ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
095-graph-contracts-registry-completeness
TenantAtlas/tests/Feature/BackupScheduling/BackupScheduleLifecycleTest.php
ahmido 1c098441aa feat(spec-091): BackupSchedule lifecycle + create-CTA placement rule (#109) 
Implements Spec 091 “BackupSchedule Retention & Lifecycle (Archive/Restore/Force Delete)”.

- BackupSchedule lifecycle:
  - Archive (soft delete) with confirmation; restores via Restore action; Force delete with confirmation and strict gating.
  - Force delete blocked when historical runs exist.
  - Archived schedules never dispatch/execute (dispatcher + job guard).
  - Audit events emitted for archive/restore/force delete.
  - RBAC UX semantics preserved (non-member hidden/404; member w/o capability disabled + server-side 403).

- Filament UX contract update:
  - Create CTA placement rule across create-enabled list pages:
    - Empty list: only large centered empty-state Create CTA.
    - Non-empty list: only header Create action.
  - Tests added/updated to enforce the rule.

Verification:
- `vendor/bin/sail bin pint --dirty`
- Focused tests: BackupScheduling + RBAC enforcement + EmptyState CTAs + Create CTA placement

Notes:
- Filament v5 / Livewire v4 compliant.
- Manual quickstart verification in `specs/091-backupschedule-retention-lifecycle/quickstart.md` remains to be checked (T031).

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #109
2026-02-14 13:46:06 +00:00

