ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
ee5840227f
TenantAtlas/specs/085-tenant-operate-hub/plan.md
ahmido 2bf5de4663 085-tenant-operate-hub (#103) 
Summary

Consolidates the “Tenant Operate Hub” work (Spec 085) and the follow-up adjustments from the 086 session merge into a single branch ready to merge into dev.
Primary focus: stabilize Ops/Operate Hub UX flows, tighten/align authorization semantics, and make the full Sail test suite green.
Key Changes

Ops UX / Verification
Readonly members can view verification operation runs (reports) while starting verification remains restricted.
Normalized failure reason-code handling and aligned UX expectations with the provider reason-code taxonomy.
Onboarding wizard UX
“Start verification” CTA is hidden while a verification run is active; “Refresh” is shown during in-progress runs.
Treats provider_permission_denied as a blocking reason (while keeping legacy compatibility).
Test + fixture hardening
Standardized use of default provider connection fixtures in tests where sync/restore flows require it.
Fixed multiple Filament URL/tenant-context test cases to avoid 404s and reduce tenancy routing brittleness.
Policy sync / restore safety
Enrollment configuration type collision classification tests now exercise the real sync path (with required provider connection present).
Restore edge-case safety tests updated to reflect current provider-connection requirements.
Testing

vendor/bin/sail artisan test --compact (green)
vendor/bin/sail bin pint --dirty (green)
Notes

Includes merged 086 session work already (no separate PR needed).

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@ebc83aaa-d947-4a08-b88e-bd72ac9645f7.fritz.box>
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.fritz.box>
Reviewed-on: #103
2026-02-11 13:02:03 +00:00

5.4 KiB
Raw Blame History

Implementation Plan: Spec 085 — Tenant Operate Hub / Tenant Overview IA

Branch: 085-tenant-operate-hub | Date: 2026-02-09 | Spec: specs/085-tenant-operate-hub/spec.md Input: specs/085-tenant-operate-hub/spec.md

Summary

Make central Monitoring pages feel context-aware when entered from the tenant panel, without introducing tenant-scoped monitoring routes and without implicit tenant switching.

Key outcomes:

  • Tenant panel sidebar replaces “Operations” with a “Monitoring” group of shortcuts (Runs/Alerts/Audit Log) that open central Monitoring surfaces.
  • /admin/operations becomes context-aware when tenant context is active: scope label shows tenant, table defaults to tenant filter, and header includes Back to <tenant> + Show all tenants (clears tenant context).
  • /admin/operations/{run} adds deterministic “back” affordances: tenant back link when tenant context is active + entitled, plus secondary Show all operations; otherwise Back to Operations.
  • Monitoring page render remains DB-only: no outbound calls and no background work triggered by view-only GET.

Technical Context

Language/Version: PHP 8.4 (Laravel 12)
Primary Dependencies: Filament v5, Livewire v4, Laravel Sail, Tailwind CSS v4
Storage: PostgreSQL (Sail)
Testing: Pest v4 (vendor/bin/sail artisan test)
Target Platform: Web (enterprise SaaS admin UI)
Project Type: Laravel monolith (Filament panels + Livewire)
Performance Goals: Monitoring page renders are DB-only, low-latency, and avoid N+1 regressions
Constraints:

  • Canonical monitoring URLs must not change (/admin/operations, /admin/operations/{run})
  • No new tenant-scoped monitoring routes
  • No implicit tenant switching (tenant selection remains explicit POST)
  • Deny-as-not-found (404) for non-members/non-entitled; 403 only after membership established
  • No outbound calls on render; no render-time side effects (jobs/notifications) Scale/Scope: Small-to-medium UX change touching tenant navigation + 2 monitoring pages + Pest tests

Constitution Check

GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.

  • Inventory-first / snapshots: Not applicable (read-only monitoring UX).
  • Read/write separation: PASS (changes are navigation + view-only rendering; the only mutation is explicit “clear tenant context” action).
  • Graph contract path: PASS (no new Graph calls).
  • Deterministic capabilities: PASS (uses existing membership/entitlement checks; no new capability strings).
  • Workspace isolation: PASS (non-member workspace access remains 404).
  • Tenant isolation: PASS (no tenant identity leaks when not entitled; tenant pages remain 404).
  • Run observability: PASS (view-only pages do not start operations; Monitoring stays DB-only).
  • RBAC-UX destructive confirmation: PASS (no destructive actions added).
  • Filament UI Action Surface Contract: PASS (were modifying Pages; we will provide explicit header actions and table/default filter behavior; no new list resources are added).

Project Structure

Documentation (this feature)

specs/085-tenant-operate-hub/
├── plan.md
├── research.md
├── data-model.md
├── quickstart.md
├── contracts/
│   └── openapi.yaml
└── tasks.md

Source Code (repository root)

app/
├── Filament/
│   ├── Pages/
│   ├── Resources/
│   └── ...
├── Http/
│   ├── Controllers/
│   └── Middleware/
├── Providers/
└── Support/

resources/views/
tests/Feature/
routes/web.php

Structure Decision: Laravel monolith with Filament panels. Changes will be localized to existing panel providers, page classes, shared helpers (if present), and feature tests.

Phase Plan

Phase 0 — Research (complete)

Outputs:

  • specs/085-tenant-operate-hub/research.md (decisions + alternatives)

Phase 1 — Design & Contracts (complete)

Outputs:

  • specs/085-tenant-operate-hub/data-model.md (no schema changes; context rules)
  • specs/085-tenant-operate-hub/contracts/openapi.yaml (canonical routes + clear-tenant-context POST)
  • specs/085-tenant-operate-hub/quickstart.md (manual verification)

Phase 2 — Implementation Planning (next)

Implementation will be executed as small, test-driven slices:

  1. Tenant panel navigation IA
  • Replace tenant-panel “Operations” entry with “Monitoring” group.
  • Add 3 shortcut items (Runs/Alerts/Audit Log).
  • Verify no new tenant-scoped monitoring routes are introduced.
  1. Operations index context-aware header + default scope
  • If tenant context active + entitled: show scope Tenant — <name>, default table filter = tenant, CTAs Back to <tenant> and Show all tenants.
  • If no tenant context: show scope Workspace — all tenants.
  • If tenant context active but not entitled: behave workspace-wide (no tenant name, no back-to-tenant).
  1. Run detail deterministic back affordances
  • If tenant context active + entitled: ← Back to <tenant> plus secondary Show all operations.
  • Else: Back to Operations.
  1. Pest tests (security + UX)
  • OperationsIndexScopeTest (tenant vs workspace scope labels + CTAs)
  • RunDetailBackToTenantTest (tenant-context vs no-context actions)
  • Deny-as-not-found coverage for non-entitled tenant pages
  • “No outbound calls on render” guard for /admin/operations and /admin/operations/{run}

Complexity Tracking

No constitution violations expected.