feat(ui): ship trust-owned identity watchlist shell

2026-03-07 18:48:35 +02:00
parent 6aa8bb5095
commit 9d3bed1d0e
25 changed files with 2810 additions and 1142 deletions
--- a/docs/features/checked/web/identity-watchlist-management-ui.md
+++ b/docs/features/checked/web/identity-watchlist-management-ui.md
@@ -7,32 +7,42 @@ Web
 VERIFIED

 ## Description
-Full CRUD UI for managing identity watchlist entries (issuer, SAN, keyId) with match modes (Exact, Prefix, Glob, Regex), severity levels, scope (Tenant/Global/System), alert viewing, pattern testing, and duplicate suppression configuration. Users can create, edit, delete, enable/disable watchlist entries and view resulting alerts.
+Mounted Trust & Signing shell for managing identity watchlist entries (issuer, SAN, keyId) with match modes (Exact, Prefix, Glob, Regex), severity levels, scope (Tenant/Global/System), alert viewing, pattern testing, duplicate suppression configuration, and deep-link handoff from Mission Control and Notifications.

 ## Implementation Details
 - **Feature directory**: `src/Web/StellaOps.Web/src/app/features/watchlist/`
 - **Components**:
  - `watchlist-page` (`src/Web/StellaOps.Web/src/app/features/watchlist/watchlist-page.component.ts`)
- **Source**: Feature matrix scan
+- **Canonical routes**:
+  - `/setup/trust-signing/watchlist/entries`
+  - `/setup/trust-signing/watchlist/alerts`
+  - `/setup/trust-signing/watchlist/tuning`
+- **Secondary entry points**:
+  - `Mission Control > Alerts`
+  - `Ops > Notifications`
+- **Source**: shipped Trust & Signing watchlist shell

 ## E2E Test Plan
 - **Setup**:
  - [ ] Log in with a user that has appropriate permissions
-  - [ ] Navigate to `/security`
-  - [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
+  - [ ] Navigate to `/setup/trust-signing/watchlist/entries`
+  - [ ] Ensure identity watchlist seed data exists for entries and recent alerts
 - **Core verification**:
-  - [ ] Verify the list/table loads with paginated data
-  - [ ] Verify sorting and filtering controls work correctly
-  - [ ] Verify clicking a row navigates to the detail view
+  - [ ] Verify `Entries`, `Alerts`, and `Tuning` load inside one mounted shell
+  - [ ] Verify entry CRUD, pattern testing, and scope switching work
+  - [ ] Verify alert drill-in, jump-to-rule, and notifications handoff work
 - **Edge cases**:
  - [ ] Verify graceful handling when backend API is unavailable (error state)
+  - [ ] Verify `returnTo` preserves operator context from Mission Control and Notifications
  - [ ] Verify responsive layout at different viewport sizes
  - [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)

 ## Verification
- Run: `docs/qa/feature-checks/runs/web/identity-watchlist-management-ui/run-001/`
+- Run:
+  - `npx ng test --watch=false --include src/tests/watchlist/identity-watchlist-management-ui.component.spec.ts --include src/tests/trust_admin/trust-scoring-dashboard-ui.behavior.spec.ts --include src/tests/notify/notify-watchlist-handoff.spec.ts`
+  - `npx playwright test tests/e2e/watchlist-shell.spec.ts --workers=1`
 - Tier 0 (source): pass (`tier0-source-check.json`)
 - Tier 1 (build/tests): pass (`tier1-build-check.json`)
 - Tier 2 (behavior): pass (`tier2-e2e-check.json`)
- Verified on (UTC): 2026-02-11T07:02:25Z
+- Verified on (UTC): 2026-03-07T16:43:00Z

