get('/')->assertSuccessful(); $this->get('/admin')->assertRedirectContains('/admin/login'); $this->get('/admin/choose-workspace')->assertRedirectContains('/admin/login'); $this->get('/system')->assertRedirectContains('/system/login'); }); it('keeps choose workspace reachable for authenticated workspace members', function (): void { [$user] = createUserWithTenant(role: 'owner'); $this->actingAs($user) ->get('/admin/choose-workspace') ->assertSuccessful(); }); it('preserves deny as not found semantics for non member tenant backup set access', function (): void { $tenant = Tenant::factory()->create(); [$user] = createUserWithTenant(role: 'owner'); $this->actingAs($user) ->get('/admin/t/'.$tenant->external_id.'/backup-sets') ->assertNotFound(); }); it('preserves forbidden semantics for authenticated platform users without system access capability', function (): void { $platformUser = PlatformUser::factory()->create([ 'capabilities' => [], 'is_active' => true, ]); $this->actingAs($platformUser, 'platform') ->get('/system') ->assertForbidden(); });