207 lines
7.5 KiB
PHP
Raw Permalink Blame History

<?php
use App\Filament\Resources\BackupScheduleResource\Pages\EditBackupSchedule;
use App\Filament\Resources\BackupScheduleResource\Pages\ListBackupSchedules;
use App\Models\BackupSchedule;
use App\Models\OperationRun;
use Filament\Facades\Filament;
use Filament\Tables\Filters\TrashedFilter;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Support\Facades\Gate;
use Livewire\Livewire;
function makeBackupScheduleForLifecycle(\App\Models\Tenant $tenant, array $attributes = []): BackupSchedule
{
return BackupSchedule::query()->create(array_merge([
'tenant_id' => $tenant->id,
'name' => 'Nightly lifecycle',
'is_enabled' => true,
'timezone' => 'UTC',
'frequency' => 'daily',
'time_of_day' => '01:00:00',
'days_of_week' => null,
'policy_types' => ['deviceConfiguration'],
'include_foundations' => true,
'retention_keep_last' => 30,
], $attributes));
}
it('archives schedules, hides them from default list, and shows them in archived filter', function () {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$schedule = makeBackupScheduleForLifecycle($tenant, ['name' => 'Archive me']);
$this->actingAs($user);
Filament::setTenant($tenant, true);
Livewire::test(ListBackupSchedules::class)
->callTableAction('archive', $schedule)
->assertHasNoTableActionErrors();
$schedule->refresh();
expect($schedule->trashed())->toBeTrue();
$this->assertDatabaseHas('audit_logs', [
'tenant_id' => $tenant->id,
'action' => 'backup_schedule.archived',
'resource_type' => 'backup_schedule',
'resource_id' => (string) $schedule->id,
]);
Livewire::test(ListBackupSchedules::class)
->assertCanNotSeeTableRecords([$schedule]);
Livewire::test(ListBackupSchedules::class)
->filterTable(TrashedFilter::class, false)
->assertCanSeeTableRecords([BackupSchedule::withTrashed()->findOrFail($schedule->id)]);
});
it('restores archived schedules without changing enabled state', function () {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$schedule = makeBackupScheduleForLifecycle($tenant, [
'name' => 'Restore me',
'is_enabled' => false,
]);
$schedule->delete();
$this->actingAs($user);
Filament::setTenant($tenant, true);
Livewire::test(ListBackupSchedules::class)
->filterTable(TrashedFilter::class, false)
->assertTableActionExists('restore', function ($action): bool {
return $action->isConfirmationRequired() === false;
}, BackupSchedule::withTrashed()->findOrFail($schedule->id))
->callTableAction('restore', BackupSchedule::withTrashed()->findOrFail($schedule->id))
->assertHasNoTableActionErrors();
$schedule->refresh();
expect($schedule->trashed())->toBeFalse();
expect((bool) $schedule->is_enabled)->toBeFalse();
$this->assertDatabaseHas('audit_logs', [
'tenant_id' => $tenant->id,
'action' => 'backup_schedule.restored',
'resource_type' => 'backup_schedule',
'resource_id' => (string) $schedule->id,
]);
});
it('allows force delete only to users with tenant delete capability', function () {
[$manager, $tenant] = createUserWithTenant(role: 'manager');
$schedule = makeBackupScheduleForLifecycle($tenant, ['name' => 'Protected force delete']);
$schedule->delete();
$this->actingAs($manager);
Filament::setTenant($tenant, true);
expect(function () use ($manager, $schedule): void {
Gate::forUser($manager)->authorize('forceDelete', $schedule);
})->toThrow(AuthorizationException::class);
Livewire::test(ListBackupSchedules::class)
->filterTable(TrashedFilter::class, false)
->assertTableActionDisabled('forceDelete', BackupSchedule::withTrashed()->findOrFail($schedule->id));
expect(BackupSchedule::withTrashed()->whereKey($schedule->id)->exists())->toBeTrue();
});
it('blocks force delete when historical runs exist', function () {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$schedule = makeBackupScheduleForLifecycle($tenant, ['name' => 'Blocked force delete']);
$schedule->delete();
OperationRun::factory()->create([
'tenant_id' => $tenant->id,
'workspace_id' => $tenant->workspace_id,
'type' => 'backup_schedule_run',
'status' => 'completed',
'outcome' => 'succeeded',
'summary_counts' => [],
'failure_summary' => [],
'context' => ['backup_schedule_id' => (int) $schedule->id],
]);
$this->actingAs($user);
Filament::setTenant($tenant, true);
Livewire::test(ListBackupSchedules::class)
->filterTable(TrashedFilter::class, false)
->callTableAction('forceDelete', BackupSchedule::withTrashed()->findOrFail($schedule->id))
->assertHasNoTableActionErrors();
expect(BackupSchedule::withTrashed()->whereKey($schedule->id)->exists())->toBeTrue();
$this->assertDatabaseMissing('audit_logs', [
'tenant_id' => $tenant->id,
'action' => 'backup_schedule.force_deleted',
'resource_id' => (string) $schedule->id,
]);
});
it('force deletes archived schedules when no historical runs exist', function () {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$schedule = makeBackupScheduleForLifecycle($tenant, ['name' => 'Delete me forever']);
$schedule->delete();
$this->actingAs($user);
Filament::setTenant($tenant, true);
Livewire::test(ListBackupSchedules::class)
->filterTable(TrashedFilter::class, false)
->callTableAction('forceDelete', BackupSchedule::withTrashed()->findOrFail($schedule->id))
->assertHasNoTableActionErrors();
expect(BackupSchedule::withTrashed()->whereKey($schedule->id)->exists())->toBeFalse();
$this->assertDatabaseHas('audit_logs', [
'tenant_id' => $tenant->id,
'action' => 'backup_schedule.force_deleted',
'resource_type' => 'backup_schedule',
'resource_id' => (string) $schedule->id,
]);
});
it('allows editing archived schedules for authorized members', function () {
[$user, $tenant] = createUserWithTenant(role: 'manager');
$schedule = makeBackupScheduleForLifecycle($tenant, ['name' => 'Archived editable']);
$schedule->delete();
$this->actingAs($user);
Filament::setTenant($tenant, true);
Livewire::test(EditBackupSchedule::class, ['record' => $schedule->getRouteKey()])
->fillForm([
'name' => 'Archived edited',
])
->call('save')
->assertHasNoFormErrors();
$schedule->refresh();
expect($schedule->name)->toBe('Archived edited');
expect($schedule->trashed())->toBeTrue();
});
it('enforces state-idempotent lifecycle actions in the table surface', function () {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$active = makeBackupScheduleForLifecycle($tenant, ['name' => 'Active state']);
$archived = makeBackupScheduleForLifecycle($tenant, ['name' => 'Archived state']);
$archived->delete();
$this->actingAs($user);
Filament::setTenant($tenant, true);
Livewire::test(ListBackupSchedules::class)
->assertTableActionHidden('restore', $active)
->assertTableActionHidden('forceDelete', $active)
->assertTableActionHidden('archive', BackupSchedule::withTrashed()->findOrFail($archived->id));
expect((bool) $active->fresh()->trashed())->toBeFalse();
expect((bool) BackupSchedule::withTrashed()->findOrFail($archived->id)->trashed())->toBeTrue();
});
Reference in New Issue View Git Blame Copy Permalink