ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
feat/363-explicit-uiactioncontext-contract
TenantAtlas/apps/platform/app/Http/Controllers/OpenFindingExceptionsQueueController.php
ahmido a9c54205bf feat: finding exceptions accepted risk resolution guidance v1 (spec 354) (#425) 
Implemented the accepted risk resolution guidance, including the AcceptedRiskResolutionAdapter, guidance cards, and updated related Filament views. Added unit, feature, and browser tests.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #425
2026-06-05 02:20:46 +00:00

68 lines
1.9 KiB
PHP
Raw Permalink Blame History

<?php
declare(strict_types=1);
namespace App\Http\Controllers;
use App\Filament\Pages\Monitoring\FindingExceptionsQueue;
use App\Models\ManagedEnvironment;
use App\Models\User;
use App\Models\Workspace;
use App\Services\Auth\WorkspaceCapabilityResolver;
use App\Support\Auth\Capabilities;
use App\Support\Workspaces\WorkspaceContext;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
final class OpenFindingExceptionsQueueController extends Controller
{
public function __invoke(Request $request, ManagedEnvironment $environment): RedirectResponse
{
$user = auth()->user();
if (! $user instanceof User) {
abort(403);
}
$workspace = Workspace::query()->whereKey($environment->workspace_id)->first();
if (! $workspace instanceof Workspace) {
abort(404);
}
if (! $user->canAccessTenant($environment)) {
abort(404);
}
$workspaceContext = app(WorkspaceContext::class);
if (! $workspaceContext->isMember($user, $workspace)) {
abort(404);
}
/** @var WorkspaceCapabilityResolver $resolver */
$resolver = app(WorkspaceCapabilityResolver::class);
if (! $resolver->can($user, $workspace, Capabilities::FINDING_EXCEPTION_APPROVE)) {
abort(404);
}
$workspaceContext->setCurrentWorkspace($workspace, $user, $request);
if (! $workspaceContext->rememberEnvironmentContext($environment, $request)) {
abort(404);
}
$parameters = array_replace($request->query(), [
'environment_id' => (int) $environment->getKey(),
]);
unset($parameters['tenant']);
return redirect()->to(FindingExceptionsQueue::getUrl(
panel: 'admin',
parameters: array_filter($parameters, static fn (mixed $value): bool => $value !== null && $value !== '' && $value !== []),
));
}
}
Reference in New Issue View Git Blame Copy Permalink