32 lines
1.5 KiB
Markdown
32 lines
1.5 KiB
Markdown
# Quickstart — Spec 090 (Action Surface Contract Compliance & RBAC Hardening)
|
|
|
|
## Prereqs
|
|
- Run inside Sail.
|
|
|
|
## Run the guard tests (fast feedback)
|
|
- `vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php`
|
|
|
|
## Run targeted RBAC/action tests (after implementation)
|
|
Planned additions for Spec 090 will include feature tests for:
|
|
- Policy “Capture snapshot” authorization + audit log
|
|
- Findings list action ordering + acknowledge gating
|
|
- Provider connections action surface + RBAC gating
|
|
- Backup schedules action surface + empty-state CTA gating
|
|
- Workspace resource access semantics (non-member 404, member missing capability 403)
|
|
|
|
Run the smallest set first, e.g.:
|
|
- `vendor/bin/sail artisan test --compact --filter=ActionSurfaceContract`
|
|
|
|
## Run only Spec 090 tests
|
|
- `vendor/bin/sail artisan test --compact tests/Feature/090/`
|
|
- `vendor/bin/sail artisan test --compact --filter=Spec090`
|
|
|
|
## Formatting
|
|
- `vendor/bin/sail bin pint --dirty`
|
|
|
|
## Manual verification checklist (post-implementation)
|
|
- Confirm each in-scope list/table provides an inspection affordance (View action *or* clickable row/primary link), consistent “More” grouping, and ≤2 primary row actions.
|
|
- Confirm destructive actions require confirmation.
|
|
- Confirm tenant/workspace isolation: non-members get 404 semantics; members without capability get 403 on execution and disabled + tooltip in UI.
|
|
- Confirm successful side-effect actions create an `audit_logs` entry with sanitized metadata.
|