ahmido
8a889a863e
## Summary - add the Spec 323 Tenantial enterprise UI audit foundation package - add the UI/UX audit registry artifacts, templates, and supporting brand context placeholder - update Spec Kit prompts/templates plus PR fast-feedback guardrails for ongoing UI productization coverage ## Scope - docs-first audit foundation only - no runtime Laravel, Filament, Livewire, route, auth, or database behavior changes intended ## Validation - [x] `git diff --check` - [ ] application test suite run ## Notes - primary spec: `specs/323-tenantial-enterprise-ui-audit-foundation/` - this branch also updates `.gitea/pull_request_template.md`, `.gitea/workflows/test-pr-fast-feedback.yml`, and `scripts/check-ui-productization-coverage` to make the coverage gate durable for future UI work Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #383
9.2 KiB
9.2 KiB
Strategic Surfaces
This list is the Spec 323 baseline of inventory rows classified as Strategic Surface. Priority reflects design urgency, not implementation sequencing.
Priority model:
- P0: customer/operator-critical, dangerous, audit-sensitive, or core first-read surface.
- P1: important product surface that needs a target artifact or explicit product decision before major UI work.
- P2: platform/internal strategic surface that can follow after customer/admin-facing P0/P1 coverage.
| Priority | ID | Surface | Route | Why Strategic | Current Risk | Recommended Target Artifact |
|---|---|---|---|---|---|---|
| P0 | UI-001 | Workspace Overview | /admin -> /admin/workspaces/{workspace}/overview |
First admin landing after login. | Multiple competing next actions. | Individual target mockup. |
| P0 | UI-002 | Workspace Overview Direct | /admin/workspaces/{workspace}/overview |
Canonical workspace shell route. | Same hierarchy risk as UI-001. | Same target as UI-001. |
| P0 | UI-011 | Environment Dashboard | /admin/workspaces/{workspace}/environments/{environment} |
Core environment decision page. | Status, evidence, and action priority can blur. | Individual target mockup. |
| P0 | UI-016 | Operations | /admin/workspaces/{workspace}/operations |
OperationRun control and observability hub. | Diagnostic events can look like governance health. | Individual target mockup plus status grammar. |
| P0 | UI-025 | Audit Log | /admin/audit-log |
Auditability proof surface. | Raw logs can overpower decision context. | Evidence/audit target pattern. |
| P0 | UI-026 | Finding Exceptions Queue | /admin/finding-exceptions/queue |
Accepted-risk work queue. | Risk acceptance can feel like routine list handling. | Individual accepted-risk target. |
| P0 | UI-028 | Governance Inbox | /admin/governance/inbox |
Strategic operator inbox. | Needs sharp ownership and next-action hierarchy. | Individual target mockup. |
| P0 | UI-029 | Decision Register | /admin/governance/decisions |
Decision/proof register. | Evidence links and decision status need clarity. | Individual target mockup. |
| P0 | UI-034 | Finding Detail | /admin/workspaces/{workspace}/environments/{environment}/findings/{record} |
Core triage detail. | Not browser-reviewed; ownership/close/risk actions unknown. | Individual detail mockup. |
| P0 | UI-036 | Exception Detail | /admin/workspaces/{workspace}/environments/{environment}/finding-exceptions/{record} |
Accepted-risk detail. | Expiry, approver, and audit trail need strong hierarchy. | Individual detail mockup. |
| P0 | UI-038 | Customer Review Workspace | /admin/reviews/workspace |
Customer/auditor-facing workspace. | Customer-safe language and proof context are critical. | Individual target mockup. |
| P0 | UI-049 | Backup Schedules | /admin/workspaces/{workspace}/environments/{environment}/backup-schedules |
Backup readiness and schedule safety. | Run/retry controls are high impact. | Backup pattern target. |
| P0 | UI-051 | Backup Sets | /admin/workspaces/{workspace}/environments/{environment}/backup-sets |
Restore-point truth and recovery evidence. | Browser blocked by capability fixture. | Individual backup set target with fixture. |
| P0 | UI-053 | Restore Runs | /admin/workspaces/{workspace}/environments/{environment}/restore-runs |
Restore execution history. | Browser blocked; destructive workflow context unknown. | Individual restore target with fixture. |
| P0 | UI-054 | Restore Run Create/View | /admin/workspaces/{workspace}/environments/{environment}/restore-runs/create and /view |
High-impact restore workflow. | Dry-run, confirmation, partial restore, and audit UX need proof. | Restore workflow target. |
| P0 | UI-055 | Baseline Profiles | /admin/baseline-profiles |
Baseline source of governance truth. | Assignment/capture/compare semantics need hierarchy. | Drift/diff target pattern. |
| P0 | UI-061 | Baseline Compare | /admin/workspaces/{workspace}/environments/{environment}/baseline-compare |
Environment drift decision page. | Browser blocked/404 in fixture. | Individual compare target with seeded state. |
| P0 | UI-072 | Provider Connections | /admin/provider-connections |
Credential and provider health surface. | Permission/connection truth must be trusted. | Individual integration target. |
