ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects 1 Releases Wiki Activity
1f3619bd16
TenantAtlas/tests/Feature/Verification/ProviderExecutionReauthorizationTest.php
ahmido 5bcb4f6ab8 feat: harden queued execution legitimacy (#179) 
## Summary
- add a canonical queued execution legitimacy contract for actor-bound and system-authority operation runs
- enforce legitimacy before queued jobs transition runs to running across provider, inventory, restore, bulk, sync, and scheduled backup flows
- surface blocked execution outcomes consistently in Monitoring, notifications, audit data, and the tenantless operation viewer
- add Spec 149 artifacts and focused Pest coverage for legitimacy decisions, middleware ordering, blocked presentation, retry behavior, and cross-family adoption

## Testing
- vendor/bin/sail artisan test --compact tests/Unit/Operations/QueuedExecutionLegitimacyGateTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionMiddlewareOrderingTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Verification/ProviderExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/RunInventorySyncExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/ExecuteRestoreRunExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/SystemRunBlockedExecutionNotificationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/BulkOperationExecutionReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionRetryReauthorizationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionContractMatrixTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/OperationRunBlockedExecutionPresentationTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/QueuedExecutionAuditTrailTest.php
- vendor/bin/sail artisan test --compact tests/Feature/Operations/TenantlessOperationRunViewerTest.php
- vendor/bin/sail bin pint --dirty --format agent

## Manual validation
- validated queued provider execution blocking for tenant operability drift in the integrated browser on /admin/operations and /admin/operations/{run}
- validated 404 vs 403 route behavior for non-membership vs in-scope capability denial
- validated initiator-null blocked system-run behavior without creating a user terminal notification

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #179
2026-03-17 21:52:40 +00:00

159 lines
5.2 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Resources\ProviderConnectionResource\Pages\ListProviderConnections;
use App\Jobs\ProviderConnectionHealthCheckJob;
use App\Models\OperationRun;
use App\Models\ProviderConnection;
use App\Services\Auth\CapabilityResolver;
use App\Support\Auth\Capabilities;
use Filament\Facades\Filament;
use Illuminate\Support\Facades\Queue;
use Livewire\Livewire;
function runQueuedJobThroughMiddleware(object $job, Closure $terminal): mixed
{
$pipeline = array_reduce(
array_reverse($job->middleware()),
fn (Closure $next, object $middleware): Closure => fn (object $job): mixed => $middleware->handle($job, $next),
$terminal,
);
return $pipeline($job);
}
it('stores actor-bound execution metadata when verification is queued', function (): void {
Queue::fake();
[$user, $tenant] = createUserWithTenant(role: 'operator');
$this->actingAs($user);
$tenant->makeCurrent();
Filament::setTenant($tenant, true);
$connection = ProviderConnection::factory()->platform()->consentGranted()->create([
'tenant_id' => $tenant->getKey(),
'provider' => 'microsoft',
'entra_tenant_id' => fake()->uuid(),
'status' => 'connected',
]);
Livewire::test(ListProviderConnections::class)
->callTableAction('check_connection', $connection);
$opRun = OperationRun::query()
->where('tenant_id', $tenant->getKey())
->where('type', 'provider.connection.check')
->latest('id')
->first();
expect($opRun)->not->toBeNull()
->and($opRun?->context)->toMatchArray([
'execution_authority_mode' => 'actor_bound',
'required_capability' => 'provider.run',
'provider_connection_id' => (int) $connection->getKey(),
]);
});
it('blocks verification execution when the initiator loses provider capability before start', function (): void {
Queue::fake();
[$user, $tenant] = createUserWithTenant(role: 'operator');
$this->actingAs($user);
$tenant->makeCurrent();
Filament::setTenant($tenant, true);
$connection = ProviderConnection::factory()->platform()->consentGranted()->create([
'tenant_id' => $tenant->getKey(),
'provider' => 'microsoft',
'entra_tenant_id' => fake()->uuid(),
'status' => 'connected',
]);
Livewire::test(ListProviderConnections::class)
->callTableAction('check_connection', $connection);
$capturedJob = null;
Queue::assertPushed(ProviderConnectionHealthCheckJob::class, function (ProviderConnectionHealthCheckJob $job) use (&$capturedJob): bool {
$capturedJob = $job;
return true;
});
expect($capturedJob)->toBeInstanceOf(ProviderConnectionHealthCheckJob::class);
$user->tenantMemberships()->where('tenant_id', $tenant->getKey())->update(['role' => 'readonly']);
app(CapabilityResolver::class)->clearCache();
$terminalInvoked = false;
runQueuedJobThroughMiddleware(
$capturedJob,
function (ProviderConnectionHealthCheckJob $job) use (&$terminalInvoked): mixed {
$terminalInvoked = true;
return $job;
},
);
$capturedJob->operationRun?->refresh();
expect($terminalInvoked)->toBeFalse()
->and($capturedJob->operationRun?->outcome?->value ?? $capturedJob->operationRun?->outcome)->toBe('blocked')
->and($capturedJob->operationRun?->context['reason_code'] ?? null)->toBe('missing_capability')
->and($capturedJob->operationRun?->context['execution_legitimacy']['metadata']['required_capability'] ?? null)->toBe(Capabilities::PROVIDER_RUN);
});
it('blocks verification execution when the initiator loses tenant membership before start', function (): void {
Queue::fake();
[$user, $tenant] = createUserWithTenant(role: 'operator');
$this->actingAs($user);
$tenant->makeCurrent();
Filament::setTenant($tenant, true);
$connection = ProviderConnection::factory()->platform()->consentGranted()->create([
'tenant_id' => $tenant->getKey(),
'provider' => 'microsoft',
'entra_tenant_id' => fake()->uuid(),
'status' => 'connected',
]);
Livewire::test(ListProviderConnections::class)
->callTableAction('check_connection', $connection);
$capturedJob = null;
Queue::assertPushed(ProviderConnectionHealthCheckJob::class, function (ProviderConnectionHealthCheckJob $job) use (&$capturedJob): bool {
$capturedJob = $job;
return true;
});
expect($capturedJob)->toBeInstanceOf(ProviderConnectionHealthCheckJob::class);
$user->tenantMemberships()->where('tenant_id', $tenant->getKey())->delete();
app(CapabilityResolver::class)->clearCache();
$terminalInvoked = false;
runQueuedJobThroughMiddleware(
$capturedJob,
function (ProviderConnectionHealthCheckJob $job) use (&$terminalInvoked): mixed {
$terminalInvoked = true;
return $job;
},
);
$capturedJob->operationRun?->refresh();
expect($terminalInvoked)->toBeFalse()
->and($capturedJob->operationRun?->outcome?->value ?? $capturedJob->operationRun?->outcome)->toBe('blocked')
->and($capturedJob->operationRun?->context['reason_code'] ?? null)->toBe('initiator_not_entitled');
});
Reference in New Issue View Git Blame Copy Permalink