun start/link/presenter helpers and confirm which shared path must be reused for queued/run-link UX.
- [x] T009 Inspect existing audit logging helpers and action IDs before adding resolution lifecycle events.
- [x] T010 Inspect existing capability constants, policies, and `UiEnforcement`/`WorkspaceUiEnforcement` patterns for the relevant review/evidence/report/pack operations.
- [x] T011 Confirm no generic workflow engine, top-level navigation, global-search resource, auto-publish behavior, customer self-resolution, or cross-domain adapter is needed; update spec/plan/tasks first if this is false.
## Phase 2: Persistence and Policy Tests First
**Purpose**: Define schema, isolation, and authorization behavior before adding implementation.
- [ ] T012 [P] Add PostgreSQL migration tests for `review_publication_resolution_cases` and `review_publication_resolution_steps` JSONB/index/partial unique active-current constraints under the existing pgsql lane or nearest migration test family.
- [ ] T013 [P] Add model relationship tests for case-to-workspace, case-to-environment, case-to-review, case-to-steps, step-to-case, step-to-operation-run, and proof reference fields.
- [ ] T014 [P] Add policy tests proving non-workspace members receive deny-as-not-found for case view and step access.
- [ ] T015 [P] Add policy tests proving non-entitled environment access receives deny-as-not-found.
- [x] T016 [P] Add policy tests proving an entitled readonly actor can view safe status but cannot execute step actions.
- [ ] T017 [P] Add policy tests proving operator/manager/owner capabilities map to the underlying evidence/report/review-pack operations instead of a blanket case permission.
- [ ] T018 Add a transactional/concurrency test proving duplicate active/current cases are not created for the same workspace/environment/review/action/currentness.
**Checkpoint**: These tests should fail before migrations/models/policies are implemented.
## Phase 3: Migrations, Models, Statuses, and Policy
**Purpose**: Add bounded review-publication-specific persistence.
- [x] T019 Create reversible migration(s) for `review_publication_resolution_cases` and `review_publication_resolution_steps` in `apps/platform/database/migrations/`, including the `review.publication` action key and PostgreSQL partial unique active-current constraint.
- [x] T020 Add `ReviewPublicationResolutionCase` model with casts, relationships, scopes for workspace/environment/review/action/status/active/current, and safe metadata handling.
- [x] T021 Add `ReviewPublicationResolutionStep` model with casts, relationships, ordered-step helpers, proof reference helpers, and safe metadata handling.
- [x] T022 Add review-publication-specific case status value object/enum with only `open`, `in_progress`, `waiting_for_run`, `blocked`, `ready_to_continue`, `completed`, `cancelled`, and `superseded`.
- [x] T023 Add review-publication-specific step status value object/enum with only `pending`, `actionable`, `running`, `failed`, `completed`, and `superseded`; do not persist `skipped`, `not_applicable`, or a step `reason_code` family in v1.
- [x] T024 Add or extend policy registration for `ReviewPublicationResolutionCasePolicy` using deny-as-not-found for workspace/environment non-entitlement.
- [ ] T025 Ensure metadata/summary casts cannot store raw provider payloads, raw report content, full evidence JSON, secrets, or tokens by convention and tests.
- [ ] T026 Run the focused model/policy/pgsql tests and fix only in-scope issues.
## Phase 4: Evaluator, Planner, and Fingerprint Tests First
**Purpose**: Define derived readiness and step-plan behavior before services are implemented.
- [ ] T027 [P] Add unit tests for no blockers -> ready/no case needed.
- [ ] T028 [P] Add unit tests for missing/stale reports -> `complete_required_reports`.
- [ ] T029 [P] Add unit tests for missing/stale evidence -> `collect_evidence_snapshot`.
- [ ] T030 [P] Add unit tests for output not customer-ready after inputs are current -> `refresh_review_composition`.
- [ ] T031 [P] Add unit tests for current review output with missing/stale pack/export -> `generate_review_pack`.
- [ ] T032 [P] Add unit tests for final unblocked state -> `return_to_publication`.
- [ ] T033 [P] Add unit tests proving irrelevant steps are omitted and v1 stays sequential.
