satisfy(ActionSurfaceSlot::ListHeader, 'Header exposes capability-gated tenant repair actions when inconsistent membership state is detected.') ->exempt(ActionSurfaceSlot::InspectAffordance, 'Tenant diagnostics is already the singleton diagnostic surface for the active tenant.') ->exempt(ActionSurfaceSlot::ListRowMoreMenu, 'The diagnostics page does not render row-level secondary actions.') ->exempt(ActionSurfaceSlot::ListBulkMoreGroup, 'The diagnostics page does not expose bulk actions.') ->exempt(ActionSurfaceSlot::ListEmptyState, 'Diagnostics content is always rendered instead of a list-style empty state.'); } public bool $missingOwner = false; public bool $hasDuplicateMembershipsForCurrentUser = false; public function mount(): void { $tenant = static::resolveTenantContextForCurrentPanelOrFail(); $tenantId = (int) $tenant->getKey(); $this->missingOwner = ! TenantMembership::query() ->where('tenant_id', $tenantId) ->where('role', 'owner') ->exists(); $user = auth()->user(); if (! $user instanceof User) { abort(403, 'Not allowed'); } $this->hasDuplicateMembershipsForCurrentUser = app(TenantDiagnosticsService::class) ->userHasDuplicateMemberships($tenant, $user); } /** * @return array */ protected function getHeaderActions(): array { return [ UiEnforcement::forAction( Action::make('bootstrapOwner') ->label('Bootstrap owner') ->requiresConfirmation() ->action(fn () => $this->bootstrapOwner()), ) ->requireCapability(Capabilities::TENANT_MANAGE) ->destructive() ->tooltip(UiTooltips::INSUFFICIENT_PERMISSION) ->apply() ->visible(fn (): bool => $this->missingOwner), UiEnforcement::forAction( Action::make('mergeDuplicateMemberships') ->label('Merge duplicate memberships') ->requiresConfirmation() ->action(fn () => $this->mergeDuplicateMemberships()), ) ->requireCapability(Capabilities::TENANT_MANAGE) ->destructive() ->tooltip(UiTooltips::INSUFFICIENT_PERMISSION) ->apply() ->visible(fn (): bool => $this->hasDuplicateMembershipsForCurrentUser), ]; } public function bootstrapOwner(): void { $tenant = static::resolveTenantContextForCurrentPanelOrFail(); $user = auth()->user(); if (! $user instanceof User) { abort(403, 'Not allowed'); } app(TenantMembershipManager::class)->bootstrapRecover($tenant, $user, $user); $this->mount(); } public function mergeDuplicateMemberships(): void { $tenant = static::resolveTenantContextForCurrentPanelOrFail(); $user = auth()->user(); if (! $user instanceof User) { abort(403, 'Not allowed'); } app(TenantDiagnosticsService::class)->mergeDuplicateMembershipsForUser($tenant, $user, $user); $this->mount(); } }