ahmido
55166cf9b8
Implements Spec 083 (Canonical Required Permissions manage surface hardening + issues-first UX).
Highlights:
- Enforces canonical route: /admin/tenants/{tenant}/required-permissions
- Legacy tenant-plane URL /admin/t/{tenant}/required-permissions stays non-existent (404)
- Deny-as-not-found (404) for non-workspace members and non-tenant-entitled users
- Strict tenant resolution (no cross-plane fallback)
- DB-only render (no external provider calls on page load)
- Issues-first layout + canonical next-step links (re-run verification -> /admin/onboarding)
- Freshness/stale detection (missing or >30 days -> warning)
Tests (Sail):
- vendor/bin/sail artisan test --compact tests/Feature/RequiredPermissions
- vendor/bin/sail artisan test --compact tests/Unit/TenantRequiredPermissionsFreshnessTest.php tests/Unit/TenantRequiredPermissionsOverallStatusTest.php
Notes:
- Filament v5 / Livewire v4 compliant.
- No destructive actions added in this spec; link-only CTAs.
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #101
35 lines
1.2 KiB
PHP
35 lines
1.2 KiB
PHP
<?php
|
|
|
|
use App\Models\TenantPermission;
|
|
|
|
it('renders required permissions overview with missing-first ordering and clickable feature cards', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'readonly');
|
|
|
|
$configured = config('intune_permissions.permissions', []);
|
|
if (! is_array($configured) || count($configured) < 2) {
|
|
test()->markTestSkipped('Need at least 2 required permissions configured.');
|
|
}
|
|
|
|
$grantedKey = (string) ($configured[0]['key'] ?? '');
|
|
$missingKey = (string) ($configured[1]['key'] ?? '');
|
|
|
|
if ($grantedKey === '' || $missingKey === '') {
|
|
test()->markTestSkipped('Configured permission keys missing.');
|
|
}
|
|
|
|
TenantPermission::create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'permission_key' => $grantedKey,
|
|
'status' => 'granted',
|
|
'details' => ['source' => 'db'],
|
|
'last_checked_at' => now(),
|
|
]);
|
|
|
|
$this->actingAs($user)
|
|
->get("/admin/tenants/{$tenant->external_id}/required-permissions")
|
|
->assertSuccessful()
|
|
->assertSee('Blocked', false)
|
|
->assertSee('applyFeatureFilter', false)
|
|
->assertSeeInOrder([$missingKey, $grantedKey], false);
|
|
});
|