- [ ] T034 [P] Add fingerprint tests proving relevant evidence/report/review/pack/run changes alter currentness while volatile UI-only fields do not.
- [ ] T035 [P] Add zero-findings/zero-drift tests proving evaluated successful empty results are complete and unevaluated empty states are not.
**Checkpoint**: These tests should fail before evaluator/planner services are implemented.
## Phase 5: Evaluator, Planner, and Proof Resolver
**Purpose**: Build the derived planning layer without duplicating readiness or artifact truth.
- [x] T036 Implement `ReviewPublicationReadinessEvaluator` under a review-publication-specific namespace to evaluate current publication readiness from existing services/artifacts.
- [x] T037 Ensure the evaluator does not create reports, collect evidence, refresh reviews, generate packs, publish reviews, or call Graph/provider APIs.
- [x] T038 Implement a stable readiness fingerprint from review, evidence, required report, review-pack/export, blocker, and readiness status inputs.
- [x] T039 Implement `ReviewPublicationResolutionPlanner` to map evaluator requirements to ordered v1 steps only.
- [x] T040 Ensure planner output has one primary actionable step unless implementation updates spec/plan/tasks to approve parallel report steps.
- [x] T041 Implement `ReviewPublicationResolutionProofResolver` to derive OperationRun and artifact proof/currentness without making the case canonical truth.
- [ ] T042 Ensure old failed runs do not remain current blockers after newer successful current proof exists.
- [ ] T043 Ensure old successful proof does not complete current steps after review/evidence/report/pack currentness changes.
- [ ] T044 Run focused evaluator/planner/proof unit tests and fix only in-scope issues.
## Phase 6: Case Service Tests First
**Purpose**: Define create/resume/update/complete/supersede behavior before implementation.
- [x] T045 Add feature tests proving blocked review creates a case and ordered steps.
- [ ] T046 Add feature tests proving the same current active case resumes instead of duplicating.
- [x] T047 Add feature tests proving changed fingerprint re-evaluates and updates or supersedes stale case safely.
- [x] T048 Add feature tests proving no blockers complete or bypass case creation.
- [ ] T049 Add feature tests proving case completes only when current readiness evaluation is unblocked.
- [ ] T050 Add feature tests proving deleted or inaccessible review subject becomes superseded or inaccessible without leaking existence.
- [ ] T051 Add feature tests proving case scope cannot mix workspace/environment/review/proof records.
## Phase 7: Case Service Implementation
**Purpose**: Persist and maintain workflow state safely.
- [x] T052 Implement `ReviewPublicationResolutionCaseService` create/resume behavior in a transaction.
- [x] T053 Persist initial steps from the planner with stable ordering and safe summaries.
- [x] T054 Update step statuses after readiness re-evaluation without overwriting proof truth incorrectly.
- [x] T055 Mark cases completed, cancelled, or superseded according to current lifecycle rules.
- [x] T056 Enforce workspace/environment/review consistency for all case and step operations.
- [x] T057 Add lock/idempotency handling to prevent duplicate active/current cases on double click or concurrent requests.
- [x] T058 Run focused case service tests and fix only in-scope issues.
## Phase 8: Step Action Tests First
**Purpose**: Define action execution, OperationRun linking, artifact proof, and capability behavior before implementation.
- [x] T059 Add tests for `complete_required_reports` using existing report generation service/action paths and linking proof.
- [x] T060 Add tests for `collect_evidence_snapshot` using existing EvidenceSnapshotService/job paths and linking OperationRun/artifact proof.
- [ ] T061 Add tests for `refresh_review_composition` using existing review refresh/composition paths and linking OperationRun/review proof.
- [ ] T062 Add tests for `generate_review_pack` using existing ReviewPack service/job paths and linking OperationRun/pack proof.
- [ ] T063 Add tests proving step actions do not auto-publish and existing publish gates still block unsafe publication.
- [x] T064 Add tests proving running OperationRun sets step `running` and case `waiting_for_run`.
- [ ] T065 Add tests proving failed OperationRun sets step `failed` unless newer current successful proof exists.
