ahmido
4699f13a72
## Summary - replace the inventory dependency GET/apply flow with an embedded native Filament `TableComponent` - convert tenant required permissions and evidence overview to native page-owned Filament tables with mount-only query seeding and preserved scope authority - extend focused Pest, Livewire, RBAC, and guard coverage, and update the Spec 196 artifacts and release close-out notes ## Verification - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/InventoryItemDependenciesTest.php tests/Feature/Filament/InventoryItemDependencyEdgesTableTest.php tests/Feature/Rbac/TenantRequiredPermissionsTrustedStateTest.php tests/Feature/Filament/TenantRequiredPermissionsPageTest.php tests/Feature/Evidence/EvidenceOverviewPageTest.php tests/Feature/Filament/EvidenceOverviewDerivedStateMemoizationTest.php tests/Feature/Guards/FilamentTableStandardsGuardTest.php tests/Unit/TenantRequiredPermissionsFilteringTest.php tests/Unit/TenantRequiredPermissionsOverallStatusTest.php tests/Unit/TenantRequiredPermissionsFeatureImpactTest.php tests/Unit/TenantRequiredPermissionsFreshnessTest.php tests/Unit/TenantRequiredPermissionsCopyPayloadTest.php` (`45` tests, `177` assertions) - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` - integrated-browser smoke on localhost for inventory detail dependencies, tenant required permissions, and evidence overview Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #236
180 lines
7.6 KiB
PHP
180 lines
7.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Pages\Monitoring\EvidenceOverview;
|
|
use App\Filament\Resources\EvidenceSnapshotResource;
|
|
use App\Models\EvidenceSnapshot;
|
|
use App\Models\Tenant;
|
|
use App\Support\Evidence\EvidenceCompletenessState;
|
|
use App\Support\Evidence\EvidenceSnapshotStatus;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
use Filament\Facades\Filament;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Livewire\Livewire;
|
|
use Tests\Feature\Concerns\BuildsGovernanceArtifactTruthFixtures;
|
|
|
|
uses(RefreshDatabase::class, BuildsGovernanceArtifactTruthFixtures::class);
|
|
|
|
it('shows only authorized tenant rows on the workspace evidence overview', function (): void {
|
|
$tenantA = Tenant::factory()->create();
|
|
[$user, $tenantA] = createUserWithTenant(tenant: $tenantA, role: 'owner');
|
|
$tenantB = Tenant::factory()->create(['workspace_id' => (int) $tenantA->workspace_id]);
|
|
createUserWithTenant(tenant: $tenantB, user: $user, role: 'owner');
|
|
|
|
$foreignWorkspaceTenant = Tenant::factory()->create();
|
|
|
|
foreach ([
|
|
[$tenantA, EvidenceCompletenessState::Complete->value],
|
|
[$tenantB, EvidenceCompletenessState::Partial->value],
|
|
[$foreignWorkspaceTenant, EvidenceCompletenessState::Missing->value],
|
|
] as [$tenant, $state]) {
|
|
EvidenceSnapshot::query()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'status' => EvidenceSnapshotStatus::Active->value,
|
|
'completeness_state' => $state,
|
|
'summary' => [
|
|
'missing_dimensions' => $state === EvidenceCompletenessState::Missing->value ? 2 : 0,
|
|
'stale_dimensions' => 0,
|
|
],
|
|
'generated_at' => now(),
|
|
]);
|
|
}
|
|
|
|
Filament::setTenant(null, true);
|
|
|
|
$this->actingAs($user)
|
|
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenantA->workspace_id])
|
|
->get(route('admin.evidence.overview'))
|
|
->assertOk()
|
|
->assertSee('Artifact truth')
|
|
->assertSee($tenantA->name)
|
|
->assertSee($tenantB->name)
|
|
->assertDontSee($foreignWorkspaceTenant->name)
|
|
->assertDontSee('Monitoring landing')
|
|
->assertDontSee('Navigation lane')
|
|
->assertDontSee('Focused review lane');
|
|
});
|
|
|
|
it('returns 404 for users without workspace membership on the evidence overview', function (): void {
|
|
$workspaceTenant = Tenant::factory()->create();
|
|
$user = App\Models\User::factory()->create();
|
|
|
|
Filament::setTenant(null, true);
|
|
|
|
$this->actingAs($user)
|
|
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspaceTenant->workspace_id])
|
|
->get(route('admin.evidence.overview'))
|
|
->assertNotFound();
|
|
});
|
|
|
|
it('applies the entitled tenant prefilter on the workspace evidence overview', function (): void {
|
|
$tenantA = Tenant::factory()->create();
|
|
[$user, $tenantA] = createUserWithTenant(tenant: $tenantA, role: 'owner');
|
|
$tenantB = Tenant::factory()->create(['workspace_id' => (int) $tenantA->workspace_id]);
|
|
createUserWithTenant(tenant: $tenantB, user: $user, role: 'owner');
