ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
dev-session-1769551498
TenantAtlas/tests/Feature/Auth/CrossScopeAccessTest.php
ahmido 210cf5ce8b feat: implement auth structure system panel (#77) 
Implements 064-auth-structure (Auth Structure v1.0):

Adds platform_users + PlatformUser identity (factory + seeder) for platform operators
Introduces platform auth guard/provider in auth.php
Adds a dedicated Filament v5 System panel at system using guard platform (custom login + dashboard)
Enforces strict cross-scope isolation between /admin and system (deny-as-404)
Adds platform capability gating (platform.access_system_panel, platform.use_break_glass) + gates in AuthServiceProvider
Implements audited break-glass mode (enter/exit/expire), banner via render hook, feature flag + TTL config
Removes legacy users.is_platform_superadmin runtime usage and adds an architecture test to prevent regressions
Updates tenant membership pivot usage where needed (tenant_memberships)
Testing:

vendor/bin/sail artisan test --compact tests/Feature/Auth (28 passed)
vendor/bin/sail bin pint --dirty
Notes:

Filament v5 / Livewire v4 compatible.
Panel providers registered in providers.php.
Destructive actions use ->action(...) + ->requiresConfirmation() where applicable.

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #77
2026-01-27 21:49:18 +00:00

32 lines
974 B
PHP
Raw Permalink Blame History

<?php
use App\Models\PlatformUser;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('allows guests to access both panel login pages', function () {
$this->get('/admin/login')->assertSuccessful();
$this->get('/system/login')->assertSuccessful();
});
it('returns 404 when a platform session accesses the admin panel', function () {
$platformUser = PlatformUser::factory()->create();
$this->actingAs($platformUser, 'platform');
$this->get('/admin/login')->assertNotFound();
});
it('returns 404 when a tenant session accesses the system panel', function () {
$user = User::factory()->create();
$this->actingAs($user);
$this->get('/system/login')->assertNotFound();
// Filament may switch the active guard within the test process,
// so ensure the tenant session is set for each request we assert.
$this->actingAs($user);
$this->get('/system')->assertNotFound();
});
Reference in New Issue View Git Blame Copy Permalink