TenantAtlas/apps/platform/tests/Feature/Workspaces/GlobalContextShellContractTest.php

<?php

declare(strict_types=1);

use App\Filament\Pages\TenantDashboard;
use App\Models\Tenant;
use App\Models\User;
use App\Support\Workspaces\WorkspaceContext;
use Illuminate\Foundation\Testing\RefreshDatabase;

uses(RefreshDatabase::class);

it('shows the routed workspace and tenant truth on tenant-panel entry without relying on session workspace state', function (): void {
    $tenant = Tenant::factory()->active()->create(['name' => 'Tenant Panel Entry']);
    [$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');

    session()->forget(WorkspaceContext::SESSION_KEY);

    $this->actingAs($user)
        ->get(TenantDashboard::getUrl(panel: 'tenant', tenant: $tenant))
        ->assertOk()
        ->assertSee($tenant->workspace()->firstOrFail()->name)
        ->assertSee('Tenant Panel Entry')
        ->assertSee('Switch tenant')
        ->assertSee('Clear tenant scope')
        ->assertDontSee('Search tenants…')
        ->assertDontSee('admin/select-tenant');
});

it('keeps workspace-scoped routes tenantless when a cross-workspace tenant hint is rejected', function (): void {
    $workspaceTenant = Tenant::factory()->active()->create(['name' => 'Workspace Tenant']);
    [$user, $workspaceTenant] = createUserWithTenant(tenant: $workspaceTenant, role: 'owner');

    $foreignTenant = Tenant::factory()->active()->create(['name' => 'Rejected Foreign Tenant']);
    createUserWithTenant(tenant: $foreignTenant, user: User::factory()->create(), role: 'owner');

    $this->actingAs($user)
        ->withSession([WorkspaceContext::SESSION_KEY => (int) $workspaceTenant->workspace_id])
        ->get(route('admin.operations.index', ['tenant' => $foreignTenant->external_id]))
        ->assertOk()
        ->assertSee('No tenant selected')
        ->assertDontSee('Tenant scope: Rejected Foreign Tenant');
});