ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
03b1beb616
TenantAtlas/apps/platform/tests/Unit/EntraAdminRolesReportServiceTest.php
ahmido ce0615a9c1 Spec 182: relocate Laravel platform to apps/platform (#213) 
## Summary
- move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling
- update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location
- add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation`
- integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404`

## Remaining Rollout Checks
- validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout
- confirm web, queue, and scheduler processes all start from the expected working directory in staging/production
- verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #213
2026-04-08 08:40:47 +00:00

119 lines
4.0 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Models\Tenant;
use App\Services\EntraAdminRoles\EntraAdminRolesReportService;
use App\Services\Graph\GraphClientInterface;
use App\Services\Graph\GraphResponse;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('requests principal expansion and uses principal display name when present', function () {
$tenant = Tenant::factory()->create();
ensureDefaultProviderConnection($tenant, 'microsoft');
$roleDefinitions = [
[
'id' => 'role-def-1',
'templateId' => '62e90394-69f5-4237-9190-012177145e10',
'displayName' => 'Global Administrator',
'isBuiltIn' => true,
],
];
$roleAssignments = [
[
'id' => 'role-assign-1',
'roleDefinitionId' => 'role-def-1',
'principalId' => 'principal-1',
'directoryScopeId' => '/',
'principal' => [
'@odata.type' => '#microsoft.graph.user',
'displayName' => 'Ada Lovelace',
],
],
];
$calls = [];
$this->mock(GraphClientInterface::class, function ($mock) use (&$calls, $roleDefinitions, $roleAssignments) {
$mock->shouldReceive('listPolicies')
->twice()
->andReturnUsing(function (string $policyType, array $options) use (&$calls, $roleDefinitions, $roleAssignments): GraphResponse {
$calls[] = [$policyType, $options];
if ($policyType === 'entraRoleDefinitions') {
return new GraphResponse(true, $roleDefinitions);
}
return new GraphResponse(true, $roleAssignments);
});
});
$result = app(EntraAdminRolesReportService::class)->generate($tenant);
expect($calls)->toHaveCount(2);
expect($calls[0][0])->toBe('entraRoleDefinitions');
expect($calls[0][1])->not->toHaveKey('expand');
expect($calls[1][0])->toBe('entraRoleAssignments');
expect($calls[1][1]['expand'] ?? null)->toBe('principal');
expect($calls[1][1])->toMatchArray(array_merge($calls[0][1], [
'expand' => 'principal',
]));
expect($result->payload['high_privilege'])->toHaveCount(1);
expect($result->payload['high_privilege'][0]['principal_display_name'])->toBe('Ada Lovelace');
});
it('falls back to Unknown when principal details are missing upstream', function () {
$tenant = Tenant::factory()->create();
ensureDefaultProviderConnection($tenant, 'microsoft');
$roleDefinitions = [
[
'id' => 'role-def-1',
'templateId' => '62e90394-69f5-4237-9190-012177145e10',
'displayName' => 'Global Administrator',
'isBuiltIn' => true,
],
];
$roleAssignments = [
[
'id' => 'role-assign-1',
'roleDefinitionId' => 'role-def-1',
'principalId' => 'principal-1',
'directoryScopeId' => '/',
],
];
$calls = [];
$this->mock(GraphClientInterface::class, function ($mock) use (&$calls, $roleDefinitions, $roleAssignments) {
$mock->shouldReceive('listPolicies')
->twice()
->andReturnUsing(function (string $policyType, array $options) use (&$calls, $roleDefinitions, $roleAssignments): GraphResponse {
$calls[] = [$policyType, $options];
if ($policyType === 'entraRoleDefinitions') {
return new GraphResponse(true, $roleDefinitions);
}
return new GraphResponse(true, $roleAssignments);
});
});
$result = app(EntraAdminRolesReportService::class)->generate($tenant);
expect($calls)->toHaveCount(2);
expect($calls[0][0])->toBe('entraRoleDefinitions');
expect($calls[0][1])->not->toHaveKey('expand');
expect($calls[1][0])->toBe('entraRoleAssignments');
expect($calls[1][1]['expand'] ?? null)->toBe('principal');
expect($result->payload['high_privilege'])->toHaveCount(1);
expect($result->payload['high_privilege'][0]['principal_display_name'])->toBe('Unknown');
});
Reference in New Issue View Git Blame Copy Permalink