ahmido
e64bae9cfc
## Summary - replace the legacy Tenant and TenantMembership core models with ManagedEnvironment and ManagedEnvironmentMembership - propagate the managed environment naming and key changes across Filament resources, pages, controllers, jobs, models, and supporting runtime paths - add feature 279 spec artifacts and focused managed-environment test coverage for model behavior, route binding, panel context, authorization, and legacy guardrails ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentAuthorizationTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentPanelContextTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentRouteBindingTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentContextResolverTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentModelTest.php` - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` ## Notes - branch pushed from commit `1123b122` - browser smoke test file was added but not run in this pass Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #335
112 lines
3.4 KiB
PHP
112 lines
3.4 KiB
PHP
<?php
|
|
|
|
use App\Filament\Resources\BackupSetResource;
|
|
use App\Filament\Resources\BackupSetResource\Pages\CreateBackupSet;
|
|
use App\Filament\Resources\BackupSetResource\Pages\ListBackupSets;
|
|
use App\Filament\Resources\PolicyResource\Pages\ListPolicies;
|
|
use App\Filament\Resources\RestoreRunResource\Pages\CreateRestoreRun;
|
|
use App\Filament\Resources\RestoreRunResource\Pages\ListRestoreRuns;
|
|
use App\Models\BackupSet;
|
|
use App\Models\OperationRun;
|
|
use App\Models\Policy;
|
|
use App\Models\RestoreRun;
|
|
use Filament\Facades\Filament;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Livewire\Livewire;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
test('readonly users cannot archive backup sets', function () {
|
|
[$user, $tenant] = createUserWithTenant(role: 'readonly');
|
|
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$set = BackupSet::create([
|
|
'managed_environment_id' => $tenant->id,
|
|
'name' => 'Backup 1',
|
|
'status' => 'completed',
|
|
'item_count' => 0,
|
|
]);
|
|
|
|
Livewire::actingAs($user)
|
|
->test(ListBackupSets::class)
|
|
->assertTableActionDisabled('archive', $set)
|
|
->callTableAction('archive', $set);
|
|
|
|
expect(BackupSet::withTrashed()->find($set->id)?->trashed())->toBeFalse();
|
|
});
|
|
|
|
test('readonly users cannot create backup sets', function () {
|
|
[$user, $tenant] = createUserWithTenant(role: 'readonly');
|
|
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$this->actingAs($user)
|
|
->get(BackupSetResource::getUrl('create', tenant: $tenant))
|
|
->assertForbidden();
|
|
|
|
Livewire::actingAs($user)
|
|
->test(CreateBackupSet::class)
|
|
->assertStatus(403);
|
|
});
|
|
|
|
test('readonly users cannot export policies to backup', function () {
|
|
[$user, $tenant] = createUserWithTenant(role: 'readonly');
|
|
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$policy = Policy::factory()->create([
|
|
'managed_environment_id' => $tenant->id,
|
|
'ignored_at' => null,
|
|
]);
|
|
|
|
Livewire::actingAs($user)
|
|
->test(ListPolicies::class)
|
|
->assertTableActionDisabled('export', $policy)
|
|
->callTableAction('export', $policy, data: [
|
|
'backup_name' => 'Readonly Export',
|
|
]);
|
|
|
|
expect(OperationRun::query()->where('managed_environment_id', $tenant->id)->where('type', 'policy.export')->exists())->toBeFalse();
|
|
});
|
|
|
|
test('operator users cannot access the restore run wizard (create)', function () {
|
|
[$user, $tenant] = createUserWithTenant(role: 'operator');
|
|
|
|
Filament::setTenant($tenant, true);
|
|
|
|
Livewire::actingAs($user)
|
|
->test(CreateRestoreRun::class)
|
|
->assertStatus(403);
|
|
});
|
|
|
|
test('readonly users cannot force delete restore runs', function () {
|
|
[$user, $tenant] = createUserWithTenant(role: 'readonly');
|
|
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$set = BackupSet::create([
|
|
'managed_environment_id' => $tenant->id,
|
|
'name' => 'Backup for Restore Run',
|
|
'status' => 'completed',
|
|
'item_count' => 0,
|
|
]);
|
|
|
|
$run = RestoreRun::create([
|
|
'managed_environment_id' => $tenant->id,
|
|
'backup_set_id' => $set->id,
|
|
'status' => 'completed',
|
|
'is_dry_run' => true,
|
|
'requested_by' => 'tester@example.com',
|
|
]);
|
|
|
|
$run->delete();
|
|
|
|
Livewire::actingAs($user)
|
|
->test(ListRestoreRuns::class)
|
|
->assertTableActionDisabled('forceDelete', $run)
|
|
->callTableAction('forceDelete', $run);
|
|
|
|
expect(RestoreRun::withTrashed()->find($run->id))->not->toBeNull();
|
|
});
|