ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
eef85af990
TenantAtlas/specs/054-unify-runs-suitewide/contracts/admin-pages.openapi.yaml
ahmido 3030dd9af2 054-unify-runs-suitewide (#63) 
Summary

Kurz: Implementiert Feature 054 — canonical OperationRun-flow, Monitoring UI, dispatch-safety, notifications, dedupe, plus small UX safety clarifications (RBAC group search delegated; Restore group mapping DB-only).
What Changed

Core service: OperationRun lifecycle, dedupe and dispatch helpers — OperationRunService.php.
Model + migration: OperationRun model and migration — OperationRun.php, 2026_01_16_180642_create_operation_runs_table.php.
Notifications: queued + terminal DB notifications (initiator-only) — OperationRunQueued.php, OperationRunCompleted.php.
Monitoring UI: Filament list/detail + Livewire pieces (DB-only render) — OperationRunResource.php and related pages/views.
Start surfaces / Jobs: instrumented start surfaces, job middleware, and job updates to use canonical runs — multiple app/Jobs/* and app/Filament/* updates (see tests for full coverage).
RBAC + Restore UX clarifications: RBAC group search is delegated-Graph-based and disabled without delegated token; Restore group mapping remains DB-only (directory cache) and helper text always visible — TenantResource.php, RestoreRunResource.php.
Specs / Constitution: updated spec & quickstart and added one-line constitution guideline about Graph usage:
spec.md
quickstart.md
constitution.md
Tests & Verification

Unit / Feature tests added/updated for run lifecycle, notifications, idempotency, and UI guards: see tests/Feature/* (notably OperationRunServiceTest, MonitoringOperationsTest, OperationRunNotificationTest, and various Filament feature tests).
Full test run locally: ./vendor/bin/sail artisan test → 587 passed, 5 skipped.
Migrations

Adds create_operation_runs_table migration; run php artisan migrate in staging after review.
Notes / Rationale

Monitoring pages are explicitly DB-only at render time (no Graph calls). Start surfaces enqueue work only and return a “View run” link.
Delegated Graph access is used only for explicit user actions (RBAC group search); restore mapping intentionally uses cached DB data only to avoid render-time Graph calls.
Dispatch wrapper marks runs failed immediately if background dispatch throws synchronously to avoid misleading “queued” states.
Upgrade / Deploy Considerations

Run migrations: ./vendor/bin/sail artisan migrate.
Background workers should be running to process queued jobs (recommended to monitor queue health during rollout).
No secret or token persistence changes.
PR checklist

 Tests updated/added for changed behavior
 Specs updated: 054-unify-runs-suitewide docs + quickstart
 Constitution note added (.specify)
 Pint formatting applied

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #63
2026-01-17 22:25:00 +00:00

55 lines
1.5 KiB
YAML
Raw Blame History

openapi: 3.0.3
info:
title: TenantPilot Admin Operations Contracts (Feature 054)
version: 0.1.0
description: |
Minimal page-render contracts for the Monitoring/Operations hub.
These pages must render from the database only (no external tenant calls)
and display only sanitized failure detail (no secrets/tokens/raw payload dumps).
servers:
- url: /
paths:
/admin/t/{tenantExternalId}/operations:
get:
operationId: monitoringOperationsIndex
summary: Monitoring → Operations (tenant-scoped)
parameters:
- name: tenantExternalId
in: path
required: true
schema:
type: string
responses:
'200':
description: Page renders successfully.
'302':
description: Redirect to login when unauthenticated.
/admin/t/{tenantExternalId}/operations/{operationRunId}:
get:
operationId: monitoringOperationsView
summary: Operation run detail (tenant-scoped)
parameters:
- name: tenantExternalId
in: path
required: true
schema:
type: string
- name: operationRunId
in: path
required: true
schema:
type: integer
responses:
'200':
description: Page renders successfully.
'302':
description: Redirect to login when unauthenticated.
'403':
description: Forbidden when attempting cross-tenant access.
components: {}
Reference in New Issue View Git Blame Copy Permalink