TenantAtlas/apps/platform/tests/Feature/EnvironmentReview/Spec349EnvironmentReviewOutputGuidanceTest.php

<?php

declare(strict_types=1);

use App\Filament\Pages\Reviews\CustomerReviewWorkspace;
use App\Filament\Resources\EnvironmentReviewResource;
use App\Filament\Resources\EnvironmentReviewResource\Pages\ViewEnvironmentReview;
use App\Models\ManagedEnvironment;
use App\Models\ReviewPack;
use App\Models\User;
use App\Support\EnvironmentReviewStatus;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Storage;
use Livewire\Livewire;

uses(RefreshDatabase::class);

beforeEach(function (): void {
    Storage::fake('exports');
});

it('separates review status, output readiness, and publication sharing state on the review detail page', function (): void {
    $tenant = ManagedEnvironment::factory()->create();
    [$owner, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
    $snapshot = seedPartialEnvironmentReviewEvidence($tenant, findingCount: 0, driftCount: 0);
    $review = composeEnvironmentReviewForTest($tenant, $owner, $snapshot);
    $summary = array_replace_recursive(is_array($review->summary) ? $review->summary : [], [
        'publish_blockers' => ['Operator approval note is still missing.'],
    ]);

    $review->forceFill([
        'status' => EnvironmentReviewStatus::Published->value,
        'published_at' => now(),
        'published_by_user_id' => (int) $owner->getKey(),
        'summary' => $summary,
    ])->save();

    Storage::disk('exports')->put('review-packs/spec349-detail-blocked.zip', 'PK-spec349-detail-blocked');

    $pack = ReviewPack::factory()->ready()->create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'workspace_id' => (int) $tenant->workspace_id,
        'environment_review_id' => (int) $review->getKey(),
        'evidence_snapshot_id' => (int) $snapshot->getKey(),
        'initiated_by_user_id' => (int) $owner->getKey(),
        'options' => [
            'include_pii' => false,
            'include_operations' => true,
        ],
        'file_path' => 'review-packs/spec349-detail-blocked.zip',
        'file_disk' => 'exports',
        'generated_at' => now()->subMinutes(3),
    ]);

    $review->forceFill(['current_export_review_pack_id' => (int) $pack->getKey()])->save();

    setAdminEnvironmentContext($tenant);

    $this->actingAs($owner)
        ->get(EnvironmentReviewResource::environmentScopedUrl('view', ['record' => $review], $tenant))
        ->assertOk()
        ->assertSee('Review status')
        ->assertSee('Output readiness')
        ->assertSee('Publication/sharing state')
        ->assertSee('Publication blocked')
        ->assertSee('Create next review')
        ->assertSee('Technical details')
        ->assertDontSee('Ready to share');
});

it('removes the repeated action rail from the customer-workspace detail context', function (): void {
    $tenant = ManagedEnvironment::factory()->create();
    [$owner, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
    $snapshot = seedPartialEnvironmentReviewEvidence($tenant, findingCount: 0, driftCount: 0);
    $review = composeEnvironmentReviewForTest($tenant, $owner, $snapshot);
    $summary = array_replace_recursive(is_array($review->summary) ? $review->summary : [], [
        'publish_blockers' => ['Operator approval note is still missing.'],
    ]);

    $review->forceFill([
        'status' => EnvironmentReviewStatus::Published->value,
        'published_at' => now(),
        'published_by_user_id' => (int) $owner->getKey(),
        'summary' => $summary,
    ])->save();

    Storage::disk('exports')->put('review-packs/spec349-detail-context-blocked.zip', 'PK-spec349-detail-context-blocked');

    $pack = ReviewPack::factory()->ready()->create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'workspace_id' => (int) $tenant->workspace_id,
        'environment_review_id' => (int) $review->getKey(),
        'evidence_snapshot_id' => (int) $snapshot->getKey(),
        'initiated_by_user_id' => (int) $owner->getKey(),
        'options' => [
            'include_pii' => false,
            'include_operations' => true,
        ],
        'file_path' => 'review-packs/spec349-detail-context-blocked.zip',
        'file_disk' => 'exports',
        'generated_at' => now()->subMinutes(3),
    ]);

    $review->forceFill(['current_export_review_pack_id' => (int) $pack->getKey()])->save();

    setAdminEnvironmentContext($tenant);

    $this->actingAs($owner)
        ->get(EnvironmentReviewResource::environmentScopedUrl('view', [
            'record' => $review,
            CustomerReviewWorkspace::DETAIL_CONTEXT_QUERY_KEY => 1,
        ], $tenant))
        ->assertOk()
        ->assertSee('Output guidance')
        ->assertSee('Review limitations below')
        ->assertSee('You are already on the review detail for this output.')
        ->assertDontSee('Inspect review blockers')
        ->assertDontSee('Open evidence basis')
        ->assertDontSee('Open operation proof');
});

it('qualifies the customer-workspace detail download action instead of using a generic package label', function (): void {
    $tenant = ManagedEnvironment::factory()->create();
    [$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'readonly');
    $snapshot = seedEnvironmentReviewEvidence($tenant, findingCount: 0, driftCount: 0);
    $review = composeEnvironmentReviewForTest($tenant, $user, $snapshot);
    $review->forceFill([
        'status' => EnvironmentReviewStatus::Published->value,
        'published_at' => now(),
        'published_by_user_id' => (int) $user->getKey(),
    ])->save();
    $review = markEnvironmentReviewCustomerSafeReady($review);

    Storage::disk('exports')->put('review-packs/spec349-detail-internal.zip', 'PK-spec349-detail-internal');

    $pack = ReviewPack::factory()->ready()->create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'workspace_id' => (int) $tenant->workspace_id,
        'environment_review_id' => (int) $review->getKey(),
        'evidence_snapshot_id' => (int) $snapshot->getKey(),
        'initiated_by_user_id' => (int) $user->getKey(),
        'options' => [
            'include_pii' => true,
            'include_operations' => true,
        ],
        'file_path' => 'review-packs/spec349-detail-internal.zip',
        'file_disk' => 'exports',
        'generated_at' => now()->subMinutes(3),
    ]);

    $review->forceFill(['current_export_review_pack_id' => (int) $pack->getKey()])->save();

    setAdminEnvironmentContext($tenant);

    Livewire::withQueryParams([CustomerReviewWorkspace::DETAIL_CONTEXT_QUERY_KEY => 1])
        ->actingAs($user)
        ->test(ViewEnvironmentReview::class, ['record' => $review->getKey()])
        ->assertActionVisible('open_current_rendered_report')
        ->assertActionEnabled('open_current_rendered_report')
        ->assertActionExists('open_current_rendered_report', fn (\Filament\Actions\Action $action): bool => $action->getLabel() === 'View internal report');
});