feat(ui): ship unified audit surfaces
This commit is contained in:
master
114
docs/modules/ui/unified-audit-surfaces/README.md
Normal file
114
docs/modules/ui/unified-audit-surfaces/README.md
Normal file
@@ -0,0 +1,114 @@
|
||||
# Unified Audit Surfaces
|
||||
|
||||
## Status
|
||||
Shipped on 2026-03-07.
|
||||
|
||||
## Product Shape
|
||||
Keep one canonical cross-module audit owner under Evidence.
|
||||
|
||||
- Canonical product home: `Evidence > Audit Log`
|
||||
- Canonical route family: `/evidence/audit-log`
|
||||
- Secondary surfacing:
|
||||
- `Admin > Unified Audit Log`
|
||||
- `Setup` overview drilldowns
|
||||
- `Mission Control` activity
|
||||
- `Ops` and quota drilldowns
|
||||
- `Release` detail audit links
|
||||
|
||||
The current problem was not missing audit UI. The current problem was that the audit UI existed, but the app still split between Evidence-owned routes and stale admin absolute links.
|
||||
|
||||
## Product Boundary
|
||||
|
||||
### This shell owns
|
||||
- cross-module audit dashboard
|
||||
- all-events browser
|
||||
- event detail
|
||||
- timeline search
|
||||
- correlation clusters
|
||||
- anomaly alerts
|
||||
- export
|
||||
- module-specific audit views:
|
||||
- policy
|
||||
- authority
|
||||
- vex
|
||||
- integrations
|
||||
|
||||
### This shell does not own
|
||||
- `Audit Bundles`
|
||||
- stays under `/triage/audit-bundles`
|
||||
- `Auditor Workspace`
|
||||
- stays under `/workspace/audit/:artifactDigest`
|
||||
- contextual reason capsules
|
||||
- stay embedded in the owning workflow
|
||||
- policy/VEX scoped audit tabs
|
||||
- remain inside Policy Decisioning Studio but can deep-link into the canonical audit shell
|
||||
|
||||
## Canonical Route Contract
|
||||
|
||||
### Canonical routes
|
||||
- `/evidence/audit-log`
|
||||
- `/evidence/audit-log/events`
|
||||
- `/evidence/audit-log/events/:eventId`
|
||||
- `/evidence/audit-log/timeline`
|
||||
- `/evidence/audit-log/correlations`
|
||||
- `/evidence/audit-log/anomalies`
|
||||
- `/evidence/audit-log/export`
|
||||
- `/evidence/audit-log/policy`
|
||||
- `/evidence/audit-log/authority`
|
||||
- `/evidence/audit-log/vex`
|
||||
- `/evidence/audit-log/integrations`
|
||||
|
||||
### Shipped aliases
|
||||
- `/admin/audit`
|
||||
- `/admin/audit/:page`
|
||||
- `/admin/audit/events/:eventId`
|
||||
- `/administration/audit`
|
||||
- `/administration/audit/:page`
|
||||
- `/administration/audit/events/:eventId`
|
||||
|
||||
Aliases must preserve query params for handoffs like `tenantId`, `releaseId`, `runId`, `correlationId`, and event filters.
|
||||
|
||||
## Navigation Contract
|
||||
|
||||
### Primary navigation
|
||||
- Evidence keeps the real audit owner link.
|
||||
- Admin keeps an audit entry, but it points to the same Evidence-owned route family.
|
||||
|
||||
### Secondary entry points to keep
|
||||
- Setup overview drilldown card
|
||||
- Mission Control activity feed
|
||||
- dashboard activity cards
|
||||
- platform ops summary links
|
||||
- quota tenant detail
|
||||
- release detail
|
||||
|
||||
### Secondary entry points to avoid
|
||||
- do not create a second top-level audit product
|
||||
- do not fork a separate admin-only audit route tree
|
||||
- do not move audit bundles out of Triage just because they contain the word `audit`
|
||||
|
||||
## UX Rules
|
||||
- audit detail pages must always offer a stable path back to the canonical dashboard or events list
|
||||
- query-param handoffs should keep the operator in context instead of dumping them at an unfiltered dashboard
|
||||
- breadcrumbs, quick links, and cards must use the canonical evidence route family
|
||||
- cross-module audit is evidence-centered, not admin-settings-centered
|
||||
|
||||
## Why This Is Worth Keeping
|
||||
- Stella Ops makes an auditability promise; cross-module audit is core product capability, not optional legacy UI.
|
||||
- Most of the necessary pages already exist and appear implementation-ready.
|
||||
- The feature value is currently obscured by route fragmentation, broken links, and split ownership language rather than lack of functionality.
|
||||
|
||||
## Verification Evidence
|
||||
- feature verification note: `docs/features/checked/web/unified-audit-surfaces-ui.md`
|
||||
- targeted Angular tests: `31` passing assertions across evidence routes, audit behavior, evidence overview, admin aliases, and legacy redirects
|
||||
- Playwright: `2/2` passing scenarios for canonical audit landing, in-shell navigation, and old admin bookmark redirect
|
||||
- production build: pass, with existing unrelated bundle-budget warnings
|
||||
|
||||
## Restoration Goal
|
||||
Restored usability, not just visibility:
|
||||
|
||||
- one canonical owner
|
||||
- working aliases for old bookmarks
|
||||
- repaired internal navigation
|
||||
- real contextual entry points from the workflows that need audit
|
||||
- explicit verification that the main audit journeys work
|
||||
Reference in New Issue
Block a user