ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
bf43dad3d1
TenantAtlas/docs/AGENTS-draft.md
ahmido bf43dad3d1 fix: enforce workspace surface scope for customer review workspace (#366) 
## Summary
- keep `/admin/reviews/workspace` workspace-scoped in shell and sidebar context
- treat `tenant` query hints on the customer review workspace as page-level filters only
- update the customer review workspace tests and Spec 311 navigation contract to match the workspace-hub IA

## Testing
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Reviews/CustomerReviewWorkspacePageTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/WorkspaceContextTopbarAndTenantSelectionTest.php tests/Feature/Filament/PanelNavigationSegregationTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `git diff --check`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #366
2026-05-15 20:52:37 +00:00

51 lines
2.2 KiB
Markdown
Raw Blame History

# AGENTS.md Draft Addendum
This draft is intentionally short. It is meant to be merged into the root `AGENTS.md` after review, not to replace the existing Spec Kit workflow and multi-agent coordination rules.
## Enterprise Rule Sources
Agents must treat these files as project rules:
- `docs/stack-overview.md`
- `docs/architecture-guidelines.md`
- `docs/filament-guidelines.md`
- `docs/security-guidelines.md`
- `docs/testing-guidelines.md`
- `docs/performance-guidelines.md`
- `docs/deployment-checklist.md`
- `docs/package-governance.md`
- `docs/ai-coding-rules.md`
## Version Rules
- Laravel 12, Filament 5, Livewire 4, Tailwind CSS 4, Pest 4, PHPUnit 12, PostgreSQL 16.
- Do not use Filament v3/v4 or Livewire v3 APIs.
- Laravel 12 panel providers are registered in `bootstrap/providers.php`.
- Search official version-specific docs before changing Laravel, Filament, Livewire, Pest, Tailwind, or PostgreSQL behavior.
## Code Rules
- Keep Filament resources/pages thin. Extract non-trivial business logic into actions/services/jobs.
- All Graph calls go through `GraphClientInterface`.
- No Graph calls during UI rendering.
- Every tenant-owned query is workspace- and tenant-scoped.
- Every new resource-backed model has a policy or a documented exception.
- Every destructive/high-impact Filament action has confirmation, authorization, audit logging, notification, and tests.
- New JSON payload storage defaults to PostgreSQL JSONB when it is retained or queryable.
- Jobs must be idempotent, observable, retry-aware, and safe to re-run.
## Security and Testing Rules
- Run `composer audit` and `corepack pnpm audit --audit-level moderate` for dependency work and before release.
- Use Pest 4 and Filament action testing helpers.
- Use the PostgreSQL test lane for migrations, JSONB, partial indexes, locks, and tenant-isolation constraints.
- Never log secrets, tokens, credential payloads, or raw sensitive Graph payloads.
## Deployment Rules
- Sail-first locally; Dokploy-first for staging/production.
- Production must set `APP_DEBUG=false`.
- Production workers use supervised `queue:work`, not `queue:listen`.
- Deployments that use Filament registered assets must run `php artisan filament:assets`.
- Staging validation is required before production promotion.
Reference in New Issue View Git Blame Copy Permalink