Fix notifications surface ownership and frontdoor contracts

2026-03-10 16:54:25 +02:00
parent 2859c751e6
commit 8578065675
15 changed files with 1820 additions and 1182 deletions
--- a/docs/implplan/SPRINT_20260310_029_FE_notifications_surface_contract_and_frontdoor_split.md
+++ b/docs/implplan/SPRINT_20260310_029_FE_notifications_surface_contract_and_frontdoor_split.md
@@ -0,0 +1,77 @@
+# Sprint 20260310-029 - Notifications Surface Contract And Frontdoor Split
+
+## Topic & Scope
+- Restore the intended split between operator notifications and setup/admin notifications so `/ops/operations/notifications` stays an operator workflow while `/setup/notifications` hosts Notifications Studio.
+- Repair the Notifications Studio web client so it talks to the documented Notifier frontdoor instead of stale legacy Notify endpoint shapes and paths.
+- Add the missing router frontdoor mapping for the Notifier Studio API prefix and reverify both surfaces with focused tests and live Playwright.
+- Working directory: `src/Web/StellaOps.Web`.
+- Expected evidence: focused Angular specs, focused router tests, live Playwright artifact, updated sprint log.
+
+## Dependencies & Concurrency
+- Depends on `SPRINT_20260310_028_FE_route_surface_ownership_alignment.md` for the route ownership baseline.
+- Safe parallelism: avoid the unrelated dirty files already present under `src/Web/StellaOps.Web/src/app/features/approvals/`, `src/Web/StellaOps.Web/src/app/features/release-control/`, `src/Web/StellaOps.Web/src/app/features/security/`, `src/Web/StellaOps.Web/src/app/shared/ui/filter-bar/`, and `docs/implplan/SPRINT_20260310_026_Platform_global_context_propagation_header_cleanup.md`.
+- Allowed coordination edits: `src/Router/StellaOps.Gateway.WebService/appsettings.json`, `src/Router/__Tests/StellaOps.Gateway.WebService.Tests/Configuration/GatewayRouteSearchMappingsTests.cs`, `devops/compose/router-gateway-local.json`, `docs/modules/notify/architecture.md`, `docs/implplan/SPRINT_20260310_029_FE_notifications_surface_contract_and_frontdoor_split.md`.
+
+## Documentation Prerequisites
+- `docs/modules/notify/architecture.md`
+- `docs/features/checked/web/security-operations-leaves-ui.md`
+- `docs/features/checked/web/notification-rule-simulation-escalation-policies.md`
+- `docs/modules/router/webservices-valkey-rollout-matrix.md`
+
+## Delivery Tracker
+
+### NOTIFY-FRONTDOOR-029-001 - Restore route ownership for operator and admin notifications
+Status: DONE
+Dependency: none
+Owners: QA, Developer
+Task description:
+- Move `/ops/operations/notifications` back onto the operator `NotifyPanelComponent` and mount Notifications Studio under `/setup/notifications` instead of redirecting setup traffic into ops.
+- Update route contract specs so the ownership split is explicit and regressions are caught in tests.
+
+Completion criteria:
+- [ ] `/ops/operations/notifications` renders the operator notifications shell rather than Notifications Studio.
+- [ ] `/setup/notifications` is mounted directly and no longer redirects into ops.
+- [ ] Route ownership specs cover both surfaces.
+
+### NOTIFY-FRONTDOOR-029-002 - Retarget Notifications Studio to the documented Notifier frontdoor
+Status: DONE
+Dependency: NOTIFY-FRONTDOOR-029-001
+Owners: 3rd line support, Architect, Developer
+Task description:
+- Diagnose the live Studio failures down to route ownership, stale API base URL, stale endpoint paths, and response-shape mismatches.
+- Retarget the web client to the Notifier frontdoor prefix, normalize live collection envelopes, and use canonical Studio endpoint names instead of stale singular and misspelled paths.
+- Add the missing router mapping for the Studio frontdoor prefix so the client reaches Notifier through the gateway without reintroducing broad reverse-proxy fallback.
+
