ab0ffff1d1
- Canonical /admin/onboarding entry point; legacy routes 404\n- Tenantless run viewer at /admin/operations/{run} with membership-based 404\n- RBAC UX (disabled controls + tooltips) and server-side 403\n- DB-only rendering/refresh; contract registry enforced\n- Adds migrations + tests + spec artifacts
36 lines
1.0 KiB
PHP
36 lines
1.0 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\User;
|
|
use App\Models\Workspace;
|
|
use App\Models\WorkspaceMembership;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
|
|
it('returns 404 for legacy onboarding entry points (no redirects)', function (): void {
|
|
$user = User::factory()->create();
|
|
|
|
$this->actingAs($user);
|
|
|
|
$this->get('/admin/register-tenant')->assertNotFound();
|
|
$this->get('/admin/managed-tenants/onboarding')->assertNotFound();
|
|
$this->get('/admin/new')->assertNotFound();
|
|
});
|
|
|
|
it('returns 404 for the legacy workspace-scoped onboarding route', function (): void {
|
|
$workspace = Workspace::factory()->create();
|
|
$user = User::factory()->create();
|
|
|
|
WorkspaceMembership::factory()->create([
|
|
'workspace_id' => (int) $workspace->getKey(),
|
|
'user_id' => (int) $user->getKey(),
|
|
'role' => 'owner',
|
|
]);
|
|
|
|
session()->put(WorkspaceContext::SESSION_KEY, (int) $workspace->getKey());
|
|
|
|
$this->actingAs($user)
|
|
->get("/admin/w/{$workspace->getKey()}/managed-tenants/onboarding")
|
|
->assertNotFound();
|
|
});
|