--- a/docs/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md
+++ b/docs/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md
@@ -1,128 +0,0 @@
-# Sprint 20260307-024 - Identity Watchlist Shell
-
-## Topic & Scope
- Restore the dropped identity watchlist capability as a trust-owned operational shell under `Setup > Trust & Signing`.
- Ship a fully usable watchlist with working entries, alerts, tuning, and deep-link behavior rather than leaving it as an unmounted page.
- Complete route wiring, menu exposure, cross-shell alert surfacing, and operator workflows end to end.
- Working directory: `src/Web/StellaOps.Web/src/app/features/watchlist`.
- Allowed coordination edits: `src/Web/StellaOps.Web/src/app/routes/`, `src/Web/StellaOps.Web/src/app/features/mission-control/`, `src/Web/StellaOps.Web/src/app/features/notify/`, `docs/modules/ui/watchlist-operations`, and `docs/modules/ui/TASKS.md`.
- Expected evidence: routed and menu-visible watchlist shell, working CRUD and alert flows, cross-shell deep links, targeted tests, and updated docs.
-
-## Dependencies & Concurrency
- Depends on:
-  - `docs/modules/ui/watchlist-operations/README.md`
-  - `docs/modules/attestor/guides/identity-watchlist.md`
-  - `docs/operations/watchlist-monitoring-runbook.md`
-  - `src/Web/StellaOps.Web/src/app/features/watchlist/watchlist-page.component.ts`
-  - `src/Web/StellaOps.Web/src/app/routes/mission-control.routes.ts`
-  - `src/Web/StellaOps.Web/src/app/routes/operations.routes.ts`
- Safe parallelism:
-  - route and ownership decisions should freeze before implementation starts
-  - `Entries`, `Alerts`, and `Tuning` can be implemented in parallel after the shell and query-param contract are stable
-  - Mission Control and Notifications deep links can proceed in parallel with shell implementation
-
-## Documentation Prerequisites
- `docs/modules/ui/watchlist-operations/README.md`
- `docs/modules/ui/contextual-actions-patterns/README.md`
- `docs/modules/ui/restoration-topics/watchlist.md`
- `docs/modules/ui/component-preservation-map/RESTORATION_PRIORITIES.md`
-
-## Delivery Tracker
-
-### FE-WL-001 - Wire the canonical watchlist shell into Setup
-Status: TODO
-Dependency: none
-Owners: Product Manager, FE Architect
-Task description:
- Add the canonical route family and menu entry under `Setup > Trust & Signing`.
- Make the shell routable and usable with working tab navigation and scope-aware header behavior.
-
-Completion criteria:
- [ ] Watchlist is reachable from the active shell navigation.
- [ ] Canonical routes and tab behavior are wired in code.
- [ ] Scope-aware header behavior works from the mounted shell.
-
-### FE-WL-002 - Ship the Entries workflow
-Status: TODO
-Dependency: FE-WL-001
-Owners: Developer, FE Architect
-Task description:
- Implement the `Entries` tab as a working list/detail experience using the existing watchlist client.
- Ensure operators can create, edit, duplicate, enable/disable, delete, and test matching rules from the mounted shell.
-
-Completion criteria:
- [ ] Entry CRUD flows work from the mounted shell.
- [ ] Edit/create uses a contextual panel or drawer instead of a detached page.
- [ ] Pattern test is wired and usable within the entry-editing flow.
-
-### FE-WL-003 - Ship the Alerts workflow
-Status: TODO
-Dependency: FE-WL-001
-Owners: Developer, Product Manager
-Task description:
- Implement the `Alerts` tab with filters, ordering, alert-detail drawer behavior, and jump-to-entry actions.
- Make alert-detail deep links work from Mission Control and back into the owning watchlist rule.
-
-Completion criteria:
- [ ] Alert listing and filtering work in the mounted shell.
- [ ] Alert-detail drawer shows the required context and actions.
- [ ] Operators can jump between alert detail and the owning watchlist entry.
-
-### FE-WL-004 - Ship tuning and diagnostics
-Status: TODO
-Dependency: FE-WL-001
-Owners: Developer, Documentation author
-Task description:
- Implement the `Tuning` tab with dedup controls, notification behavior, top noisy rules, and performance/volume KPIs.
- Align the shipped tab with the operational runbook so the page is usable for real operator tuning.
-
-Completion criteria:
- [ ] Dedup and channel controls are wired into the page.
- [ ] Operational KPI cards render in the mounted shell.
- [ ] Tuning guidance matches the operational runbook terminology.
-
-### FE-WL-005 - Wire Mission Control and Notifications entry points
-Status: TODO
-Dependency: FE-WL-003
-Owners: FE Architect, Developer
-Task description:
- Wire watchlist-origin alert chips, links, and `returnTo` behavior from `Mission Control > Alerts` and `Ops > Notifications`.
- Ensure those surfaces expose outcomes only and send operators into the canonical watchlist shell for action.
-
-Completion criteria:
- [ ] Mission Control links open the working watchlist alerts flow.
- [ ] Notifications links open tuning or alert views in the canonical shell.
- [ ] `returnTo` behavior preserves operator context across shells.
-
-### FE-WL-006 - Verify, document, and cut over the feature
-Status: TODO
-Dependency: FE-WL-002
-Owners: QA, Documentation author
-Task description:
- Add targeted UI verification for tenant/global/system scope, entries CRUD, alerts drill-in, tuning, and Mission Control deep links.
- Update docs and cutover notes so Watchlist is treated as a shipped feature, not an orphan page.
-
-Completion criteria:
- [ ] Playwright scenarios cover entries, alerts, and tuning.
- [ ] Scope-sensitive behaviors are explicitly verified.
- [ ] Docs and rollout notes reflect the mounted and usable feature.
-
-## Execution Log
-| Date (UTC) | Update | Owner |
-| --- | --- | --- |
-| 2026-03-07 | Sprint created to ship Watchlist as a Trust & Signing-owned shell with working entries, alerts, tuning, and secondary surfacing in Mission Control and Notifications. | Project Manager |
-
-## Decisions & Risks
- Decision: Watchlist belongs under `Setup > Trust & Signing`, with alert visibility surfaced elsewhere.
- Decision: configuration and alert history remain in one shell; they should not be split into separate products.
- Risk: Mission Control may try to absorb watchlist because it already owns alerts.
- Mitigation: freeze the ownership boundary and only allow alert-source chips and deep links from Mission Control.
- Risk: scope handling across tenant, global, and system rules can create hidden permissions complexity.
- Mitigation: require scope-aware header behavior and QA coverage before rollout.
- Delivery rule: this sprint is only complete when Watchlist is visible in navigation, usable end to end, and its key alert and tuning workflows are verified.
- Reference design note: `docs/modules/ui/watchlist-operations/README.md`.
-
-## Next Checkpoints
- 2026-03-08: confirm owner shell, tab set, and deep-link behavior.
- 2026-03-09: freeze entries, alerts, and tuning implementation slices.
- 2026-03-10: finalize QA and rollout contract.
--- a/docs/modules/ui/TASKS.md
+++ b/docs/modules/ui/TASKS.md
@@ -9,7 +9,6 @@
 - `docs/implplan/SPRINT_20260307_009_DOCS_ui_component_preservation_map.md`
 - `docs/implplan/SPRINT_20260307_022_FE_policy_vex_release_decisioning_studio.md`
 - `docs/implplan/SPRINT_20260307_023_DOCS_ui_restoration_topic_shapes.md`
- `docs/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md`
 - `docs/implplan/SPRINT_20260307_025_FE_reachability_witnessing_merge.md`
 - `docs/implplan/SPRINT_20260307_026_FE_platform_ops_consolidation.md`
 - `docs/implplan/SPRINT_20260307_027_FE_triage_explainability_workspace.md`
@@ -72,12 +71,12 @@
 - [TODO] FE-PD-005 FE implementation slices for Decisioning Studio shell and cutover
 - [TODO] FE-PD-006 QA and rollout contract for Decisioning Studio
 - [TODO] FE-PD-007 Docs and deprecation plan for legacy policy / VEX product labels
- [TODO] FE-WL-001 Freeze Watchlist shell ownership and route contract
- [TODO] FE-WL-002 Entries tab list-detail implementation slice
- [TODO] FE-WL-003 Alerts tab and alert-detail drill-in
- [TODO] FE-WL-004 Tuning tab and operational diagnostics
- [TODO] FE-WL-005 Cross-product surfacing and deep links for Watchlist
- [TODO] FE-WL-006 QA, rollout, and docs sync for Watchlist
+- [DONE] FE-WL-001 Freeze Watchlist shell ownership and route contract
+- [DONE] FE-WL-002 Entries tab list-detail implementation slice
+- [DONE] FE-WL-003 Alerts tab and alert-detail drill-in
+- [DONE] FE-WL-004 Tuning tab and operational diagnostics
+- [DONE] FE-WL-005 Cross-product surfacing and deep links for Watchlist
+- [DONE] FE-WL-006 QA, rollout, and docs sync for Watchlist
 - [TODO] FE-RW-001 Freeze reachability shell tabs and route contract
 - [TODO] FE-RW-002 Witnesses tab and witness-detail page slice
 - [TODO] FE-RW-003 PoE drawer and permalink route contract
--- a/docs/modules/ui/component-preservation-map/RESTORATION_PRIORITIES.md
+++ b/docs/modules/ui/component-preservation-map/RESTORATION_PRIORITIES.md
@@ -41,7 +41,7 @@ The order is by confidence that the capability should exist in the final Stella
  - `Setup > Trust & Signing > Identity Watchlist`
 - Notes:
  - Detailed UX dossier: `docs/modules/ui/watchlist-operations/README.md`
-  - Implementation sprint: `docs/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md`
+  - Implementation sprint: `docs-archived/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md`

