3b1dd98f52
This commit introduces a comprehensive Role-Based Access Control (RBAC) system for TenantAtlas. - Implements authentication via Microsoft Entra ID (OIDC). - Manages authorization on a per-Suite-Tenant basis using a table. - Follows a capabilities-first approach, using Gates and Policies. - Includes a break-glass mechanism for platform superadmins. - Adds policies for bootstrapping tenants and managing admin responsibilities.
16 lines
409 B
PHP
16 lines
409 B
PHP
<?php
|
|
|
|
use App\Services\Auth\RoleCapabilityMap;
|
|
use App\Support\Auth\Capabilities;
|
|
use App\Support\TenantRole;
|
|
|
|
it('role map only references registry entries', function () {
|
|
$registry = Capabilities::all();
|
|
|
|
foreach (TenantRole::cases() as $role) {
|
|
foreach (RoleCapabilityMap::getCapabilities($role) as $capability) {
|
|
expect($registry)->toContain($capability);
|
|
}
|
|
}
|
|
});
|