egg/DashBoard
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
7cb0985b1228dcb69f33c865827658605a843cac
DashBoard/openspec/changes/archive/2026-02-12-modernization-hardening-follow-up/specs/spa-shell-navigation/spec.md
egg 7cb0985b12 feat(modernization): full architecture blueprint with hardening follow-up 
Implement phased modernization infrastructure for transitioning from
multi-page legacy routing to SPA portal-shell architecture, plus
post-delivery hardening fixes for policy loading, fallback consistency,
and governance drift detection.

Key changes:
- Add route contract enrichment with scope/visibility/compatibility policies
- Canonical 302 redirects from legacy direct-entry to /portal-shell/ routes
- Asset readiness enforcement and runtime fallback retirement for in-scope routes
- Shared feature-flag helpers (env > config > default) replacing duplicated _to_bool
- Defensive copy for lru_cached policy payloads preventing mutation corruption
- Unified retired-fallback response helper across app and blueprint routes
- Frontend/backend route-contract cross-validation in governance gates
- Shell CSS token fallback values for routes rendered outside shell scope
- Local-safe .env.example defaults with production recommendation comments
- Legacy contract fallback warning logging and single-hop redirect optimization

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-12 11:26:02 +08:00

1.3 KiB
Raw Blame History

ADDED Requirements

Requirement: Canonical redirect scope boundaries SHALL be explicit and intentional

Canonical shell direct-entry redirects SHALL apply only to governed in-scope report routes and SHALL explicitly exclude admin external targets with documented rationale.

Scenario: In-scope report route direct entry

  • WHEN SPA shell mode is enabled and a user enters an in-scope report route directly
  • THEN the system SHALL redirect to the canonical /portal-shell/... route while preserving query semantics

Scenario: Admin external target direct entry

  • WHEN SPA shell mode is enabled and a user enters /admin/pages or /admin/performance directly
  • THEN the system SHALL NOT apply report-route canonical redirect policy
  • THEN the exclusion rationale SHALL be documented in code-level comments or governance docs

Requirement: Missing-required-parameter redirects SHALL avoid avoidable multi-hop chains

Routes with server-side required query parameters SHALL minimize redirect hops under SPA shell mode.

Scenario: Hold detail missing reason in SPA shell mode

  • WHEN a user opens /hold-detail without reason while SPA shell mode is enabled
  • THEN the route SHALL resolve via a single-hop redirect to the canonical overview shell path