35 lines
953 B
PHP
35 lines
953 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\OnboardingSession;
|
|
use App\Models\Tenant;
|
|
use App\Models\TenantMembership;
|
|
use App\Models\User;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
it('allows readonly users to view but does not auto-create sessions', function () {
|
|
$tenant = Tenant::factory()->create(['status' => 'active']);
|
|
$onboardingUrl = "/admin/t/{$tenant->external_id}/onboarding";
|
|
|
|
$readonly = User::factory()->create();
|
|
TenantMembership::query()->create([
|
|
'tenant_id' => $tenant->getKey(),
|
|
'user_id' => $readonly->getKey(),
|
|
'role' => 'readonly',
|
|
'source' => 'manual',
|
|
'source_ref' => null,
|
|
'created_by_user_id' => null,
|
|
]);
|
|
|
|
$this->actingAs($readonly);
|
|
|
|
$this->get($onboardingUrl)
|
|
->assertSuccessful();
|
|
|
|
expect(OnboardingSession::query()->where('tenant_id', $tenant->getKey())->count())
|
|
->toBe(0);
|
|
});
|