 ### 3. Reachability Witnessing
 - Type: `merge`
--- a/docs/modules/ui/implementation_plan.md
+++ b/docs/modules/ui/implementation_plan.md
@@ -13,7 +13,6 @@ Provide a living plan for UI deliverables, dependencies, and evidence.
 - `SPRINT_20260307_009_DOCS_ui_component_preservation_map.md` - per-component preservation dossiers for unused and weakly surfaced console UI components.
 - `SPRINT_20260307_022_FE_policy_vex_release_decisioning_studio.md` - canonical Decisioning Studio shell to unify policy, simulation, VEX decisioning, and release-context gate explanation.
 - `SPRINT_20260307_023_DOCS_ui_restoration_topic_shapes.md` - documentation prerequisite for shell/menu/tab placements; not a product-delivery sprint by itself.
- `SPRINT_20260307_024_FE_identity_watchlist_shell.md` - ship the Trust & Signing-owned identity watchlist shell with usable entries, alerts, tuning, and alert deep-link behavior.
 - `SPRINT_20260307_025_FE_reachability_witnessing_merge.md` - ship witness and proof-of-exposure UX inside Security > Reachability with working cross-shell deep links.
 - `SPRINT_20260307_026_FE_platform_ops_consolidation.md` - ship one Operations shell with grouped overview cards, legacy widget absorption, and legacy redirects.
 - `SPRINT_20260307_027_FE_triage_explainability_workspace.md` - ship the artifact workspace lane model, explainability panels, and audit-bundle flows.
@@ -27,6 +26,7 @@ Provide a living plan for UI deliverables, dependencies, and evidence.
 - `docs/modules/ui/policy-decisioning-studio/README.md` - proposed Decisioning Studio product shape, tab model, route contract, and Release Orchestrator integration boundary.
 - `docs/modules/ui/restoration-topics/README.md` - detailed placement notes for the next restoration topics after Decisioning Studio.
 - `docs/modules/ui/watchlist-operations/README.md` - detailed watchlist UX dossier and owner-shell contract.
+- `docs/features/checked/web/identity-watchlist-management-ui.md` - shipped verification note for the Trust & Signing watchlist shell and its Mission Control / Notifications handoffs.
 - `docs/modules/ui/reachability-witnessing/README.md` - detailed witness and proof UX dossier plus cross-shell deep-link contract.
 - `docs/modules/ui/platform-ops-consolidation/README.md` - detailed Operations overview taxonomy and legacy absorption plan.
 - `docs/modules/ui/triage-explainability-workspace/README.md` - detailed artifact workspace and audit-bundle UX dossier.
--- a/docs/modules/ui/restoration-topics/README.md
+++ b/docs/modules/ui/restoration-topics/README.md
@@ -27,7 +27,7 @@ It answers four questions for each topic:

