ahmido
1acbf8cc54
## Summary - remove tenant-based Graph options access from runtime service paths and enforce provider-only resolution - add `MicrosoftGraphOptionsResolver` and `ProviderConfigurationRequiredException` for centralized, actionable provider-config errors - turn `Tenant::graphOptions()` into a fail-fast kill switch to prevent legacy runtime usage - add and update tests (including guardrail) to enforce no reintroduction in `app/` - update Spec 088 artifacts (`spec`, `plan`, `research`, `tasks`, checklist) ## Validation - `vendor/bin/sail bin pint --dirty` - `vendor/bin/sail artisan test --compact --filter=NoLegacyTenantGraphOptions` - `vendor/bin/sail artisan test --compact tests/Feature/Filament` - `CI=1 vendor/bin/sail artisan test --compact` ## Notes - Branch includes the guardrail test for legacy callsite detection in `app/`. - Full suite currently green: 1227 passed, 5 skipped. Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box> Reviewed-on: #105
26 lines
984 B
PHP
26 lines
984 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\Tenant;
|
|
|
|
it('renders guidance, admin consent link, re-run verification, and copy actions on the required permissions page', function (): void {
|
|
$tenant = Tenant::factory()->create([
|
|
'external_id' => 'tenant-copy-actions-a',
|
|
'app_client_id' => null,
|
|
]);
|
|
|
|
[$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'readonly', ensureDefaultMicrosoftProviderConnection: false);
|
|
|
|
$this->actingAs($user)
|
|
->get("/admin/tenants/{$tenant->external_id}/required-permissions")
|
|
->assertSuccessful()
|
|
->assertSee('Guidance')
|
|
->assertSee('Who can fix this?', false)
|
|
->assertSee('Admin consent guide')
|
|
->assertSee('learn.microsoft.com/en-us/entra/identity/enterprise-apps/grant-admin-consent', false)
|
|
->assertSee('Re-run verification')
|
|
->assertSee('Copy missing application permissions')
|
|
->assertSee('Copy missing delegated permissions');
|
|
});
|