TenantAtlas/apps/platform/tests/Browser/Spec332RestoreRunWizardPreviewSmokeTest.php

<?php

declare(strict_types=1);

use App\Filament\Resources\RestoreRunResource;
use App\Models\BackupItem;
use App\Models\BackupSet;
use App\Models\ManagedEnvironment;
use App\Models\Policy;
use App\Models\PolicyVersion;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;

pest()->browser()->timeout(30_000);

uses(RefreshDatabase::class);

function spec332RestoreWizardSmokeLoginUrl(User $user, ManagedEnvironment $tenant, string $redirect = ''): string
{
    return route('admin.local.smoke-login', array_filter([
        'email' => $user->email,
        'tenant' => $tenant->external_id,
        'workspace' => $tenant->workspace->slug,
        'redirect' => $redirect,
    ], static fn (?string $value): bool => filled($value)));
}

it('keeps safety gates collapsed by default on the restore preview step', function (): void {
    $tenant = ManagedEnvironment::factory()->create([
        'rbac_status' => 'ok',
        'rbac_last_checked_at' => now(),
    ]);
    [$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
    ensureDefaultProviderConnection($tenant, 'microsoft');

    $policy = Policy::create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'external_id' => 'policy-preview-1',
        'policy_type' => 'deviceConfiguration',
        'display_name' => 'Device Config Policy',
        'platform' => 'windows',
    ]);

    PolicyVersion::create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'policy_id' => (int) $policy->getKey(),
        'version_number' => 1,
        'policy_type' => $policy->policy_type,
        'platform' => $policy->platform,
        'captured_at' => now(),
        'snapshot' => [
            'foo' => 'current',
        ],
        'metadata' => [],
        'assignments' => [],
        'scope_tags' => [],
    ]);

    $backupSet = BackupSet::factory()->create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'name' => 'Spec332 Preview Backup',
        'status' => 'completed',
        'item_count' => 1,
    ]);

    $backupItem = BackupItem::factory()->create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'backup_set_id' => (int) $backupSet->getKey(),
        'policy_id' => (int) $policy->getKey(),
        'policy_identifier' => $policy->external_id,
        'policy_type' => $policy->policy_type,
        'platform' => $policy->platform,
        'captured_at' => now(),
        'payload' => [
            'foo' => 'backup',
        ],
        'assignments' => [],
        'metadata' => [],
    ]);

    bindFailHardGraphClient();

    $redirectBase = RestoreRunResource::getUrl('create', panel: 'admin', tenant: $tenant);
    $redirectPath = parse_url($redirectBase, PHP_URL_PATH) ?: '/admin';
    $redirect = $redirectPath
        .'?backup_set_id='.(int) $backupSet->getKey()
        .'&scope_mode=selected'
        .'&backup_item_ids='.(int) $backupItem->getKey();

    visit(spec332RestoreWizardSmokeLoginUrl($user, $tenant, $redirect))
        ->resize(1920, 1200)
        ->waitForText('Select Backup Set')
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs()
        ->click('Next')
        ->waitForText('Define Restore Scope')
        ->click('Next')
        ->waitForText('Run checks')
        ->click('Run checks')
        ->waitForText('No group-based assignments detected.')
        ->click('Next')
        ->waitForText('Generate preview')
        ->click('Generate preview')
        ->waitForText('Policy change preview')
        ->assertSee('Review the preview and complete confirmation before execution can be queued.')
        ->assertSee('View safety gates')
        ->assertDontSee('Hide safety gates')
        ->assertSee('Execution: Unavailable');
});