 ## Implementation Sprint Set

- `docs/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md`
+- `docs-archived/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md` - shipped watchlist restoration
 - `docs/implplan/SPRINT_20260307_025_FE_reachability_witnessing_merge.md`
 - `docs/implplan/SPRINT_20260307_026_FE_platform_ops_consolidation.md`
 - `docs/implplan/SPRINT_20260307_027_FE_triage_explainability_workspace.md`
--- a/docs/modules/ui/restoration-topics/watchlist.md
+++ b/docs/modules/ui/restoration-topics/watchlist.md
@@ -84,7 +84,7 @@ Merge these current behaviors into the new shell:
 ## Detailed UX And Sprint

 - Detailed UX dossier: `../watchlist-operations/README.md`
- Implementation sprint: `../../../implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md`
+- Implementation sprint: `../../../docs-archived/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md`

 ## Corroborating Inputs

--- a/docs/modules/ui/watchlist-operations/README.md
+++ b/docs/modules/ui/watchlist-operations/README.md
@@ -1,5 +1,17 @@
 # Identity Watchlist

+## Implementation Status
+
+- Status: `shipped`
+- Owner shell: `Setup > Trust & Signing`
+- Canonical routes:
+  - `/setup/trust-signing/watchlist/entries`
+  - `/setup/trust-signing/watchlist/alerts`
+  - `/setup/trust-signing/watchlist/tuning`
+- Secondary entry points:
+  - `Mission Control > Alerts` deep-links into `Alerts`
+  - `Ops > Notifications` deep-links into `Tuning` and `Alerts`
+
 ## Recommendation

 Restore Watchlist as a narrow operational shell owned by `Setup > Trust & Signing`, not as a standalone top-level product.