+Completion criteria:
+- [ ] The web client uses the canonical Notifier frontdoor prefix.
+- [ ] Rules, channels, deliveries, quiet-hours, overrides, escalation policies, throttles, simulation, and preview calls use canonical endpoint names.
+- [ ] Focused specs cover response normalization and frontdoor route presence.
+
+### NOTIFY-FRONTDOOR-029-003 - Reverify notifications surfaces live with Playwright
+Status: DONE
+Dependency: NOTIFY-FRONTDOOR-029-002
+Owners: QA
+Task description:
+- Rebuild the affected runtime slice, sync the new web bundle, and run live Playwright against both `/ops/operations/notifications` and `/setup/notifications`.
+- Verify the operator watchlist handoff links render and land correctly, and verify the admin tabs load without runtime error banners or broken requests on the rebuilt stack.
+
+Completion criteria:
+- [ ] Focused Angular/router tests pass.
+- [ ] The rebuilt web bundle is synced into the live stack.
+- [ ] Live Playwright verifies the operator and admin notifications surfaces without the previous `t.items is not iterable` failure.
+
+## Execution Log
+| Date (UTC) | Update | Owner |
+| --- | --- | --- |
+| 2026-03-10 | Sprint created after live Playwright showed `/ops/operations/notifications` was serving the wrong owner surface and `/setup/notifications` was coupled to stale Notifications Studio frontdoor contracts. | Developer |
+| 2026-03-10 | Restored the operator/admin route split, added the router frontdoor mapping for `/api/v1/notifier/*`, corrected the accidental repointing of the operator `NotifyApi` to Notifier, rebuilt the web bundle, synced `compose_console-dist`, restarted `stellaops-router-gateway`, and reran the live Playwright notifications sweep cleanly. Focused Angular/Vitest and router tests passed before the live recheck. | Codex |
+
+## Decisions & Risks
+- Decision: keep the product split documented in the UI dossiers: ops notifications remains the operator shell, while setup notifications remains the admin Studio.
+- Decision: use the documented Notifier frontdoor prefix (`/api/v1/notifier`) and route it through explicit microservice mappings instead of broad reverse-proxy fallback.
+- Decision: keep the legacy operator `NotifyApi` on `/api/v1/notify`; only the admin Notifications Studio moves to `/api/v1/notifier`. Mixing those two service contracts caused the live `newCollection[Symbol.iterator] is not a function` runtime failure on the operator page.
+- Risk: the Notifier Studio backend currently emits mixed collection shapes across endpoints and tests; the web client must normalize both raw-array and envelope forms until the backend contracts are fully converged.
+
+## Next Checkpoints
+- Land the route and frontdoor fixes with focused specs.
+- Rebuild the router/web slice and rerun the live notifications Playwright sweep.
--- a/docs/modules/notify/architecture.md
+++ b/docs/modules/notify/architecture.md
@@ -1,5 +1,7 @@
 > **Scope.** Implementation‑ready architecture for **Notify** (aligned with Epic 11 – Notifications Studio): a rules‑driven, tenant‑aware notification service that consumes platform events (scan completed, report ready, rescan deltas, attestation logged, admission decisions, etc.), evaluates operator‑defined routing rules, renders **channel‑specific messages** (Slack/Teams/Email/Webhook), and delivers them **reliably** with idempotency, throttling, and digests. It is UI‑managed, auditable, and safe by default (no secrets leakage, no spam storms).

+* **Console frontdoor compatibility (updated 2026-03-10).** The web console reaches Notifier Studio through the gateway-owned `/api/v1/notifier/*` prefix, which translates onto the service-local `/api/v2/notify/*` surface without requiring browser calls to raw service-prefixed routes.
+
 ---

 ## 0) Mission & boundaries