ahmido
fb1046c97a
Implements Spec 077 refinements: workspace Global Mode and navigation/context-bar redundancy cleanup.
Summary
- Global Mode: `/admin/workspaces` is workspace-optional (lists only member workspaces); explicit allowlist in `EnsureWorkspaceSelected`.
- Navigation cleanup: workspace switching is topbar-only; no sidebar “Switch workspace”; removes redundant “Manage workspaces” entry from context-bar.
- Context bar: when no workspace selected, tenant picker is disabled with guidance; on tenant-scoped routes `/admin/t/{tenant}/…` the tenant indicator is read-only (Filament tenant menu remains primary).
- Authorization: workspace creation is policy-driven (`WorkspacePolicy::create()`), enforced in `ChooseWorkspace` via Gate.
Safety / Compliance
- Livewire v4.0+ compliant (Filament v5).
- Panel provider registration remains in `bootstrap/providers.php` (no changes required).
- Global search: no new globally searchable resources added; no behavior changes introduced.
- Destructive actions: none added/changed.
- Assets: no new assets registered; deploy process unchanged (if assets are registered elsewhere, ensure `php artisan filament:assets` runs in deploy as usual).
Tests
- `vendor/bin/sail bin pint --dirty`
- `vendor/bin/sail artisan test --compact tests/Feature/Workspaces tests/Feature/Monitoring tests/Feature/OpsUx tests/Feature/Filament/WorkspaceContextTopbarAndTenantSelectionTest.php`
Spec artifacts
- `specs/077-workspace-nav-monitoring-hub/{spec,plan,tasks}.md`
- `specs/077-workspace-nav-monitoring-hub/contracts/routes.md`
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #94
67 lines
2.1 KiB
Markdown
67 lines
2.1 KiB
Markdown
# Data Model — Workspace-first Navigation & Monitoring Hub (077)
|
||
|
||
**Date**: 2026-02-06
|
||
**Spec**: [specs/077-workspace-nav-monitoring-hub/spec.md](spec.md)
|
||
|
||
This feature is primarily information architecture + context enforcement. No new tables are required; the design depends on existing entities and their relationships.
|
||
|
||
## Entities
|
||
|
||
### Workspace
|
||
|
||
Represents a portfolio / customer container (primary context).
|
||
|
||
- Key fields (existing, relevant):
|
||
- `id`
|
||
- `name`
|
||
- `slug` (optional)
|
||
- `archived_at` (nullable)
|
||
|
||
### WorkspaceMembership
|
||
|
||
Entitlement relationship between a user and a workspace.
|
||
|
||
- Key fields (existing, relevant):
|
||
- `workspace_id`
|
||
- `user_id`
|
||
- `role` (e.g. owner/operator/etc; actual role semantics are managed by the capability resolver)
|
||
|
||
### Tenant (Managed Tenant)
|
||
|
||
Represents a Microsoft/Intune tenant belonging to a workspace (secondary context via Filament tenancy).
|
||
|
||
- Key fields (existing, relevant):
|
||
- `id`
|
||
- `workspace_id` (foreign key to Workspace)
|
||
- `external_id` (used in Filament tenancy route `/admin/t/{tenant}`)
|
||
- `status` (e.g., active)
|
||
|
||
### OperationRun
|
||
|
||
Canonical monitoring record (workspace-level entity; may optionally be linked to a tenant).
|
||
|
||
- Key fields (existing, relevant):
|
||
- `id`
|
||
- `workspace_id` (required for access control)
|
||
- `tenant_id` (nullable; used for default filtering and “recent operations”)
|
||
- `type`, `status`, `outcome`
|
||
- timestamps (created/started/completed)
|
||
- `context` (JSON)
|
||
|
||
## Relationships
|
||
|
||
- Workspace has many WorkspaceMemberships.
|
||
- Workspace has many Tenants.
|
||
- Workspace has many OperationRuns.
|
||
- Tenant belongs to Workspace.
|
||
- OperationRun belongs to Workspace.
|
||
- OperationRun optionally belongs to Tenant.
|
||
|
||
## Invariants / Rules enforced by this feature
|
||
|
||
- Workspace context (`current_workspace_id`) is required for workspace-scoped navigation and access control.
|
||
- Tenant context must be consistent with workspace context:
|
||
- If tenant is not in current workspace, tenant context is cleared (continue tenantless).
|
||
- OperationRun access is controlled by membership in the run’s `workspace_id`.
|
||
|