TenantAtlas/specs/374-diagnostic-entry-point-support-diagnostics-consolidation/artifacts/source-audit-summary.md
Ahmed Darrazi c125fd48fd
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 3m58s
feat(ui): implement diagnostic entry point consolidation
Applied diagnostic surface contract rules to Audit Log inspect modal and Support Diagnostics action context, consolidating raw diagnostic data into safe modals according to Spec 374.
2026-06-13 03:06:33 +02:00

72 lines
5.8 KiB
Markdown

# Source Audit Summary
Status: implementation audit complete.
## Repo Safety
- Active branch before Spec Kit execution: `platform-dev`.
- Active branch after Spec Kit execution: `374-diagnostic-entry-point-support-diagnostics-consolidation`.
- Base HEAD before preparation: `94877c9a feat(ui): implement diagnostic surface separation (#444)`.
- Initial dirty state: clean.
- Initial implementation dirty state included the untracked active Spec 374 package and an unrelated `.codex/config.toml` local change. The `.codex/config.toml` change was left untouched.
- Runtime implementation stayed inside the scoped dashboard/support/repair diagnostics files, focused tests, proportional UI audit docs, and Spec 374 artifacts.
## Source Inputs
| Source | Availability | Verification Class | Use In Spec 374 |
|---|---|---|---|
| User-provided Spec 374 draft | available | user-provided | Primary candidate scope |
| Spec 373 `spec.md`, `plan.md`, `tasks.md` | available | repo-verified completed context | Predecessor scope and boundaries |
| Spec 373 artifacts | available | repo-verified / browser-verified where recorded | Implementation truth for diagnostic hierarchy |
| Spec 370 IA artifacts | available | repo-verified completed contract | Decision-first and diagnostic-surface rules |
| Current routes in `apps/platform/routes/web.php` | available | repo-verified | Confirms dashboard and diagnostics routes |
| `EnvironmentDiagnostics` page | available | repo-verified | Confirms direct route, non-navigation registration, repair actions |
| `EnvironmentDashboard` page | available | repo-verified | Confirms `openSupportDiagnosticsAction()` exists |
| Support diagnostics modal view | available | repo-verified | Confirms recommended first check rendering exists |
| `ManagedEnvironmentLinks::diagnosticsUrl()` | available | repo-verified | Helper exists; implementation search found route-contract tests plus the helper definition, no runtime dashboard caller |
## Completed-Spec Guardrail
| Related spec | Completion signal | Treatment |
|---|---|---|
| Spec 370 Global Surface IA Contract | completed contract artifacts | consumed as contract only |
| Spec 371 Core Operator View Surfaces Productization | active artifact references and browser/validation context in repo | pattern/context only |
| Spec 372 Customer Auditor Surface Safety Pass | active artifact references and browser/validation context in repo | pattern/context only |
| Spec 373 Diagnostic Surface Separation | checked tasks, validation report, browser report, screenshots, and implementation artifacts | completed predecessor; do not rewrite |
## Current Runtime Truth Observed During Preparation
- `web.php` registers `/admin/workspaces/{workspace}/environments/{environment:slug}` for `EnvironmentDashboard`.
- `web.php` registers `/admin/workspaces/{workspace}/environments/{environment:slug}/diagnostics` for `EnvironmentDiagnostics`.
- `EnvironmentDiagnostics` sets `protected static bool $shouldRegisterNavigation = false`.
- `EnvironmentDiagnostics` exposes repair actions `bootstrapOwner` and `mergeDuplicateMemberships` only when applicable.
- Existing repair actions use `Action::make(...)->action(...)`, `->requiresConfirmation()`, `UiEnforcement`, and `Capabilities::TENANT_MANAGE`.
- `EnvironmentDiagnostics::diagnosticSummary()` now provides Spec 374 repair-only summary values for blocker and no-action states.
- `EnvironmentDiagnostics` now renders the title `Repair diagnostics` with a repair-only subheading.
- `EnvironmentDiagnostics` now exposes one secondary read-only `Open support diagnostics` modal action with support-diagnostics capability gating, audit logging, and `repair_diagnostics` telemetry.
- `environment-diagnostics.blade.php` continues to lead with the summary and lower blocker sections; no provider/system/evidence checks were added.
- `EnvironmentDashboard` contains `openSupportDiagnosticsAction()`.
- `support-diagnostic-bundle.blade.php` now explicitly states the quick support context purpose before `Recommended first check`, renders `Redacted support view`, and organizes lower sections by status, why relevant, observed, and action.
- Implementation search for `diagnosticsUrl(` found the helper plus route-contract tests; no runtime dashboard caller was added. The helper is retained as a canonical deeplink utility.
## Product Decision Summary
Spec 374 should define the official diagnostic IA:
1. **Support Diagnostics** is the official quick support diagnostics entrypoint.
2. **Environment Repair Diagnostics** is a secondary/deeplink page for supported repairable membership/access issues.
3. **Provider/Permission Diagnostics** remain in Provider Connections / Required Permissions or a future provider-readiness follow-up.
4. **System Diagnostics** remain `/system`/platform-admin concerns and are not part of this spec.
5. **Evidence/Customer Review questions** remain evidence/review-pack/customer-review surfaces, not diagnostics entrypoint scope.
## Scope Risk
The main risk is treating "diagnostics" as a broad product platform. The implementation must not add a diagnostic hub, new navigation, provider checks, evidence reachability fixes, or system auth fixture work.
## Implementation Decision
- No dashboard repair diagnostics link was added. Existing repo truth does not require promoting the direct repair page from the dashboard no-action state.
- `ManagedEnvironmentLinks::diagnosticsUrl()` remains a retained canonical deeplink helper used by route-contract tests and available to future repo-backed repair contexts.
- The direct `/diagnostics` route was renamed in rendered copy and action-surface metadata to `Repair diagnostics`.
- Support Diagnostics remains the official quick diagnostics entrypoint from the dashboard; Repair Diagnostics now has one secondary read-only handoff action to the same redacted support modal.