stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat(ui): ship trust-owned identity watchlist shell

Browse Source
This commit is contained in:
master
2026-03-07 18:48:35 +02:00
parent 6aa8bb5095
commit 9d3bed1d0e
25 changed files with 2810 additions and 1142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
docs/features/checked/web/identity-watchlist-management-ui.md
View File

@@ -7,32 +7,42 @@ Web
VERIFIED
## Description
Full CRUD UI for managing identity watchlist entries (issuer, SAN, keyId) with match modes (Exact, Prefix, Glob, Regex), severity levels, scope (Tenant/Global/System), alert viewing, pattern testing, and duplicate suppression configuration. Users can create, edit, delete, enable/disable watchlist entries and view resulting alerts.
Mounted Trust & Signing shell for managing identity watchlist entries (issuer, SAN, keyId) with match modes (Exact, Prefix, Glob, Regex), severity levels, scope (Tenant/Global/System), alert viewing, pattern testing, duplicate suppression configuration, and deep-link handoff from Mission Control and Notifications.
## Implementation Details
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/watchlist/`
- **Components**:
- `watchlist-page` (`src/Web/StellaOps.Web/src/app/features/watchlist/watchlist-page.component.ts`)
- **Source**: Feature matrix scan
- **Canonical routes**:
- `/setup/trust-signing/watchlist/entries`
- `/setup/trust-signing/watchlist/alerts`
- `/setup/trust-signing/watchlist/tuning`
- **Secondary entry points**:
- `Mission Control > Alerts`
- `Ops > Notifications`
- **Source**: shipped Trust & Signing watchlist shell
## E2E Test Plan
- **Setup**:
- [ ] Log in with a user that has appropriate permissions
- [ ] Navigate to `/security`
- [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
- [ ] Navigate to `/setup/trust-signing/watchlist/entries`
- [ ] Ensure identity watchlist seed data exists for entries and recent alerts
- **Core verification**:
- [ ] Verify the list/table loads with paginated data
- [ ] Verify sorting and filtering controls work correctly
- [ ] Verify clicking a row navigates to the detail view
- [ ] Verify `Entries`, `Alerts`, and `Tuning` load inside one mounted shell
- [ ] Verify entry CRUD, pattern testing, and scope switching work
- [ ] Verify alert drill-in, jump-to-rule, and notifications handoff work
- **Edge cases**:
- [ ] Verify graceful handling when backend API is unavailable (error state)
- [ ] Verify `returnTo` preserves operator context from Mission Control and Notifications
- [ ] Verify responsive layout at different viewport sizes
- [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)
## Verification
- Run: `docs/qa/feature-checks/runs/web/identity-watchlist-management-ui/run-001/`
- Run:
- `npx ng test --watch=false --include src/tests/watchlist/identity-watchlist-management-ui.component.spec.ts --include src/tests/trust_admin/trust-scoring-dashboard-ui.behavior.spec.ts --include src/tests/notify/notify-watchlist-handoff.spec.ts`
- `npx playwright test tests/e2e/watchlist-shell.spec.ts --workers=1`
- Tier 0 (source): pass (`tier0-source-check.json`)
- Tier 1 (build/tests): pass (`tier1-build-check.json`)
- Tier 2 (behavior): pass (`tier2-e2e-check.json`)
- Verified on (UTC): 2026-02-11T07:02:25Z
- Verified on (UTC): 2026-03-07T16:43:00Z