ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
0987527d0e
TenantAtlas/apps/platform/tests/Feature/Workspaces/ChooseEnvironmentPageTest.php
ahmido e0c2cdb1f4 feat: enforce workspace and environment scope contract (Spec 338) (#409) 
## Summary
- enforce the canonical workspace/environment scope contract for workspace hubs and environment-owned surfaces
- replace first-party Operations deep links that leaked Filament `tableFilters[...]` internals with stable product-level query behavior
- add the sidebar scope indicator and split environment-page navigation into explicit `Workspace-wide` and `Workspace admin` groups
- remove redundant tenantless `All environments` scope badges from workspace-wide pages while preserving explicit environment filter affordances
- include the Spec 338 artifacts, guard tests, and browser smoke coverage for the new contract

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Navigation/Spec338EnvironmentSidebarSeparationTest.php tests/Feature/Navigation/Spec338OperationRunLinksQueryContractTest.php tests/Feature/Navigation/Spec338SidebarScopeIndicatorTest.php tests/Feature/Filament/PanelNavigationSegregationTest.php`
- `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec338ScopeContractSmokeTest.php --compact`

## Notes
- Livewire v4 compliance unchanged
- Filament provider registration remains in `bootstrap/providers.php`
- no destructive action behavior changed
- no migrations, env var changes, or new Filament asset registration

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #409
2026-05-31 01:36:08 +00:00

149 lines
7.0 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Pages\EnvironmentDashboard;
use App\Filament\Resources\EvidenceSnapshotResource;
use App\Models\ManagedEnvironment;
use App\Support\Workspaces\WorkspaceContext;
use Filament\Facades\Filament;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('shows only active tenants and no-tenant helper copy on the choose-environment page', function (): void {
$activeEnvironment = ManagedEnvironment::factory()->active()->create(['name' => 'Choose Active ManagedEnvironment']);
[$user, $activeEnvironment] = createUserWithTenant(tenant: $activeEnvironment, role: 'owner');
$otherActiveTenant = ManagedEnvironment::factory()->active()->create([
'workspace_id' => (int) $activeEnvironment->workspace_id,
'name' => 'Choose Other Active ManagedEnvironment',
]);
$onboardingTenant = ManagedEnvironment::factory()->onboarding()->create([
'workspace_id' => (int) $activeEnvironment->workspace_id,
'name' => 'Choose Onboarding ManagedEnvironment',
]);
$archivedTenant = ManagedEnvironment::factory()->archived()->create([
'workspace_id' => (int) $activeEnvironment->workspace_id,
'name' => 'Choose Archived ManagedEnvironment',
]);
createUserWithTenant(tenant: $otherActiveTenant, user: $user, role: 'owner');
createUserWithTenant(tenant: $onboardingTenant, user: $user, role: 'owner', ensureDefaultMicrosoftProviderConnection: false);
createUserWithTenant(tenant: $archivedTenant, user: $user, role: 'owner', ensureDefaultMicrosoftProviderConnection: false);
Filament::setTenant(null, true);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $activeEnvironment->workspace_id])
->get('/admin/choose-environment')
->assertSuccessful()
->assertSee('Choose Active ManagedEnvironment')
->assertSee('Choose Other Active ManagedEnvironment')
->assertDontSee('Choose Onboarding ManagedEnvironment')
->assertDontSee('Choose Archived ManagedEnvironment')
->assertSee(__('localization.shell.choose_environment_description'))
->assertSee(__('localization.shell.workspace_wide_available_without_environment'));
});
it('shows a workspace-safe empty state when no selectable tenants remain', function (): void {
$onboardingTenant = ManagedEnvironment::factory()->onboarding()->create(['name' => 'Only Onboarding ManagedEnvironment']);
[$user, $onboardingTenant] = createUserWithTenant(
tenant: $onboardingTenant,
role: 'owner',
ensureDefaultMicrosoftProviderConnection: false,
);
Filament::setTenant(null, true);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $onboardingTenant->workspace_id])
->get('/admin/choose-environment')
->assertSuccessful()
->assertSee(__('localization.shell.no_active_environments'))
->assertSee(__('localization.shell.no_active_environments_description'))
->assertSee(__('localization.shell.view_managed_environments'));
});
it('keeps selector eligibility narrower than managed-tenant administrative discoverability', function (): void {
$activeEnvironment = ManagedEnvironment::factory()->active()->create(['name' => 'Selector Active ManagedEnvironment']);
[$user, $activeEnvironment] = createUserWithTenant(tenant: $activeEnvironment, role: 'owner', ensureDefaultMicrosoftProviderConnection: false);
$onboardingTenant = ManagedEnvironment::factory()->onboarding()->create([
'workspace_id' => (int) $activeEnvironment->workspace_id,
'name' => 'Selector Onboarding ManagedEnvironment',
]);
$archivedTenant = ManagedEnvironment::factory()->archived()->create([
'workspace_id' => (int) $activeEnvironment->workspace_id,
'name' => 'Selector Archived ManagedEnvironment',
]);
createUserWithTenant(tenant: $onboardingTenant, user: $user, role: 'owner', workspaceRole: 'owner', ensureDefaultMicrosoftProviderConnection: false);
createUserWithTenant(tenant: $archivedTenant, user: $user, role: 'owner', workspaceRole: 'owner', ensureDefaultMicrosoftProviderConnection: false);
Filament::setTenant(null, true);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $activeEnvironment->workspace_id])
->get('/admin/choose-environment')
->assertSuccessful()
->assertSee('Selector Active ManagedEnvironment')
->assertDontSee('Selector Onboarding ManagedEnvironment')
->assertDontSee('Selector Archived ManagedEnvironment');
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $activeEnvironment->workspace_id])
->get(route('admin.workspace.managed-environments.index', ['workspace' => $activeEnvironment->workspace]))
->assertSuccessful()
->assertSee('Selector Active ManagedEnvironment')
->assertSee('Selector Onboarding ManagedEnvironment')
->assertSee('Selector Archived ManagedEnvironment');
});
it('redirects clear selected tenant from tenant-bound pages back to a workspace-safe managed-tenants page', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant($tenant, true);
$this->actingAs($user)
->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
WorkspaceContext::LAST_ENVIRONMENT_IDS_SESSION_KEY => [
(string) $tenant->workspace_id => (int) $tenant->getKey(),
],
])
->from(EnvironmentDashboard::getUrl(tenant: $tenant))
->post(route('admin.clear-environment-context'))
->assertRedirect(route('admin.workspace.managed-environments.index', ['workspace' => $tenant->workspace]));
$this->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
])->get(route('admin.operations.index', ['workspace' => $tenant->workspace]))
->assertSuccessful()
->assertDontSee(__('localization.shell.all_environments'));
});
it('redirects clear selected tenant from the evidence index to the workspace-safe evidence overview', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant($tenant, true);
$evidenceIndexPath = (string) parse_url(EvidenceSnapshotResource::getUrl('index', tenant: $tenant, panel: 'admin'), PHP_URL_PATH);
$this->actingAs($user)
->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
WorkspaceContext::LAST_ENVIRONMENT_IDS_SESSION_KEY => [
(string) $tenant->workspace_id => (int) $tenant->getKey(),
],
])
->from($evidenceIndexPath)
->post(route('admin.clear-environment-context'))
->assertRedirect(route('admin.evidence.overview'));
$this->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
])->get(route('admin.evidence.overview'))
->assertSuccessful()
->assertSee('No evidence snapshots in this scope');
});
Reference in New Issue View Git Blame Copy Permalink