feat(compliance): U11.U4 — admin Exports page#951
Merged
Conversation
Final user-visible piece of the U11 export feature. - New typed graphql() docs for createComplianceExport mutation + complianceExports query (apps/admin/src/lib/compliance/export-queries.ts). - ComplianceExportDialog with format toggle (CSV / NDJSON) + filter preview + Submit; surfaces typed-error messages from the resolver (RATE_LIMIT_EXCEEDED, FILTER_RANGE_TOO_WIDE, FILTER_TOO_LARGE) via sonner toasts. - /compliance/exports/ page with table (status badge / requested at / format / filter summary / action), 5 skeleton rows on first load, 3-second polling on QUEUED/RUNNING jobs (paused otherwise). - Status badge uses icon + color (CheckCircle/Loader2/AlertCircle) for accessibility — never color alone. - Direct browser download via <a download>; URL-expired detection past presignedUrlExpiresAt prompts re-export. - "Export this view" button on the events list page PageHeader carrying the current filter URL params (?from=current-filter); the Exports page auto-opens the dialog when this marker is present and clears it from the URL after. - Operator gating inherited from the /compliance parent route. Plan: docs/plans/2026-05-08-007-feat-compliance-u11-u4-admin-exports-plan.md Verified: - pnpm --filter @thinkwork/admin codegen (clean) - npx tsc --noEmit from apps/admin: 36 errors total, ZERO from compliance-scoped paths (matches baseline) - pnpm --filter @thinkwork/admin test: 23 files, 130 tests pass - TanStack route tree regenerated to include /compliance/exports/ Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
3 tasks
ericodom
added a commit
that referenced
this pull request
May 8, 2026
…ance arc) (#953) Knowledge-track architecture-pattern doc capturing the meta-pattern that shipped the master compliance arc (~17 PRs over 2 days, 2026-05-07–2026-05-08). Extends the existing inert-to-live-seam-swap-pattern-2026-04-25.md (Python-module scoped) with two dimensions surfaced during the compliance arc: 1. Substrate-first multi-layer ordering — DB schema → Terraform/IAM → Lambda shell → consumer code. The 2026-04-25 doc covered factory closures + seam_fn defaults at the Python-module scope; this doc generalizes to multi-layer infrastructure arcs spanning Aurora, S3 Object Lock buckets, SQS queues, and admin SPA. 2. Throw-don't-no-op rule for stubs — the inert state must be operator-visible (DLQ depth alarm, smoke-test failure). Silent no-op stubs that ack messages without doing work were rejected explicitly in the U11.U2 plan. Three case studies with verbatim PR + file citations: - U7→U8a→U8b — WORM anchor bucket + inert Lambda body + live S3 write (#917, #921, #927) - U10 backend → extensions → admin UI (#937, #939, #941) - U11 four-PR sequence: mutation → Terraform + stub → live runner → admin Exports page (#944, #948, #950, #951) Includes: - Stable-seam invariant (body swaps, contracts don't) - Body-swap forcing functions in integration tests with call-count assertions (not just return-shape) to catch sibling-function escape - CloudWatch alarm posture mirroring inert/live state (treat_missing_data flips on the live PR) - Independent revertibility — substrate alone leaves a known-good inert state Frontmatter validated parser-safe via the plugin-bundled validate-frontmatter.py. Also adds a one-line backlink in the prior-art doc so a reader landing on the 2026-04-25 doc finds the multi-layer extension. Generated via /ce-compound full mode (3 parallel research subagents + ce-session-historian foreground). Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
U11.U4 — final user-visible piece of the master compliance arc. With this PR + dev deploy, the SOC2 export flow runs end-to-end through the admin UI: filter the events list → click "Export this view" → confirm format → poll until COMPLETE → click Download.
Highlights
apps/admin/src/lib/compliance/export-queries.ts— typedgraphql()mutation + query.RATE_LIMIT_EXCEEDED,FILTER_RANGE_TOO_WIDE,FILTER_TOO_LARGEas sonner toasts with operator-friendly copy./compliance/exports/— table with status badge (icon + color, never color alone), requested at, format, filter summary, action column. 5 skeleton rows on first load.refetchwithrequestPolicy: "network-only".<a download>; URL-expired detection pastpresignedUrlExpiresAt.PageHeaderactions —Linkto/compliance/exports?from=current-filtercarrying the current filter URL params. The Exports page auto-opens the dialog when the marker is present and clears it from the URL after./complianceparent route.Test plan
pnpm --filter @thinkwork/admin codegen(clean)npx tsc --noEmitfromapps/admin: 36 errors total, ZERO from compliance-scoped paths (matches baseline)pnpm --filter @thinkwork/admin test: 23 files, 130 tests pass/compliance/exports/Plan
docs/plans/2026-05-08-007-feat-compliance-u11-u4-admin-exports-plan.mdMaster plan progress
After this lands, the master compliance arc is shipped end-to-end. SOC2 walkthrough rehearsal in dev validates everything; that's U11.U5 (an operational checklist, not a code change).
🤖 Generated with Claude Code