actingAs($user) ->get("/admin/t/{$tenant->external_id}/diagnostics") ->assertNotFound(); }); it('returns 404 for non-members on the tenant diagnostics page', function () { $tenant = ManagedEnvironment::factory()->create(['external_id' => 'tenant-diag-a']); $user = User::factory()->create(); $this->actingAs($user) ->get("/admin/t/{$tenant->external_id}/diagnostics") ->assertNotFound(); }); it('shows disabled duplicate-scope repair affordances to readonly members when a defect exists', function () { [$user, $tenant] = createUserWithTenant(role: 'readonly'); $this->actingAs($user); Filament::setTenant($tenant, true); Schema::table('managed_environment_memberships', function (Blueprint $table): void { $table->dropUnique(['managed_environment_id', 'user_id']); }); ManagedEnvironmentMembership::query()->create([ 'managed_environment_id' => (int) $tenant->getKey(), 'user_id' => (int) $user->getKey(), 'role' => 'readonly', 'source' => 'manual', 'created_by_user_id' => (int) $user->getKey(), ]); Livewire::test(EnvironmentDiagnostics::class) ->assertActionVisible('mergeDuplicateMemberships') ->assertActionDisabled('mergeDuplicateMemberships') ->assertActionExists('mergeDuplicateMemberships', function (Action $action): bool { return $action->getTooltip() === UiTooltips::INSUFFICIENT_PERMISSION; }); });