| P0 | UI-073 | Create Provider Connection | /admin/provider-connections/create |
Consent/credential setup. | Least-privilege, scopes, and handoff copy need review. | Provider onboarding target. |
| P1 | UI-007 | Manage Workspaces | /admin/workspaces |
Workspace administration and membership entry point. | RBAC and entitlement language not browser-reviewed. | Workspace admin target. |
| P1 | UI-010 | Managed Environments | /admin/workspaces/{workspace}/environments |
Environment portfolio entry point. | Needs portfolio-level status and context. | Environment portfolio target. |
| P1 | UI-013 | Environment Access Scopes | /admin/workspaces/{workspace}/environments/{environment}/access-scopes |
Environment RBAC surface. | Access changes need confirmation/audit treatment. | Access-control target. |
| P1 | UI-014 | Environment Onboarding | /admin/onboarding |
Provider/environment setup wizard. | Long workflow and provider scopes need productization. | Wizard target. |
| P1 | UI-017 | Operation Detail | /admin/workspaces/{workspace}/operations/{run} |
OperationRun proof and diagnostics. | Dynamic record state not reviewed. | Operation detail pattern. |
| P1 | UI-018 | Alerts | /admin/alerts |
Alerting entry point. | Cluster redirects to delivery list; target hierarchy unclear. | Monitoring pattern target. |
| P1 | UI-037 | Review Register | /admin/reviews |
Review planning and proof register. | Needs timeline and customer/auditor framing. | Review pattern target. |
| P1 | UI-040 | Environment Review Detail | /admin/workspaces/{workspace}/environments/{environment}/environment-reviews/{record} |
Customer/auditor review detail. | Dynamic detail not reviewed. | Review detail target. |
| P1 | UI-042 | Review Pack Detail | /admin/workspaces/{workspace}/environments/{environment}/review-packs/{record} |
Export/evidence artifact detail. | Export context and proof trust need review. | Review-pack target. |
| P1 | UI-044 | Evidence Overview | /admin/evidence/overview |
Workspace-wide evidence landing. | Not captured; evidence taxonomy unknown. | Evidence overview target. |
| P1 | UI-046 | Evidence Snapshot Detail | /admin/workspaces/{workspace}/environments/{environment}/evidence/{record} |
Raw/support evidence detail. | Raw data exposure risk. | Evidence detail pattern. |
| P1 | UI-048 | Stored Report Detail | /admin/workspaces/{workspace}/environments/{environment}/stored-reports/{record} |
Customer-readable report artifact. | Claims, freshness, and export context need review. | Stored report target. |
| P1 | UI-052 | Backup Set Create/View | /admin/workspaces/{workspace}/environments/{environment}/backup-sets/create and /view |
Backup creation and restore-point detail. | Safety and proof state not reviewed. | Backup workflow target. |
| P1 | UI-057 | Baseline Profile Detail/Edit | /admin/baseline-profiles/{record} and /edit |
Baseline capture/edit detail. | Capture/compare actions need dangerous-action treatment. | Baseline detail target. |
| P1 | UI-058 | Baseline Compare Matrix | /admin/baseline-profiles/{record}/compare-matrix |
Cross-baseline comparison. | Matrix hierarchy and evidence gaps unknown. | Compare matrix target. |
| P1 | UI-063 | Inventory Coverage | /admin/workspaces/{workspace}/environments/{environment}/inventory/inventory-coverage |
Evidence confidence gate. | Coverage truth and unknown states need target grammar. | Inventory coverage target. |
| P1 | UI-069 | Policy Version Detail | /admin/workspaces/{workspace}/environments/{environment}/policy-versions/{record} |
Immutable snapshot/diff proof. | Snapshot/diff detail not reviewed. | Policy version target. |
| P1 | UI-074 | Provider Connection Detail/Edit | /admin/provider-connections/{record} and /edit |
Provider health and permission detail. | Raw/diagnostic data can dominate. | Integration detail target. |
| P1 | UI-076 | Cross Environment Compare | /admin/cross-environment-compare |
Portfolio drift/promotion comparison. | Environment scoping and result hierarchy unknown. | Cross-environment target. |
| P2 | UI-085 | System Dashboard | /system |
Platform control tower. | Separate guard/capability state not reviewed. | System-plane dashboard target. |
| P2 | UI-091 | Operational Controls | /system/ops/controls |
Platform-wide operational control surface. | High-impact controls need confirmation grammar. | System controls pattern. |
| P2 | UI-094 | System Operations | /system/ops/runs |
Platform operation monitor. | System-plane status grammar not reviewed. | System operations pattern. |
| P2 | UI-095 | System Operation Detail | /system/ops/runs/{run} |
Platform run detail and controls. | Dynamic record state not reviewed. | System operation detail target. |
| P2 | UI-097 | Repair Workspace Owners | /system/repair-workspace-owners |
Break-glass ownership repair. | High-impact repair action needs strict confirmation. | Break-glass target. |
| P2 | UI-098 | Access Logs | /system/security/access-logs |
Platform access audit. | Access-log evidence hierarchy not reviewed. | System audit target. |