ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects 1 Releases Wiki Activity
189-portfolio-triage-review-state
TenantAtlas/apps/platform/tests/Unit/Providers/ProviderOperationStartGateTest.php
ahmido 1655cc481e Spec 188: canonical provider connection state cleanup (#219) 
## Summary
- migrate provider connections to the canonical three-dimension state model: lifecycle via `is_enabled`, consent via `consent_status`, and verification via `verification_status`
- remove legacy provider status and health badge paths, update admin and system directory surfaces, and align onboarding, consent callback, verification, resolver, and mutation flows with the new model
- add the Spec 188 artifact set, schema migrations, guard coverage, and expanded provider-state tests across admin, system, onboarding, verification, and rendering paths

## Verification
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Auth/SystemPanelAuthTest.php tests/Feature/Filament/TenantGlobalSearchLifecycleScopeTest.php tests/Feature/ProviderConnections/ProviderConnectionEnableDisableTest.php tests/Feature/ProviderConnections/ProviderConnectionTruthCleanupSpec179Test.php`
- integrated browser smoke: validated admin provider list/detail/edit, tenant provider summary, system directory tenant detail, provider-connection search exclusion, and cleaned up the temporary smoke record afterward

## Filament / implementation notes
- Livewire v4.0+ compliance: preserved; this change targets Filament v5 on Livewire v4 and does not introduce older APIs
- Provider registration location: unchanged; Laravel 11+ panel providers remain registered in `bootstrap/providers.php`
- Globally searchable resources: `ProviderConnectionResource` remains intentionally excluded from global search; tenant global search remains enabled and continues to resolve to view pages
- Destructive actions: no new destructive action surface was introduced without confirmation or authorization; existing capability checks continue to gate provider mutations
- Asset strategy: unchanged; no new Filament assets were added, so deploy behavior for `php artisan filament:assets` remains unchanged
- Testing plan covered: system auth, tenant global search, provider lifecycle enable/disable behavior, and provider truth cleanup cutover behavior

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #219
2026-04-10 11:22:56 +00:00

160 lines
5.4 KiB
PHP
Raw Permalink Blame History

<?php
use App\Models\OperationRun;
use App\Models\ProviderConnection;
use App\Models\ProviderCredential;
use App\Models\Tenant;
use App\Services\Providers\ProviderOperationStartGate;
use App\Support\OperationRunOutcome;
use App\Support\OperationRunStatus;
use App\Support\Providers\ProviderReasonCodes;
use App\Support\Verification\VerificationReportSchema;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('starts a provider operation and dispatches the job once', function (): void {
$tenant = Tenant::factory()->create();
$connection = ProviderConnection::factory()->dedicated()->consentGranted()->create([
'tenant_id' => $tenant->getKey(),
'provider' => 'microsoft',
'entra_tenant_id' => 'entra-tenant-id',
'consent_status' => 'granted',
]);
ProviderCredential::factory()->create([
'provider_connection_id' => (int) $connection->getKey(),
]);
$dispatched = 0;
$gate = app(ProviderOperationStartGate::class);
$result = $gate->start(
tenant: $tenant,
connection: $connection,
operationType: 'provider.connection.check',
dispatcher: function (OperationRun $run) use (&$dispatched): void {
$dispatched++;
expect($run->type)->toBe('provider.connection.check');
},
);
expect($dispatched)->toBe(1);
expect($result->status)->toBe('started');
expect($result->dispatched)->toBeTrue();
$run = $result->run->fresh();
expect($run)->not->toBeNull();
expect($run->type)->toBe('provider.connection.check');
expect($run->status)->toBe('queued');
expect($run->context)->toMatchArray([
'provider' => 'microsoft',
'module' => 'health_check',
'provider_connection_id' => (int) $connection->getKey(),
'target_scope' => [
'entra_tenant_id' => 'entra-tenant-id',
],
]);
});
it('dedupes when the same operation is already active for the scope', function (): void {
$tenant = Tenant::factory()->create();
$connection = ProviderConnection::factory()->dedicated()->consentGranted()->create([
'tenant_id' => $tenant->getKey(),
'consent_status' => 'granted',
]);
ProviderCredential::factory()->create([
'provider_connection_id' => (int) $connection->getKey(),
]);
$existing = OperationRun::factory()->create([
'tenant_id' => $tenant->getKey(),
'type' => 'provider.connection.check',
'status' => 'running',
'context' => [
'provider_connection_id' => (int) $connection->getKey(),
],
]);
$dispatched = 0;
$gate = app(ProviderOperationStartGate::class);
$result = $gate->start(
tenant: $tenant,
connection: $connection,
operationType: 'provider.connection.check',
dispatcher: function () use (&$dispatched): void {
$dispatched++;
},
);
expect($dispatched)->toBe(0);
expect($result->status)->toBe('deduped');
expect($result->run->getKey())->toBe($existing->getKey());
expect(OperationRun::query()->where('tenant_id', $tenant->getKey())->count())->toBe(1);
});
it('blocks when a different operation is already active for the scope', function (): void {
$tenant = Tenant::factory()->create();
$connection = ProviderConnection::factory()->dedicated()->consentGranted()->create([
'tenant_id' => $tenant->getKey(),
'consent_status' => 'granted',
]);
ProviderCredential::factory()->create([
'provider_connection_id' => (int) $connection->getKey(),
]);
$blocking = OperationRun::factory()->create([
'tenant_id' => $tenant->getKey(),
'type' => 'inventory_sync',
'status' => 'queued',
'context' => [
'provider_connection_id' => (int) $connection->getKey(),
],
]);
$dispatched = 0;
$gate = app(ProviderOperationStartGate::class);
$result = $gate->start(
tenant: $tenant,
connection: $connection,
operationType: 'provider.connection.check',
dispatcher: function () use (&$dispatched): void {
$dispatched++;
},
);
expect($dispatched)->toBe(0);
expect($result->status)->toBe('scope_busy');
expect($result->run->getKey())->toBe($blocking->getKey());
expect(OperationRun::query()->where('tenant_id', $tenant->getKey())->count())->toBe(1);
});
it('returns blocked and stores reason metadata when no default connection exists', function (): void {
$tenant = Tenant::factory()->create();
$dispatched = 0;
$gate = app(ProviderOperationStartGate::class);
$result = $gate->start(
tenant: $tenant,
connection: null,
operationType: 'provider.connection.check',
dispatcher: function () use (&$dispatched): void {
$dispatched++;
},
);
expect($dispatched)->toBe(0);
expect($result->status)->toBe('blocked');
expect($result->dispatched)->toBeFalse();
expect($result->run->status)->toBe(OperationRunStatus::Completed->value);
expect($result->run->outcome)->toBe(OperationRunOutcome::Blocked->value);
expect($result->run->context['reason_code'] ?? null)->toBe(ProviderReasonCodes::ProviderConnectionMissing);
expect($result->run->context['next_steps'] ?? [])->not->toBeEmpty();
expect($result->run->context['verification_report'] ?? null)->toBeArray();
expect(VerificationReportSchema::isValidReport($result->run->context['verification_report'] ?? []))->toBeTrue();
});
Reference in New Issue View Git Blame Copy Permalink