ahmido
9f5c99317b
## Summary - Fixes misleading “queued / running in background” message when Review Pack generation request reuses an existing ready pack (fingerprint dedupe). - Improves resilience of Filament/Livewire interactions by ensuring the Livewire intercept shim applies after Livewire initializes. - Aligns Review Pack operation notifications with Ops-UX patterns (queued + completed notifications) and removes the old ReviewPackStatusNotification. ## Key Changes - Review Pack generate action now: - Shows queued toast only when a new pack is actually created/queued. - Shows a “Review pack already available” success notification with a link when dedupe returns an existing pack. ## Tests - `vendor/bin/sail artisan test --compact tests/Feature/ReviewPack/ReviewPackGenerationTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/ReviewPack/ReviewPackResourceTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/LivewireInterceptShimTest.php` ## Notes - No global search behavior changes for ReviewPacks (still excluded). - Destructive actions remain confirmation-gated (`->requiresConfirmation()`). Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #133
69 lines
2.2 KiB
PHP
69 lines
2.2 KiB
PHP
<?php
|
|
|
|
use App\Contracts\Hardening\WriteGateInterface;
|
|
use App\Exceptions\Hardening\ProviderAccessHardeningRequired;
|
|
use App\Models\Tenant;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
beforeEach(function () {
|
|
config()->set('tenantpilot.hardening.intune_write_gate.enabled', true);
|
|
config()->set('tenantpilot.hardening.intune_write_gate.freshness_threshold_hours', 24);
|
|
});
|
|
|
|
test('gate blocks when rbac_status is null', function () {
|
|
$tenant = Tenant::factory()->create([
|
|
'rbac_status' => null,
|
|
'rbac_last_checked_at' => null,
|
|
]);
|
|
|
|
$gate = app(WriteGateInterface::class);
|
|
|
|
expect(fn () => $gate->evaluate($tenant, 'restore.execute'))
|
|
->toThrow(ProviderAccessHardeningRequired::class);
|
|
|
|
try {
|
|
$gate->evaluate($tenant, 'restore.execute');
|
|
} catch (ProviderAccessHardeningRequired $e) {
|
|
expect($e->reasonCode)->toBe('intune_rbac.not_configured')
|
|
->and($e->tenantId)->toBe((int) $tenant->getKey())
|
|
->and($e->operationType)->toBe('restore.execute');
|
|
}
|
|
});
|
|
|
|
test('gate blocks when rbac_status is not_configured', function () {
|
|
$tenant = Tenant::factory()->create([
|
|
'rbac_status' => 'not_configured',
|
|
'rbac_last_checked_at' => null,
|
|
]);
|
|
|
|
$gate = app(WriteGateInterface::class);
|
|
|
|
try {
|
|
$gate->evaluate($tenant, 'restore.execute');
|
|
$this->fail('Expected ProviderAccessHardeningRequired to be thrown');
|
|
} catch (ProviderAccessHardeningRequired $e) {
|
|
expect($e->reasonCode)->toBe('intune_rbac.not_configured')
|
|
->and($e->tenantId)->toBe((int) $tenant->getKey());
|
|
}
|
|
});
|
|
|
|
test('wouldBlock returns true when rbac_status is null', function () {
|
|
$tenant = Tenant::factory()->create([
|
|
'rbac_status' => null,
|
|
'rbac_last_checked_at' => null,
|
|
]);
|
|
|
|
expect(app(WriteGateInterface::class)->wouldBlock($tenant))->toBeTrue();
|
|
});
|
|
|
|
test('wouldBlock returns true when rbac_status is not_configured', function () {
|
|
$tenant = Tenant::factory()->create([
|
|
'rbac_status' => 'not_configured',
|
|
'rbac_last_checked_at' => null,
|
|
]);
|
|
|
|
expect(app(WriteGateInterface::class)->wouldBlock($tenant))->toBeTrue();
|
|
});
|