ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
f1eadadf78
TenantAtlas/specs/376-browser-audit-fixture-coverage-evidence-system-surfaces/artifacts/source-audit-summary.md
ahmido f6dbc89edb test: add spec 376 browser fixture coverage (#447) 
Adds browser fixture coverage for evidence system surfaces as described in Spec 376.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #447
2026-06-13 11:22:19 +00:00

62 lines
4.4 KiB
Markdown
Raw Blame History

# Source Audit Summary
## Scope
Spec 376 covers browser fixture reachability and evidence for these existing surfaces only:
| Surface | Current repo path | Spec 376 handling |
|---|---|---|
| Evidence Snapshot View | `EvidenceSnapshotResource::getUrl('view', ...)` under `/admin/workspaces/{workspace}/environments/{environment}/evidence/{record}` | Fresh browser-verified screenshot using existing admin smoke-login fixture. |
| Required Permissions | `/admin/workspaces/{workspace}/environments/{environment}/required-permissions` | Fresh browser-verified screenshot using existing admin smoke-login fixture and deterministic permission rows. |
| System Dashboard | `/system` | Fresh browser-verified screenshot using `PlatformUser` on the `platform` guard. |
| System Operations | `/system/ops/runs` | Fresh browser-verified screenshot using `PlatformUser` on the `platform` guard. |
| Provider Connection Detail | `/admin/provider-connections/{record}?environment_id={environment}` | Fresh browser-verified screenshot using scoped provider connection data and explicit environment authority. |
## Input Evidence
| Source | Relevant signal | Handling |
|---|---|---|
| Spec 368 `findings.md` | Evidence Snapshot detail redirected to `/admin/login`; System Dashboard/Ops redirected to `/system/login`. | Treated as the original blocker this spec closes. |
| Spec 368 `audit.md` | Required Permissions, Evidence Snapshot, and System pages were blocked by auth/fixture reachability. | Route/auth/data/browser truth is separated in Spec 376 reports. |
| Spec 353 | Required Permissions and Provider Connection browser screenshots exist under the Spec 353 package. | Used as completed context; not rewritten. |
| Spec 372 | Evidence Snapshot View browser pass exists with customer/auditor fixture. | Used as completed context; Spec 376 adds a consolidated fresh screenshot. |
| Spec 375 | Evidence/system browser fixture coverage remained a deferred follow-up. | Spec 376 implements that follow-up. |
## Related Completed Specs 370-375
| Spec | Relevant status | Handling |
|---|---|---|
| 370 | Source audit named Evidence Snapshot, Required Permissions, System Dashboard, and System Operations as `not available` source limitations. | Spec 376 adds browser fixture evidence for these limitations. |
| 371 | Backup Set browser verification passed and is outside the five-surface Spec 376 scope. | Read-only context. |
| 372 | Evidence Snapshot View browser verification passed in customer/auditor safety flow. | Read-only context plus fresh Spec 376 consolidated screenshot. |
| 373 | Diagnostic surfaces passed browser verification and explicitly did not recapture Provider Connections or Required Permissions. | Read-only context. |
| 374 | Diagnostic entrypoint browser verification passed and remained scoped to diagnostic/support handoff surfaces. | Read-only context. |
| 375 | Deferred evidence/system browser fixtures as a follow-up. | Implemented by this package. |
## Repo Truth
- Existing admin smoke-login route: `GET /admin/local/smoke-login`, local/testing-only, covered by `AdminLocalSmokeLoginTest`.
- Existing system auth route and panel: `SystemPanelProvider` uses `authGuard('platform')`, `UseSystemSessionCookie`, and `ensure-platform-capability:platform.access_system_panel`.
- Existing Pest Browser system proof: `Spec276SupportAccessGovernanceSmokeTest` authenticates with `$this->actingAs($platformUser, 'platform')`.
- `EvidenceSnapshotResource` has `protected static bool $isGloballySearchable = false`.
- `ProviderConnectionResource` has `protected static bool $isGloballySearchable = false`.
- Required Permissions and System surfaces are Filament pages, not globally searchable resources.
## Implementation Option Selected
Reuse existing fixtures and add one bounded browser smoke file:
- No new admin smoke route.
- No new system smoke route.
- No new Artisan fixture command.
- No production auth, policy, resource, panel, model, migration, Graph, or OperationRun behavior change.
## Fixture Gaps Closed
| Gap | Result |
|---|---|
| Evidence Snapshot auth fixture unclear | Closed by smoke-login redirect to environment-scoped evidence URL. |
| Required Permissions auth/data fixture unclear | Closed by smoke-login plus deterministic `ManagedEnvironmentPermission` rows. |
| System panel browser fixture absent | Closed by direct Pest Browser platform-guard `actingAs`. |
| Provider Connection detail timeout vs real defect unclear | Closed by scoped browser screenshot with explicit `environment_id`. |
Reference in New Issue View Git Blame Copy Permalink