ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
5443dba269
TenantAtlas/apps/platform/tests/Feature/Auth/SessionSeparationSmokeTest.php
Ahmed Darrazi 5443dba269
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 7m2s
Details
refactor: consolidate internal tenant model naming
2026-05-14 13:09:36 +02:00

48 lines
1.5 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Pages\EnvironmentDashboard;
use App\Models\ManagedEnvironment;
use App\Models\User;
use App\Models\Workspace;
use App\Models\WorkspaceMembership;
use App\Support\Workspaces\WorkspaceContext;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('does not allow a non-member user to access tenant-scoped admin routes', function () {
[$member, $tenant] = createUserWithTenant(
tenant: ManagedEnvironment::factory()->create(['status' => 'active']),
user: User::factory()->create(),
role: 'owner',
);
$workspace = Workspace::query()->whereKey($tenant->workspace_id)->firstOrFail();
$nonMember = User::factory()->create();
WorkspaceMembership::factory()->create([
'workspace_id' => $workspace->getKey(),
'user_id' => $nonMember->getKey(),
'role' => 'owner',
]);
createUserWithTenant(
tenant: ManagedEnvironment::factory()->create(['workspace_id' => (int) $workspace->getKey()]),
user: $nonMember,
role: 'owner',
);
$this->actingAs($nonMember)
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspace->getKey()])
->get(EnvironmentDashboard::getUrl(tenant: $tenant))
->assertNotFound();
$this->actingAs($member)
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspace->getKey()])
->get(EnvironmentDashboard::getUrl(tenant: $tenant))
->assertSuccessful();
$this->get('/system')->assertNotFound();
});
Reference in New Issue View Git Blame Copy Permalink