|
|
|
|
$snapshots = [];
|
|
|
|
foreach ([[$tenantA, EvidenceCompletenessState::Complete->value], [$tenantB, EvidenceCompletenessState::Partial->value]] as [$tenant, $state]) {
|
|
$snapshots[(int) $tenant->getKey()] = EvidenceSnapshot::query()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'status' => EvidenceSnapshotStatus::Active->value,
|
|
'completeness_state' => $state,
|
|
'summary' => ['missing_dimensions' => 0, 'stale_dimensions' => 0],
|
|
'generated_at' => now(),
|
|
]);
|
|
}
|
|
|
|
Filament::setTenant(null, true);
|
|
|
|
$this->actingAs($user)
|
|
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenantA->workspace_id])
|
|
->get(route('admin.evidence.overview', ['tenant_id' => (int) $tenantB->getKey()]))
|
|
->assertOk()
|
|
->assertSee(EvidenceSnapshotResource::getUrl('view', ['record' => $snapshots[(int) $tenantB->getKey()]], tenant: $tenantB), false)
|
|
->assertDontSee(EvidenceSnapshotResource::getUrl('view', ['record' => $snapshots[(int) $tenantA->getKey()]], tenant: $tenantA), false);
|
|
});
|
|
|
|
it('shows stale evidence burden and a create-review next step on the overview', function (): void {
|
|
$staleTenant = Tenant::factory()->create(['name' => 'Stale Tenant']);
|
|
[$user, $staleTenant] = createUserWithTenant(tenant: $staleTenant, role: 'owner');
|
|
|
|
$freshTenant = Tenant::factory()->create([
|
|
'workspace_id' => (int) $staleTenant->workspace_id,
|
|
'name' => 'Fresh Tenant',
|
|
]);
|
|
createUserWithTenant(tenant: $freshTenant, user: $user, role: 'owner');
|
|
|
|
$staleSnapshot = $this->makeStaleArtifactTruthEvidenceSnapshot($staleTenant);
|
|
$freshSnapshot = $this->makeArtifactTruthEvidenceSnapshot($freshTenant);
|
|
|
|
Filament::setTenant(null, true);
|
|
|
|
$this->actingAs($user)
|
|
->withSession([WorkspaceContext::SESSION_KEY => (int) $staleTenant->workspace_id])
|
|
->get(route('admin.evidence.overview'))
|
|
->assertOk()
|
|
->assertSee($staleTenant->name)
|
|
->assertSee($freshTenant->name)
|
|
->assertSee('Refresh the stale evidence before relying on this snapshot')
|
|
->assertSee('Create a current review from this evidence snapshot')
|
|
->assertSee(EvidenceSnapshotResource::getUrl('view', ['record' => $staleSnapshot], tenant: $staleTenant), false)
|
|
->assertSee(EvidenceSnapshotResource::getUrl('view', ['record' => $freshSnapshot], tenant: $freshTenant), false);
|
|
});
|
|
|
|
it('seeds the native entitled-tenant prefilter once and clears it through the page action', function (): void {
|
|
$tenantA = Tenant::factory()->create();
|
|
[$user, $tenantA] = createUserWithTenant(tenant: $tenantA, role: 'owner');
|
|
|
|
$tenantB = Tenant::factory()->create([
|
|
'workspace_id' => (int) $tenantA->workspace_id,
|
|
]);
|
|
createUserWithTenant(tenant: $tenantB, user: $user, role: 'owner');
|
|
|
|
$snapshotA = EvidenceSnapshot::query()->create([
|
|
'tenant_id' => (int) $tenantA->getKey(),
|
|
'workspace_id' => (int) $tenantA->workspace_id,
|
|
'status' => EvidenceSnapshotStatus::Active->value,
|
|
'completeness_state' => EvidenceCompletenessState::Complete->value,
|
|
'summary' => ['missing_dimensions' => 0, 'stale_dimensions' => 0],
|
|
'generated_at' => now(),
|
|
]);
|
|
|
|
$snapshotB = EvidenceSnapshot::query()->create([
|
|
'tenant_id' => (int) $tenantB->getKey(),
|
|
'workspace_id' => (int) $tenantB->workspace_id,
|
|
'status' => EvidenceSnapshotStatus::Active->value,
|
|
'completeness_state' => EvidenceCompletenessState::Partial->value,
|
|
'summary' => ['missing_dimensions' => 1, 'stale_dimensions' => 0],
|
|
'generated_at' => now(),
|
|
]);
|
|
|
|
$this->actingAs($user);
|
|
setAdminPanelContext();
|
|
Filament::setTenant(null, true);
|
|
session()->put(WorkspaceContext::SESSION_KEY, (int) $tenantA->workspace_id);
|
|
|
|
$component = Livewire::withQueryParams([
|
|
'tenant_id' => (string) $tenantB->getKey(),
|
|
'search' => $tenantB->name,
|
|
])->test(EvidenceOverview::class);
|
|
|
|
$component
|
|
->assertSet('tableFilters.tenant_id.value', (string) $tenantB->getKey())
|
|
->assertSet('tableSearch', $tenantB->name)
|
|
->assertCanSeeTableRecords([(string) $snapshotB->getKey()])
|
|
->assertCanNotSeeTableRecords([(string) $snapshotA->getKey()]);
|
|
|
|
$component
|
|
->callAction('clear_filters')
|
|
->assertSet('tableFilters.tenant_id.value', null)
|
|
->assertSet('tableSearch', '')
|
|
->assertCanSeeTableRecords([
|
|
(string) $snapshotA->getKey(),
|
|
(string) $snapshotB->getKey(),
|
|
]);
|
|
});
|