feat(ui): ship trust-owned identity watchlist shell

docs-archived/implplan/SPRINT_20260307_024_FE_identity_watchlist_shell.md

@@ -0,0 +1,137 @@
+# Sprint 20260307-024 - Identity Watchlist Shell
+
+## Topic & Scope
+- Restore the dropped identity watchlist capability as a trust-owned operational shell under `Setup > Trust & Signing`.
+- Ship a fully usable watchlist with working entries, alerts, tuning, and deep-link behavior rather than leaving it as an unmounted page.
+- Complete route wiring, menu exposure, cross-shell alert surfacing, and operator workflows end to end.
+- Working directory: `src/Web/StellaOps.Web/src/app/features/watchlist`.
+- Allowed coordination edits: `src/Web/StellaOps.Web/src/app/routes/`, `src/Web/StellaOps.Web/src/app/features/mission-control/`, `src/Web/StellaOps.Web/src/app/features/notify/`, `docs/modules/ui/watchlist-operations`, and `docs/modules/ui/TASKS.md`.
+- Expected evidence: routed and menu-visible watchlist shell, working CRUD and alert flows, cross-shell deep links, targeted tests, and updated docs.
+
+## Dependencies & Concurrency
+- Depends on:
+  - `docs/modules/ui/watchlist-operations/README.md`
+  - `docs/modules/attestor/guides/identity-watchlist.md`
+  - `docs/operations/watchlist-monitoring-runbook.md`
+  - `src/Web/StellaOps.Web/src/app/features/watchlist/watchlist-page.component.ts`
+  - `src/Web/StellaOps.Web/src/app/routes/mission-control.routes.ts`
+  - `src/Web/StellaOps.Web/src/app/routes/operations.routes.ts`
+- Safe parallelism:
+  - route and ownership decisions should freeze before implementation starts
+  - `Entries`, `Alerts`, and `Tuning` can be implemented in parallel after the shell and query-param contract are stable
+  - Mission Control and Notifications deep links can proceed in parallel with shell implementation
+
+## Documentation Prerequisites
+- `docs/modules/ui/watchlist-operations/README.md`
+- `docs/modules/ui/contextual-actions-patterns/README.md`
+- `docs/modules/ui/restoration-topics/watchlist.md`
+- `docs/modules/ui/component-preservation-map/RESTORATION_PRIORITIES.md`
+
+## Delivery Tracker
+
+### FE-WL-001 - Wire the canonical watchlist shell into Setup
+Status: DONE
+Dependency: none
+Owners: Product Manager, FE Architect
+Task description:
+- Add the canonical route family and menu entry under `Setup > Trust & Signing`.
+- Make the shell routable and usable with working tab navigation and scope-aware header behavior.
+
+Completion criteria:
+- [x] Watchlist is reachable from the active shell navigation.
+- [x] Canonical routes and tab behavior are wired in code.
+- [x] Scope-aware header behavior works from the mounted shell.
+
+### FE-WL-002 - Ship the Entries workflow
+Status: DONE
+Dependency: FE-WL-001
+Owners: Developer, FE Architect
+Task description:
+- Implement the `Entries` tab as a working list/detail experience using the existing watchlist client.
+- Ensure operators can create, edit, duplicate, enable/disable, delete, and test matching rules from the mounted shell.
+
+Completion criteria:
+- [x] Entry CRUD flows work from the mounted shell.
+- [x] Edit/create uses a contextual panel or drawer instead of a detached page.
+- [x] Pattern test is wired and usable within the entry-editing flow.
+
+### FE-WL-003 - Ship the Alerts workflow
+Status: DONE
+Dependency: FE-WL-001
+Owners: Developer, Product Manager
+Task description:
+- Implement the `Alerts` tab with filters, ordering, alert-detail drawer behavior, and jump-to-entry actions.
+- Make alert-detail deep links work from Mission Control and back into the owning watchlist rule.
+
+Completion criteria:
+- [x] Alert listing and filtering work in the mounted shell.
+- [x] Alert-detail drawer shows the required context and actions.
+- [x] Operators can jump between alert detail and the owning watchlist entry.
+
+### FE-WL-004 - Ship tuning and diagnostics
+Status: DONE
+Dependency: FE-WL-001
+Owners: Developer, Documentation author
+Task description:
+- Implement the `Tuning` tab with dedup controls, notification behavior, top noisy rules, and performance/volume KPIs.
