39 lines
1.2 KiB
PHP
39 lines
1.2 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\Tenant;
|
|
use App\Models\User;
|
|
use App\Models\Workspace;
|
|
use App\Models\WorkspaceMembership;
|
|
|
|
it('returns 403 for a member without managed-tenant manage capability when accessing edit', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$user] = createUserWithTenant($tenant, role: 'readonly');
|
|
|
|
$this->actingAs($user)
|
|
->get("/admin/t/{$tenant->external_id}/tenants/{$tenant->id}/edit")
|
|
->assertForbidden();
|
|
});
|
|
|
|
it('returns 404 for a non-member attempting to access a workspace managed-tenant list', function (): void {
|
|
$workspace = Workspace::factory()->create();
|
|
Tenant::factory()->create(['workspace_id' => $workspace->getKey()]);
|
|
|
|
$user = User::factory()->create();
|
|
|
|
$otherWorkspace = Workspace::factory()->create();
|
|
|
|
WorkspaceMembership::factory()->create([
|
|
'workspace_id' => $otherWorkspace->getKey(),
|
|
'user_id' => $user->getKey(),
|
|
'role' => 'readonly',
|
|
]);
|
|
|
|
$user->forceFill(['last_workspace_id' => $otherWorkspace->getKey()])->save();
|
|
|
|
$this->actingAs($user)
|
|
->get('/admin/w/'.$workspace->slug.'/managed-tenants')
|
|
->assertNotFound();
|
|
});
|