- [ ] T066 Add tests proving capability denial renders safe blocked state and does not dispatch jobs, create reports, or create runs.
## Phase 9: Step Action Implementation
**Purpose**: Execute only source-owned actions and link proof.
- [x] T067 Implement `ReviewPublicationResolutionActionService` to execute allowed current-step actions.
- [x] T068 Wire report-generation steps to existing report services/actions; do not invent fake `StoredReport` rows.
- [x] T069 Wire evidence snapshot steps to existing evidence services/jobs.
- [x] T070 Wire review refresh/composition steps to existing review services/jobs.
- [x] T071 Wire review-pack steps to existing review-pack services/jobs.
- [x] T072 Link the primary `operation_run_id` to the current step when an async operation is created or reused.
- [x] T073 Link the primary artifact proof reference when an artifact exists and currentness checks pass.
- [x] T074 Preserve existing shared OperationRun start UX for queued toasts, links, browser events, dedupe/already-running, and terminal notifications.
- [ ] T075 Ensure retry appears only for failed actionable steps and still enforces underlying capability, confirmation, audit, notification, and OperationRun link rules from the spec action confirmation contract.
- [x] T076 Run focused step-action tests and fix only in-scope issues.
## Phase 10: Filament Entry Point and Workflow UI Tests First
**Purpose**: Define the operator workflow and customer non-leakage surface before UI implementation.
- [x] T077 Add Filament/Livewire tests proving blocked Environment Review shows one primary `Resolve publication blockers` CTA.
- [ ] T078 Add Filament/Livewire tests proving publish remains blocked/disabled when existing gates say blocked and refresh is not promoted as primary.
- [x] T079 Add Filament/Livewire tests proving clicking the CTA creates/resumes the case and redirects/opens the resolution workflow.
- [x] T080 Add Filament/Livewire tests proving the resolution page renders blocked reason, required reports, next safe action, preparation progress, and technical detail disclosure.
- [ ] T081 Add Filament/Livewire tests proving the current step has exactly one primary executable action where allowed and that queued/regeneration/cancel/supersede actions use the required confirmation behavior.
- [x] T082 Add Filament/Livewire tests proving readonly/capability-denied users see safe disabled/blocked state and no executable button.
- [ ] T083 Add Filament/Livewire tests proving completed/ready state shows `Return to review` and does not auto-publish.
- [ ] T084 Add customer workspace tests proving no internal case, step, OperationRun debug, permission internals, raw report state, or technical remediation details are visible by default.
## Phase 11: Filament Entry Point and Workflow UI Implementation
**Purpose**: Add the visible workflow while preserving Filament v5 and TenantPilot UX rules.
- [x] T085 Add the review-owned resolution route/page/action under `EnvironmentReviewResource` using existing Filament discovery conventions.
- [x] T086 Add or update the blocked-state CTA on `ViewEnvironmentReview` or the current summary view.
- [x] T087 Keep the review surface one-primary-action: `Resolve publication blockers` while blocked.
- [x] T088 Render resolution page decision summary with blocked reason, required reports, next safe action, what happens after this, and no-auto-publish copy.
- [x] T089 Render compact preparation progress in the first decision section, with the actionable step visually emphasized and completed/pending steps secondary.
- [x] T090 Render proof links behind proof sections and technical detail behind explicit disclosure.
- [x] T091 Render safe empty/ready/already-published states without creating unnecessary cases.
- [ ] T092 Add or update Customer Review Workspace safe preparation/unavailable wording only if needed for non-leakage.
- [x] T093 Use native Filament actions/components/shared primitives first; avoid local semantic color/button/card systems.
- [x] T094 Ensure no new top-level navigation item, generic resource, bulk action, or global search surface is added.
- [x] T095 Run focused Filament/Livewire tests and fix only in-scope issues.
## Phase 12: Audit and Security
**Purpose**: Make the workflow attributable and safe.
- [x] T096 Add audit events for `review_publication_resolution.created`.
- [x] T097 Add audit events for `review_publication_resolution.resumed`.
- [x] T098 Add audit events for `review_publication_resolution.step_started`.
- [x] T099 Add audit events for `review_publication_resolution.operation_linked`.