+- Align the shipped tab with the operational runbook so the page is usable for real operator tuning.
+
+Completion criteria:
+- [x] Dedup and channel controls are wired into the page.
+- [x] Operational KPI cards render in the mounted shell.
+- [x] Tuning guidance matches the operational runbook terminology.
+
+### FE-WL-005 - Wire Mission Control and Notifications entry points
+Status: DONE
+Dependency: FE-WL-003
+Owners: FE Architect, Developer
+Task description:
+- Wire watchlist-origin alert chips, links, and `returnTo` behavior from `Mission Control > Alerts` and `Ops > Notifications`.
+- Ensure those surfaces expose outcomes only and send operators into the canonical watchlist shell for action.
+
+Completion criteria:
+- [x] Mission Control links open the working watchlist alerts flow.
+- [x] Notifications links open tuning or alert views in the canonical shell.
+- [x] `returnTo` behavior preserves operator context across shells.
+
+### FE-WL-006 - Verify, document, and cut over the feature
+Status: DONE
+Dependency: FE-WL-002
+Owners: QA, Documentation author
+Task description:
+- Add targeted UI verification for tenant/global/system scope, entries CRUD, alerts drill-in, tuning, and Mission Control deep links.
+- Update docs and cutover notes so Watchlist is treated as a shipped feature, not an orphan page.
+
+Completion criteria:
+- [x] Playwright scenarios cover entries, alerts, and tuning.
+- [x] Scope-sensitive behaviors are explicitly verified.
+- [x] Docs and rollout notes reflect the mounted and usable feature.
+
+## Execution Log
+| Date (UTC) | Update | Owner |
+| --- | --- | --- |
+| 2026-03-07 | Sprint created to ship Watchlist as a Trust & Signing-owned shell with working entries, alerts, tuning, and secondary surfacing in Mission Control and Notifications. | Project Manager |
+| 2026-03-07 | Implementation started. Freezing Watchlist under the Trust Admin shell with route-backed tabs, query-param deep links, split detail panels, and cross-shell entry points from Mission Control and Notifications. | Developer |
+| 2026-03-07 | Implemented the canonical Watchlist shell under `Setup > Trust & Signing`, wired Mission Control and Notifications deep links, and updated the shipped UX docs. | Developer |
+| 2026-03-07 | Verified the feature with targeted Angular tests (`npx ng test --watch=false --include src/tests/watchlist/identity-watchlist-management-ui.component.spec.ts --include src/tests/trust_admin/trust-scoring-dashboard-ui.behavior.spec.ts --include src/tests/notify/notify-watchlist-handoff.spec.ts`) and Playwright browser scenarios (`npx playwright test tests/e2e/watchlist-shell.spec.ts --workers=1`). | QA |
+
+## Decisions & Risks
+- Decision: Watchlist belongs under `Setup > Trust & Signing`, with alert visibility surfaced elsewhere.
+- Decision: configuration and alert history remain in one shell; they should not be split into separate products.
+- Decision: the canonical mounted routes are `/setup/trust-signing/watchlist/{entries|alerts|tuning}` and all secondary entry points now deep-link into that route family.
+- Risk: Mission Control may try to absorb watchlist because it already owns alerts.
+- Mitigation: freeze the ownership boundary and only allow alert-source chips and deep links from Mission Control.
+- Risk: scope handling across tenant, global, and system rules can create hidden permissions complexity.
+- Mitigation: require scope-aware header behavior and QA coverage before rollout.
+- Delivery rule: this sprint is only complete when Watchlist is visible in navigation, usable end to end, and its key alert and tuning workflows are verified.
+- Reference design note: `docs/modules/ui/watchlist-operations/README.md`.
+- Docs synced:
+  - `docs/modules/ui/watchlist-operations/README.md`
+  - `docs/features/checked/web/identity-watchlist-management-ui.md`
+  - `docs/modules/ui/TASKS.md`
+  - `docs/modules/ui/implementation_plan.md`
+
+## Next Checkpoints
+- 2026-03-08: confirm owner shell, tab set, and deep-link behavior.
+- 2026-03-09: freeze entries, alerts, and tuning implementation slices.
+- 2026-03-10: finalize QA and rollout contract.