Fix sidebar nav: update hardcoded navSections to match new Security structure

The sidebar component had its own hardcoded navSections array separate from NAVIGATION_GROUPS config. Updated Security group from 5 items (Vulnerabilities, Security Posture+4 children, Scan Image, VEX) to 4 flat items (Image Security, Triage Queue, Risk Overview, Advisory Sources). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 08:27:34 +03:00
parent a330dd3673
commit 1b11e4aafc
1 changed files with 47 additions and 93 deletions
--- a/src/Web/StellaOps.Web/src/app/layout/app-sidebar/app-sidebar.component.ts
+++ b/src/Web/StellaOps.Web/src/app/layout/app-sidebar/app-sidebar.component.ts
@@ -171,7 +171,7 @@ const RECOMMENDED_FIRST_VISIT_PATH: readonly RecommendedNavStep[] = [
              </button>
            }
            @if (!effectiveCollapsed && group.description) {
-              <p class="sb-group__description">{{ group.description }}</p>
+              <p class="sb-group__description" [attr.title]="group.description">{{ group.description }}</p>
            }
            <div class="sb-group__body" [id]="'nav-grp-' + group.id">
              <div class="sb-group__body-inner">
@@ -539,7 +539,9 @@ const RECOMMENDED_FIRST_VISIT_PATH: readonly RecommendedNavStep[] = [
      color: var(--color-sidebar-text-muted);
      font-size: 0.7rem;
      line-height: 1.45;
-      max-width: 24ch;
+      white-space: nowrap;
+      overflow: hidden;
+      text-overflow: ellipsis;
    }

    /* ---- Group chevron ---- */
@@ -755,10 +757,25 @@ export class AppSidebarComponent implements AfterViewInit {
      menuGroupLabel: 'Release Control',
      requireAnyScope: [StellaOpsScopes.POLICY_READ],
    },
-    // ── Group 2: Security ────────────────────────────────────────────
+    // ── Group 2: Security (simplified: 4 items) ──────────────────────
    {
-      id: 'vulnerabilities',
-      label: 'Vulnerabilities',
+      id: 'image-security',
+      label: 'Image Security',
+      icon: 'shield',
+      route: '/security/images',
+      menuGroupId: 'security',
+      menuGroupLabel: 'Security',
+      sparklineData$: () => this.doctorTrendService.securityTrend(),
+      requireAnyScope: [
+        StellaOpsScopes.SCANNER_READ,
+        StellaOpsScopes.SBOM_READ,
+        StellaOpsScopes.FINDINGS_READ,
+        StellaOpsScopes.VULN_VIEW,
+      ],
+    },
+    {
+      id: 'triage-queue',
+      label: 'Triage Queue',
      icon: 'alert',
      route: '/triage/artifacts',
      menuGroupId: 'security',
@@ -771,101 +788,25 @@ export class AppSidebarComponent implements AfterViewInit {
      ],
    },
    {
-      id: 'security-posture',
-      label: 'Security Posture',
-      icon: 'shield',
-      route: '/security',
+      id: 'risk-overview',
+      label: 'Risk Overview',
+      icon: 'activity',
+      route: '/security/risk',
      menuGroupId: 'security',
      menuGroupLabel: 'Security',
-      sparklineData$: () => this.doctorTrendService.securityTrend(),
-      requireAnyScope: [
-        StellaOpsScopes.SCANNER_READ,
-        StellaOpsScopes.SBOM_READ,
-        StellaOpsScopes.ADVISORY_READ,
-        StellaOpsScopes.VEX_READ,
-        StellaOpsScopes.EXCEPTION_READ,
-        StellaOpsScopes.FINDINGS_READ,
-        StellaOpsScopes.VULN_VIEW,
-      ],
-      children: [
-        { id: 'sec-supply-chain', label: 'Supply-Chain Data', route: '/security/supply-chain-data', icon: 'graph' },
-        { id: 'sec-findings-explorer', label: 'Findings Explorer', route: '/security/findings', icon: 'list' },
-        { id: 'sec-reachability', label: 'Reachability', route: '/security/reachability', icon: 'cpu' },
