ahmido
2bf53f6337
Some checks failed
Main Confidence / confidence (push) Failing after 44s
## Summary - enforce shared operation run link generation across admin and system surfaces - add guard coverage to block new raw operation route bypasses outside explicit exceptions - harden Filament theme asset resolution so stale or wrong-stack hot files fall back to built assets ## Testing - export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent - export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/OpsUx/CanonicalViewRunLinksTest.php tests/Feature/Monitoring/OperationsDashboardDrillthroughTest.php tests/Feature/Filament/RecentOperationsSummaryWidgetTest.php tests/Feature/Filament/InventoryCoverageRunContinuityTest.php tests/Feature/ReviewPack/ReviewPackResourceTest.php tests/Feature/144/CanonicalOperationViewerDeepLinkTrustTest.php tests/Feature/078/RelatedLinksOnDetailTest.php tests/Feature/RunAuthorizationTenantIsolationTest.php tests/Feature/System/Spec195/SystemDirectoryResidualSurfaceTest.php tests/Feature/System/Spec113/AuthorizationSemanticsTest.php tests/Feature/Guards/OperationRunLinkContractGuardTest.php tests/Unit/Filament/PanelThemeAssetTest.php Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #268
106 lines
3.9 KiB
PHP
106 lines
3.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Pages\InventoryCoverage;
|
|
use App\Filament\Resources\InventoryItemResource;
|
|
use App\Models\InventoryItem;
|
|
use App\Models\OperationRun;
|
|
use App\Models\Tenant;
|
|
use App\Support\Inventory\InventoryCoverage as InventoryCoveragePayload;
|
|
use App\Support\OperationRunLinks;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
function seedCoverageBasisRun(Tenant $tenant): OperationRun
|
|
{
|
|
return OperationRun::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'type' => 'inventory_sync',
|
|
'status' => 'completed',
|
|
'outcome' => 'failed',
|
|
'context' => [
|
|
'inventory' => [
|
|
'coverage' => InventoryCoveragePayload::buildPayload([
|
|
'deviceConfiguration' => [
|
|
'status' => InventoryCoveragePayload::StatusFailed,
|
|
'item_count' => 0,
|
|
'error_code' => 'graph_forbidden',
|
|
],
|
|
], []),
|
|
],
|
|
],
|
|
'completed_at' => now(),
|
|
]);
|
|
}
|
|
|
|
it('shows the basis run and tenant-scoped history path on the coverage report for authorized viewers', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
|
|
|
|
$run = seedCoverageBasisRun($tenant);
|
|
|
|
$historyUrl = OperationRunLinks::index($tenant, operationType: 'inventory_sync');
|
|
|
|
$this->actingAs($user)
|
|
->get(InventoryCoverage::getUrl(tenant: $tenant))
|
|
->assertOk()
|
|
->assertSee('Latest coverage-bearing sync completed')
|
|
->assertSee('Open basis run')
|
|
->assertSee(OperationRunLinks::view($run, $tenant), false)
|
|
->assertSee($historyUrl, false)
|
|
->assertSee('Review the cited inventory sync to inspect provider or permission issues in detail.');
|
|
});
|
|
|
|
it('degrades basis-run links safely for viewers who cannot open inventory-sync runs', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'readonly');
|
|
|
|
seedCoverageBasisRun($tenant);
|
|
|
|
$this->actingAs($user)
|
|
->get(InventoryCoverage::getUrl(tenant: $tenant))
|
|
->assertOk()
|
|
->assertSee('The coverage basis is current, but your role cannot open the cited run detail.')
|
|
->assertDontSee('Open basis run');
|
|
|
|
$this->actingAs($user)
|
|
->get(InventoryItemResource::getUrl('index', tenant: $tenant))
|
|
->assertOk()
|
|
->assertSee('Latest run detail is not available with your current role.')
|
|
->assertDontSee('Open basis run');
|
|
});
|
|
|
|
it('shows the last inventory sync as a canonical admin operation detail link', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
|
|
|
|
$run = OperationRun::factory()->forTenant($tenant)->create([
|
|
'type' => 'inventory_sync',
|
|
]);
|
|
|
|
$item = InventoryItem::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'last_seen_operation_run_id' => (int) $run->getKey(),
|
|
]);
|
|
|
|
$this->actingAs($user)
|
|
->get(InventoryItemResource::getUrl('view', ['record' => $item], tenant: $tenant))
|
|
->assertOk()
|
|
->assertSee('Last inventory sync')
|
|
->assertSee(OperationRunLinks::view($run, $tenant), false);
|
|
});
|
|
|
|
it('keeps the no-basis fallback explicit on the inventory items list', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
|
|
|
|
$this->actingAs($user)
|
|
->get(InventoryItemResource::getUrl('index', tenant: $tenant))
|
|
->assertOk()
|
|
->assertSee('No current result')
|
|
->assertSee('Run Inventory Sync from Inventory Items to establish current coverage truth.');
|
|
});
|