ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
06eba47fbe
TenantAtlas/apps/platform/tests/Feature/Guards/AdminTenantResolverGuardTest.php
ahmido 5248654691 feat: retire tenant panel runtime dead code (#359) 
## Summary
- retire remaining legacy tenant-panel runtime assumptions in the Filament admin runtime and route resolution paths
- centralize canonical admin environment context handling for shared surfaces instead of relying on deprecated `tenant` panel behavior
- harden guard coverage so legacy `/admin/t` and `/admin/tenants` route families cannot regress
- update scoped navigation, drillthrough, reference-link, and global-search tests to use the admin panel environment runtime
- add the Spec 304 package under `specs/304-tenant-panel-dead-code-retirement/` and document the rollout in the product ledger

## Test Coverage Updated
- `AdminSharedSurfacePanelParityTest`
- `NoActiveTenantResourceRoutesTest`
- `NoLegacyTenantPanelRuntimeTest`
- `AdminTenantResolverGuardTest`
- `PolicyVersionResolvedReferenceLinksTest`
- `EntraGroupGlobalSearchScopeTest`
- `OperationsDashboardDrillthroughTest`

## Runtime Notes
- remains compliant with Filament v5 on Livewire v4
- no provider registration changes; provider registration location remains `apps/platform/bootstrap/providers.php`
- no new globally searchable resource was introduced; existing scoped search assertions were updated only
- no destructive actions were added or changed
- no asset registration changes; deploy posture for `cd apps/platform && php artisan filament:assets` is unchanged

## Validation
- updated tests and docs/spec artifacts were committed in this branch
- tests were not re-run in this turn

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #359
2026-05-14 23:57:36 +00:00

107 lines
4.6 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
function adminTenantResolverGuardedFiles(): array
{
return [
'app/Filament/Pages/BaselineCompareLanding.php',
'app/Filament/Pages/EnvironmentDiagnostics.php',
'app/Filament/Pages/InventoryCoverage.php',
'app/Filament/Widgets/Inventory/InventoryKpiHeader.php',
'app/Filament/Pages/Monitoring/Operations.php',
'app/Filament/Pages/Operations/TenantlessOperationRunViewer.php',
'app/Filament/Widgets/Operations/OperationsKpiHeader.php',
'app/Filament/Resources/OperationRunResource.php',
'app/Filament/Resources/PolicyResource.php',
'app/Filament/Resources/BackupScheduleResource.php',
'app/Filament/Resources/BackupScheduleResource/Pages/ListBackupSchedules.php',
'app/Filament/Resources/BackupSetResource.php',
'app/Filament/Resources/BackupSetResource/Pages/ListBackupSets.php',
'app/Filament/Resources/BackupSetResource/Pages/ViewBackupSet.php',
'app/Filament/Resources/FindingResource.php',
'app/Filament/Resources/FindingResource/Pages/ListFindings.php',
'app/Filament/Resources/InventoryItemResource.php',
'app/Filament/Resources/InventoryItemResource/Pages/ListInventoryItems.php',
'app/Filament/Resources/PolicyVersionResource.php',
'app/Filament/Resources/PolicyVersionResource/Pages/ListPolicyVersions.php',
'app/Filament/Resources/ProviderConnectionResource.php',
'app/Filament/Resources/AlertDeliveryResource.php',
'app/Filament/Resources/AlertDeliveryResource/Pages/ListAlertDeliveries.php',
'app/Filament/Pages/Monitoring/AuditLog.php',
'app/Filament/Pages/EnvironmentRequiredPermissions.php',
'app/Filament/Pages/Workspaces/ManagedEnvironmentOnboardingWizard.php',
'app/Filament/Resources/ProviderConnectionResource/Pages/ListProviderConnections.php',
'app/Filament/Resources/RestoreRunResource.php',
'app/Filament/Resources/RestoreRunResource/Pages/CreateRestoreRun.php',
];
}
function adminTenantResolverExceptionFiles(): array
{
return [
'app/Filament/Pages/ChooseEnvironment.php',
'app/Http/Controllers/SelectEnvironmentController.php',
'app/Support/Middleware/EnsureFilamentTenantSelected.php',
'app/Filament/Concerns/ResolvesPanelTenantContext.php',
];
}
it('keeps raw panel-native tenant reads out of canonical admin resolver surfaces', function (): void {
$forbiddenPatterns = [
'/\bFilament::getTenant\s*\(/',
'/\bTenant::current\s*\(/',
];
$violations = [];
foreach (adminTenantResolverGuardedFiles() as $relativePath) {
$contents = file_get_contents(base_path($relativePath));
expect($contents)->not->toBeFalse();
foreach ($forbiddenPatterns as $pattern) {
if (preg_match($pattern, (string) $contents) === 1) {
$violations[] = $relativePath;
break;
}
}
}
expect($violations)
->toBeEmpty('Canonical admin surfaces must delegate tenant resolution to OperateHubShell. Offenders: '.implode(', ', $violations));
});
it('documents the approved panel-native exception inventory', function (): void {
$notes = file_get_contents(repo_path('docs/research/admin-canonical-tenant-rollout.md'));
expect($notes)->not->toBeFalse();
foreach (adminTenantResolverExceptionFiles() as $relativePath) {
expect($notes)->toContain($relativePath);
}
});
it('keeps the shared panel resolver explicit about admin and non-admin fallback resolution', function (): void {
$resolverContents = file_get_contents(base_path('app/Filament/Concerns/ResolvesPanelTenantContext.php'));
$contents = file_get_contents(base_path('app/Filament/Resources/EntraGroupResource.php'));
expect($resolverContents)->not->toBeFalse()
->and($resolverContents)->toContain('tenantOwnedPanelContext(request())')
->and($resolverContents)->toContain('ManagedEnvironment::current()');
expect($contents)->not->toBeFalse()
->and($contents)->toContain('use ResolvesPanelTenantContext;')
->and($contents)->not->toContain('activeEntitledTenant(request())')
->and($contents)->not->toContain('ManagedEnvironment::current()');
});
it('keeps first-slice admin trusted-state surfaces inside the canonical admin resolver guard inventory', function (): void {
$guardedFiles = adminTenantResolverGuardedFiles();
expect($guardedFiles)
->toContain('app/Filament/Pages/EnvironmentRequiredPermissions.php')
->toContain('app/Filament/Pages/Workspaces/ManagedEnvironmentOnboardingWizard.php');
});
Reference in New Issue View Git Blame Copy Permalink