-        { id: 'sec-unknowns', label: 'Unknowns', route: '/security/unknowns', icon: 'help-circle' },
-      ],
+      requireAnyScope: [StellaOpsScopes.FINDINGS_READ, StellaOpsScopes.VULN_VIEW],
    },
    {
-      id: 'scan-image',
-      label: 'Scan Image',
-      icon: 'search',
-      route: '/security/scan',
+      id: 'advisory-sources',
+      label: 'Advisory Sources',
+      icon: 'rss',
+      route: '/security/advisory-sources',
      menuGroupId: 'security',
      menuGroupLabel: 'Security',
-      requireAnyScope: [StellaOpsScopes.SCANNER_READ],
+      requireAnyScope: [StellaOpsScopes.ADVISORY_READ],
    },
-    {
-      id: 'sec-vex-exceptions',
-      label: 'VEX & Exceptions',
-      icon: 'file-text',
-      route: '/ops/policy/vex',
-      menuGroupId: 'security',
-      menuGroupLabel: 'Security',
-      requireAnyScope: [StellaOpsScopes.VEX_READ, StellaOpsScopes.EXCEPTION_READ],
-    },
-    // ── Group 3: Evidence (trimmed from 7 to 4) ──────────────────────
-    {
-      id: 'evidence-overview',
-      label: 'Evidence Overview',
-      icon: 'file-text',
-      route: '/evidence/overview',
-      menuGroupId: 'evidence',
-      menuGroupLabel: 'Evidence',
-      requireAnyScope: [
-        StellaOpsScopes.RELEASE_READ,
-        StellaOpsScopes.POLICY_AUDIT,
-        StellaOpsScopes.AUTHORITY_AUDIT_READ,
-        StellaOpsScopes.SIGNER_READ,
-        StellaOpsScopes.VEX_EXPORT,
-      ],
-    },
-    {
-      id: 'evidence-capsules',
-      label: 'Decision Capsules',
-      icon: 'archive',
-      route: '/evidence/capsules',
-      menuGroupId: 'evidence',
-      menuGroupLabel: 'Evidence',
-      requireAnyScope: [
-        StellaOpsScopes.RELEASE_READ,
-        StellaOpsScopes.POLICY_AUDIT,
-      ],
-    },
-    {
-      id: 'evidence-audit-log',
-      label: 'Audit Log',
-      icon: 'list',
-      route: '/evidence/audit-log',
-      menuGroupId: 'evidence',
-      menuGroupLabel: 'Evidence',
-      requireAnyScope: [
-        StellaOpsScopes.POLICY_AUDIT,
-        StellaOpsScopes.AUTHORITY_AUDIT_READ,
-      ],
-    },
-    {
-      id: 'evidence-exports',
-      label: 'Export Center',
-      icon: 'download',
-      route: '/evidence/exports',
-      menuGroupId: 'evidence',
-      menuGroupLabel: 'Evidence',
-      requireAnyScope: [
-        StellaOpsScopes.VEX_EXPORT,
-        StellaOpsScopes.RELEASE_READ,
-      ],
-    },
-    // Replay & Verify, Bundles, Trust — removed from nav, still routable.
-    // Accessible from Evidence Overview, Decision Capsules detail, and Audit Log filters.
+    // Evidence group consolidated into Operations → Audit.
+    // Evidence threads, capsule details, proof chains, workspaces remain routable from context pages.
    // ── Group 4: Operations ─────────────────────────────────────────
    {
      id: 'ops-jobs',
@@ -912,6 +853,19 @@ export class AppSidebarComponent implements AfterViewInit {
      menuGroupLabel: 'Operations',
      requireAnyScope: [StellaOpsScopes.HEALTH_READ, StellaOpsScopes.UI_ADMIN],
    },
+    {
+      id: 'ops-audit',
+      label: 'Audit',
+      icon: 'list',
+      route: '/ops/operations/audit',
+      menuGroupId: 'operations',
+      menuGroupLabel: 'Operations',
+      requireAnyScope: [
+        StellaOpsScopes.POLICY_AUDIT,
+        StellaOpsScopes.AUTHORITY_AUDIT_READ,
+        StellaOpsScopes.RELEASE_READ,
+      ],
+    },
    // Runtime Drift, Notifications, Watchlist — removed from nav, still routable.
    // ── Group 5: Settings ────────────────────────────────────────────
    {