getRequiredPermissions(); if (empty($required)) { test()->markTestSkipped('No required permissions configured.'); } return $required; } it('returns ok when all permissions exist', function () { $tenant = Tenant::create([ 'tenant_id' => 'tenant-ok', 'name' => 'Tenant OK', ]); foreach (requiredPermissions() as $permission) { TenantPermission::create([ 'tenant_id' => $tenant->id, 'permission_key' => $permission['key'], 'status' => 'ok', ]); } $result = app(TenantPermissionService::class)->compare($tenant); expect($result['overall_status'])->toBe('ok'); expect(TenantPermission::where('tenant_id', $tenant->id)->where('status', 'ok')->count()) ->toBe(count(requiredPermissions())); }); it('marks missing permissions when not granted', function () { $tenant = Tenant::create([ 'tenant_id' => 'tenant-missing', 'name' => 'Tenant Missing', ]); $permissions = requiredPermissions(); $first = $permissions[0]['key']; TenantPermission::create([ 'tenant_id' => $tenant->id, 'permission_key' => $first, 'status' => 'ok', ]); $result = app(TenantPermissionService::class)->compare($tenant); expect($result['overall_status'])->toBe('missing'); $missingKey = $permissions[1]['key'] ?? null; if ($missingKey) { $this->assertDatabaseHas('tenant_permissions', [ 'tenant_id' => $tenant->id, 'permission_key' => $missingKey, 'status' => 'missing', ]); } }); it('reports error statuses from graph comparison', function () { $tenant = Tenant::create([ 'tenant_id' => 'tenant-error', 'name' => 'Tenant Error', ]); $permissions = requiredPermissions(); $first = $permissions[0]['key']; $result = app(TenantPermissionService::class)->compare($tenant, [ $first => [ 'status' => 'error', 'details' => ['message' => 'forbidden'], ], ]); expect($result['overall_status'])->toBe('error'); $this->assertDatabaseHas('tenant_permissions', [ 'tenant_id' => $tenant->id, 'permission_key' => $first, 'status' => 'error', ]); });