875528cd35
Implements Spec 114 System Console Control Tower pages, widgets, triage actions, directory views, and enterprise polish (badges, repair workspace owners table, health indicator).
51 lines
1.5 KiB
PHP
51 lines
1.5 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\PlatformUser;
|
|
use App\Models\User;
|
|
use App\Support\Auth\PlatformCapabilities;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Illuminate\Support\Str;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
it('returns 404 for tenant-guard access to representative /system urls', function (string $url) {
|
|
$tenantUser = User::factory()->create();
|
|
|
|
$this->actingAs($tenantUser)->get($url)->assertNotFound();
|
|
})->with([
|
|
'/system/login',
|
|
'/system',
|
|
'/system/ops/runbooks',
|
|
'/system/ops/runs',
|
|
]);
|
|
|
|
it('returns 403 for platform users missing required system page capabilities', function (string $url, array $capabilities) {
|
|
$platformUser = PlatformUser::factory()->create([
|
|
'capabilities' => $capabilities,
|
|
'is_active' => true,
|
|
]);
|
|
|
|
$this->actingAs($platformUser, 'platform')
|
|
->get($url)
|
|
->assertForbidden();
|
|
})->with([
|
|
['/system', []],
|
|
['/system/ops/runbooks', [PlatformCapabilities::ACCESS_SYSTEM_PANEL]],
|
|
['/system/ops/runs', [PlatformCapabilities::ACCESS_SYSTEM_PANEL]],
|
|
]);
|
|
|
|
it('uses a distinct session cookie name for /system versus /admin', function () {
|
|
$systemCookieName = Str::slug((string) config('app.name', 'laravel')).'-system-session';
|
|
$adminCookieName = (string) config('session.cookie');
|
|
|
|
expect($systemCookieName)->not->toBe($adminCookieName);
|
|
|
|
$this->get('/system/login')
|
|
->assertSuccessful()
|
|
->assertCookie($systemCookieName);
|
|
|
|
$this->get('/admin/login')->assertSuccessful();
|
|
});
|