# Safety and Emergency Information Implementation Notes

## Project: Kevron Suites and Apartments
## Component: B2C Safety, Emergency & Compliance Reporting System

This document outlines the technical implementation, database schema, Filament admin panel modules, frontend layouts, security policies, and automated test coverages deployed for the **Safety and Emergency Information** compliance page.

---

## 1. Architectural Overview

The B2C Safety and Emergency Information compliance system is designed around absolute B2C privacy standards, HSE guidelines, and operational auditing protocols. The codebase strictly adheres to the luxury design directives of Kevron Suites and Apartments.

### Core Architecture Components:
1. **Public Information Portal (`/safety-emergency-information`)**: An elegant, responsive, mobile-first guide featuring a sticky Alpine.js Table of Contents, click-to-call grids for emergency numbers, step-by-step fire safety directives, evacuations maps, and safe starter clauses under hospitality guidelines.
2. **Priority Emergency Notification Banner**: Real-time display of active critical alerts seeded or custom-managed in the database, with automatic client-side reduced-motion notice animations.
3. **Secure B2C AJAX Incident Reporting**: An interactive incident reporting card utilizing private multi-file evidence storage (`storage/app/secure/incidents`) and automatic administrative auditing.
4. **Central Compliance Panel (Filament)**: Ten tailored admin modules under the **Legal & Compliance** group enforcing draft-to-published publishing pipelines and audit-logged data management.

---

## 2. Database Schema

The database relies on 16 specialized tables mapped to Eloquent models under `app/Models/` with foreign keys optimized for strict index limit constraints:

* **`safety_information_pages`**: Master page parameters (slug, version, draft status, HSE approval details).
* **`safety_information_sections`**: HTML/text panels representing safety summary, medical support, balconies, etc.
* **`safety_information_versions`**: Audit track of revisions made to compliance texts.
* **`emergency_contacts`**: Verified police, fire, clinic, and guest support hotlines.
* **`location_safety_profiles`**: Mapping nearest hospital, police and fire stations coordinates to locations.
* **`assembly_points`**: Safe muster station detail with direction guidelines and step-free notes.
* **`evacuation_maps`**: Verified escape maps linking specific building levels to safe assembly zones.
* **`fire_equipment_registers`**: Registers of extinguishers, hoses, blankets, and inspection histories.
* **`safety_device_registers`**: Logs of smoke detectors, carbon monoxide alarms, and battery states.
* **`guest_incident_reports`**: Enrypted guest-submitted incident logs.
* **`incident_evidence_media`**: Secure mapping to private files inside `secure/incidents`.
* **`emergency_alerts`**: Broadcast notices showing on public headers or dashboard banners.
* **`guest_safety_notifications`**: Logs of alerts transmitted to en-suite occupants.
* **`staff_emergency_roles`**: HSE officers, first-aiders, and evacuation marshals duty scope.
* **`safety_inspection_records`**: Operational records of structure safety, latching fire doors, path lighting, etc.
* **`emergency_drill_records`**: Logs of fire drills, lockdown mock scenarios, and evacuation times.

---

## 3. Brand Styling Alignment & Compliance

Frontend components follow the absolute typography, border radii, and background rules of the brand:
* **Luxury Headings**: Marcellus font, capped strictly at `Max H1: 1.8rem` (using CSS `clamp(1.4rem, 4vw, 1.8rem)`) and subheads `< 1.625rem`.
* **Body Font**: Inter, capped strictly at `Max 0.875rem`.
* **Border Radii**:
  - Buttons (`btn-capped`): `50px` for high-end feel.
  - Cards, alert boxes, and accordions (`card-capped`): `0.1rem` for sleek, modern precision.
* **Colors**: Pure alternating layers between Soft Ice Blue (`#F4F8FF`) and Cloud White (`#FFFFFF`) to prevent layout shift and maximize visual contrast.
* **Liability Boundaries**: Starter clauses make no guaranteed safety claims, mask unverified emergency numbers, protect internal CCTV logs, and emphasize dialling **112 / 767** in life-threatening scenarios.

---

## 4. Administrative Security Controls

* **Private Storage Disk**: All uploaded evidence pictures or video clips are stored directly on the `local` private disk (`storage/app/secure/incidents`) bypassing the public assets directory.
* **Evidence Download Trigger**: Access to view incident reports and download evidence files is restricted to authorized roles. Downloads are custom-routed in Filament and tracked via `AuditLog` hooks.
* **Audit Hooks**: Page views, document downloads, emergency contact adjustments, and notice broadcasts are tracked:
  - `guest_incident_report_submitted`
  - `guest_incident_report_viewed`
  - `incident_evidence_downloaded`
  - `safety_information_page_updated`
  - `emergency_contact_updated`
  - `emergency_alert_updated`

---

## 5. Verification & Testing

Our feature test suite (`tests/Feature/SafetyEmergencyTest.php`) enforces 100% compliance across critical paths:
1. **`test_safety_emergency_page_loads_successfully_when_published`**: Asserts 200 return and presence of Marcellus H1 headers and standard sections.
2. **`test_legacy_routes_redirect_to_safety_emergency_information`**: Asserts permanent `301` redirects from `/emergency-information`, `/guest-safety`, and `/safety`.
3. **`test_draft_safety_page_returns_404`**: Asserts draft/revision status pages are blocked from general audiences.
4. **`test_active_emergency_alert_appears_on_page`**: Asserts critical notice banners render dynamic database messages.
5. **`test_incident_report_form_submission_saves_to_private_storage`**: Asserts AJAX form payloads validate, map correctly to active en-suite stays, upload privately, and trigger admin audits.

**Test Run Results:**
* Total: `5 tests, 26 assertions passed`
* Status: **100% Green / Passing**