ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
023274c46c
TenantAtlas/apps/platform/tests/Feature/Findings/FindingAuditLogTest.php
ahmido e64bae9cfc feat: cut over tenant core to managed environments (#335) 
## Summary
- replace the legacy Tenant and TenantMembership core models with ManagedEnvironment and ManagedEnvironmentMembership
- propagate the managed environment naming and key changes across Filament resources, pages, controllers, jobs, models, and supporting runtime paths
- add feature 279 spec artifacts and focused managed-environment test coverage for model behavior, route binding, panel context, authorization, and legacy guardrails

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentAuthorizationTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentPanelContextTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentRouteBindingTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentContextResolverTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentModelTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Notes
- branch pushed from commit `1123b122`
- browser smoke test file was added but not run in this pass

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #335
2026-05-07 06:38:14 +00:00

85 lines
3.5 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Models\AuditLog;
use App\Models\Finding;
use App\Models\User;
use App\Services\Findings\FindingWorkflowService;
use App\Support\Findings\FindingOutcomeSemantics;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('writes sanitized audit entries for workflow mutations with before and after metadata', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$finding = Finding::factory()->for($tenant)->create([
'status' => Finding::STATUS_NEW,
'evidence_jsonb' => [
'secret_token' => 'should-not-be-audited',
'payload' => ['x' => 'y'],
],
]);
$service = app(FindingWorkflowService::class);
$service->triage($finding, $tenant, $user);
$service->resolve($finding->refresh(), $tenant, $user, Finding::RESOLVE_REASON_REMEDIATED);
$audit = AuditLog::query()
->where('managed_environment_id', (int) $tenant->getKey())
->where('resource_type', 'finding')
->where('resource_id', (string) $finding->getKey())
->where('action', 'finding.resolved')
->latest('id')
->first();
expect($audit)->not->toBeNull();
expect((int) $audit->actor_id)->toBe((int) $user->getKey())
->and($audit->actor_email)->toBe($user->email)
->and(data_get($audit->metadata, 'finding_id'))->toBe((int) $finding->getKey())
->and(data_get($audit->metadata, 'before_status'))->toBe(Finding::STATUS_TRIAGED)
->and(data_get($audit->metadata, 'after_status'))->toBe(Finding::STATUS_RESOLVED)
->and(data_get($audit->metadata, 'resolved_reason'))->toBe(Finding::RESOLVE_REASON_REMEDIATED)
->and(data_get($audit->metadata, 'terminal_outcome_key'))->toBe(FindingOutcomeSemantics::OUTCOME_RESOLVED_PENDING_VERIFICATION)
->and(data_get($audit->metadata, 'verification_state'))->toBe(FindingOutcomeSemantics::VERIFICATION_PENDING)
->and(data_get($audit->metadata, 'before'))->toBeArray()
->and(data_get($audit->metadata, 'after'))->toBeArray()
->and(data_get($audit->metadata, 'evidence_jsonb'))->toBeNull()
->and(data_get($audit->metadata, 'before.evidence_jsonb'))->toBeNull()
->and(data_get($audit->metadata, 'after.evidence_jsonb'))->toBeNull();
});
it('writes assignment audit entries without evidence payloads', function (): void {
[$owner, $tenant] = createUserWithTenant(role: 'owner');
$assignee = User::factory()->create();
createUserWithTenant(tenant: $tenant, user: $assignee, role: 'operator');
$finding = Finding::factory()->for($tenant)->create([
'status' => Finding::STATUS_NEW,
]);
app(FindingWorkflowService::class)->assign(
finding: $finding,
tenant: $tenant,
actor: $owner,
assigneeUserId: (int) $assignee->getKey(),
ownerUserId: (int) $owner->getKey(),
);
$audit = AuditLog::query()
->where('managed_environment_id', (int) $tenant->getKey())
->where('action', 'finding.assigned')
->latest('id')
->first();
expect($audit)->not->toBeNull();
expect(data_get($audit->metadata, 'assignee_user_id'))->toBe((int) $assignee->getKey())
->and(data_get($audit->metadata, 'owner_user_id'))->toBe((int) $owner->getKey())
->and(data_get($audit->metadata, 'before'))->toBeArray()
->and(data_get($audit->metadata, 'after'))->toBeArray()
->and(data_get($audit->metadata, 'before.evidence_jsonb'))->toBeNull()
->and(data_get($audit->metadata, 'after.evidence_jsonb'))->toBeNull();
});
Reference in New Issue View Git Blame Copy Permalink