- [x] T100 Add audit events for `review_publication_resolution.step_completed`.
- [x] T101 Add audit events for `review_publication_resolution.step_failed`.
- [x] T102 Add audit events for `review_publication_resolution.case_completed`.
- [x] T103 Add audit events for `review_publication_resolution.cancelled`.
- [x] T104 Add audit events for `review_publication_resolution.superseded`.
- [x] T105 Ensure audit payloads include safe workspace/environment/case/subject/step/run/proof/status identifiers and derived safe reason summaries only.
- [ ] T106 Add audit tests proving raw provider payloads, secrets, tokens, full report content, and full evidence JSON are not logged.
- [ ] T107 Add no-Graph-during-render and bounded DB-local planner/render tests or guards for the resolution page and blocked review render path.
- [ ] T108 Confirm cross-plane `/system` access does not expose or mutate admin-plane resolution cases.
## Phase 13: UI/Productization Coverage
**Purpose**: Satisfy UI-COV-001 for the new workflow and affected surfaces.
- [x] T109 Update `docs/ui-ux-enterprise-audit/route-inventory.md` for the new subject-driven resolution route or page-action surface.
- [x] T110 Update `docs/ui-ux-enterprise-audit/design-coverage-matrix.md` for the new workflow surface.
- [x] T111 Update or create the relevant page report for Review Publication Resolution workflow.
- [x] T112 Update the Environment Review detail page report for the blocked-state CTA/action hierarchy change.
- [ ] T113 Update Customer Review Workspace page report if safe preparation/non-leakage wording changes materially.
- [x] T114 Record screenshot/browser-smoke artifact paths for blocked CTA, open case, current step, running, failed, completed proof, ready return, customer no-leakage, and dark/mobile smoke where feasible.
- [x] T115 Confirm the spec UI Action Matrix still matches implementation; update spec/plan/tasks before merge if action placement or dangerous-action behavior changes.
## Phase 14: Validation
**Purpose**: Prove the implementation and capture residual risk.
- [ ] T116 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Unit/ReviewPublicationResolution`.
- [ ] T117 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ReviewPublicationResolution tests/Feature/EnvironmentReview tests/Feature/ReviewPack`.
- [ ] T118 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/Spec386ReviewPublicationResolutionUiTest.php`.
- [ ] T119 Run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest -c phpunit.pgsql.xml --filter Spec386`.
- [x] T120 Run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec386ReviewPublicationResolutionWorkflowTest.php` (local fallback used: `php artisan test --compact tests/Browser/Spec386ReviewPublicationResolutionWorkflowTest.php`).
- [x] T121 Run `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` (local fallback used: `./vendor/bin/pint --dirty --test`).
- [x] T122 Run `git diff --check`.
- [ ] T123 Record implementation close-out with Livewire v4 compliance, provider registration location, global search status, destructive/high-impact action handling, asset strategy, tests run, browser smoke result, and deployment impact.
## Explicit Non-Goals
- [x] NT001 Do not modify completed dependency specs except as read-only context.
- [x] NT002 Do not create a generic workflow engine, registry, adapter framework, or generic action-resolution CRUD resource.
- [x] NT003 Do not add top-level navigation or global search for resolution cases.
- [x] NT004 Do not auto-publish reviews or bypass existing publish/export gates.
- [x] NT005 Do not expose internal resolution case details to customer-facing surfaces.
- [x] NT006 Do not store raw provider payloads, raw report content, full evidence JSON, secrets, or tokens in case/step/audit metadata.
- [ ] NT007 Do not call Graph/provider APIs during UI render or readiness display.
- [ ] NT008 Do not transition `OperationRun.status` or `OperationRun.outcome` outside existing services.
- [ ] NT009 Do not implement Restore, Provider Onboarding, Baseline Compare, Report Delivery, Customer Portal, AI, Billing, or Cross-Tenant Promotion resolution adapters in this spec.
- [ ] NT010 Do not use generic `action_resolution_*` persistence without first updating spec/plan/tasks with proportionality justification and review-publication-only constraints.
Reference in New Issue View Git Blame Copy Permalink