make(); expect($user->canAccessPanel(app(PanelRegistry::class)->get('admin')))->toBeTrue() ->and($user->canAccessPanel(app(PanelRegistry::class)->get('system')))->toBeFalse(); }); it('redirects unauthenticated direct admin panel access to admin login', function (): void { $this->get('/admin')->assertRedirectContains('/admin/login'); }); it('denies platform sessions on admin panel routes as not found', function (): void { $platformUser = PlatformUser::factory()->create(); $this->actingAs($platformUser, 'platform') ->get('/admin') ->assertNotFound(); }); it('does not render workspace admin surfaces for users without workspace authority', function (): void { $user = User::factory()->create(); $this->actingAs($user) ->get('/admin') ->assertRedirect('/admin/choose-workspace'); $this->actingAs($user) ->get('/admin/alerts') ->assertRedirect('/admin/choose-workspace'); });