ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
ff671d8d4a
TenantAtlas/specs/077-workspace-nav-monitoring-hub/contracts/routes.md
ahmido fb1046c97a Spec 077: Workspace Global Mode + context bar redundancy cleanup (#94) 
Implements Spec 077 refinements: workspace Global Mode and navigation/context-bar redundancy cleanup.

Summary
- Global Mode: `/admin/workspaces` is workspace-optional (lists only member workspaces); explicit allowlist in `EnsureWorkspaceSelected`.
- Navigation cleanup: workspace switching is topbar-only; no sidebar “Switch workspace”; removes redundant “Manage workspaces” entry from context-bar.
- Context bar: when no workspace selected, tenant picker is disabled with guidance; on tenant-scoped routes `/admin/t/{tenant}/…` the tenant indicator is read-only (Filament tenant menu remains primary).
- Authorization: workspace creation is policy-driven (`WorkspacePolicy::create()`), enforced in `ChooseWorkspace` via Gate.

Safety / Compliance
- Livewire v4.0+ compliant (Filament v5).
- Panel provider registration remains in `bootstrap/providers.php` (no changes required).
- Global search: no new globally searchable resources added; no behavior changes introduced.
- Destructive actions: none added/changed.
- Assets: no new assets registered; deploy process unchanged (if assets are registered elsewhere, ensure `php artisan filament:assets` runs in deploy as usual).

Tests
- `vendor/bin/sail bin pint --dirty`
- `vendor/bin/sail artisan test --compact tests/Feature/Workspaces tests/Feature/Monitoring tests/Feature/OpsUx tests/Feature/Filament/WorkspaceContextTopbarAndTenantSelectionTest.php`

Spec artifacts
- `specs/077-workspace-nav-monitoring-hub/{spec,plan,tasks}.md`
- `specs/077-workspace-nav-monitoring-hub/contracts/routes.md`

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #94
2026-02-06 22:14:53 +00:00

70 lines
2.3 KiB
Markdown
Raw Blame History

# Contracts — Routes & Semantics (077)
**Spec**: [specs/077-workspace-nav-monitoring-hub/spec.md](../spec.md)
This feature is an admin UI/navigation refactor. Contracts are expressed as web route semantics + access rules.
## Canonical routes
### Workspace context
- `GET /admin/choose-workspace`
- Purpose: select active workspace context
- Access: authenticated user
- Visibility: shows only workspaces where the user is a member
- `POST /admin/switch-workspace`
- Purpose: update workspace context
- Access: authenticated user
- Security:
- If user is not a member of the selected workspace → 404 (deny-as-not-found)
### Workspace management (CRUD)
- `GET /admin/workspaces`
- `GET /admin/workspaces/{workspace}`
- `GET /admin/workspaces/{workspace}/edit`
- `GET /admin/workspaces/create`
Contract semantics:
- Workspace context is optional on `/admin/workspaces` (Global Mode).
- Index lists only workspaces the user is a member of.
- If user attempts to access a workspace record they are not a member of → 404 (deny-as-not-found)
- Workspace creation is self-serve for authenticated users (policy-driven).
- If user is a member but lacks the required capability for a protected action/screen (edit/membership management) → 403
- If user is authorized → normal Filament behavior
### Monitoring hub — Operations
- `GET /admin/operations`
- Canonical operations index (tenantless URL)
- Behavior:
- If tenant context is active: default filter state = current tenant (removable)
- If tenant context is not active: workspace-wide list
- `GET /admin/operations/{run}`
- Canonical run deep link
- Security:
- If run belongs to a workspace the user is not a member of → 404
### Monitoring hub — Reserved surfaces (placeholders)
- `GET /admin/alerts`
- Reserved placeholder page
- Access: workspace members (workspace context required)
- `GET /admin/audit-log`
- Reserved placeholder page
- Access: workspace members (workspace context required)
## Status code rules (summary)
- Non-member / not entitled to the workspace scope → 404
- Member but missing capability (workspace-scoped protected actions) → 403
## Non-leakage requirements
- Global search must not list inaccessible workspaces/tenants/runs.
- Navigation labels and groups must not imply the existence of admin-only surfaces.
Reference in New Issue View Git Blame Copy Permalink