ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
66a50b84e1
TenantAtlas/apps/platform/tests/Browser/Spec412PilotReadinessRemediationSmokeTest.php
ahmido 66a50b84e1 feat: implement pilot readiness remediation pack contract (#479) 
Automated PR provided by Codex via Gitea API.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #479
2026-06-24 20:27:42 +00:00

127 lines
4.4 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Resources\FindingResource;
use App\Models\Finding;
use App\Models\ManagedEnvironment;
use App\Models\ProviderConnection;
use App\Models\User;
use App\Support\Workspaces\WorkspaceContext;
use Illuminate\Foundation\Testing\RefreshDatabase;
pest()->browser()->timeout(60_000);
uses(RefreshDatabase::class);
it('Spec412 smokes finding detail hash demotion and provider no-access clarity', function (): void {
[$operator, $environment] = createUserWithTenant(
role: 'owner',
workspaceRole: 'owner',
clearCapabilityCaches: true,
);
$finding = Finding::factory()->for($environment)->create([
'workspace_id' => (int) $environment->workspace_id,
'fingerprint' => 'spec412-browser-fingerprint-hidden',
'scope_key' => 'spec412-browser-scope-hidden',
'subject_external_id' => 'spec412-browser-subject-hidden',
'evidence_jsonb' => [
'display_name' => 'Spec412 Browser Human Finding',
'summary' => [
'source_fingerprint' => 'spec412-browser-source-hidden',
'affected_scope' => 'Human-readable pilot scope',
],
'artifact' => [
'detector_key' => 'spec412-browser-detector-hidden',
],
],
]);
spec412AuthenticateBrowser($this, $operator, $environment);
visit(FindingResource::getUrl('view', ['record' => $finding], tenant: $environment, panel: 'admin'))
->resize(1440, 1100)
->waitForText('Spec412 Browser Human Finding')
->assertSee('Technical identifiers')
->assertSee('Support identifiers stay collapsed by default and are intended for authorized troubleshooting.')
->assertSee('Evidence (Sanitized)')
->assertSee('Sanitized evidence JSON is collapsed so technical payload shape does not become default finding content.')
->assertDontSee('spec412-browser-fingerprint-hidden')
->assertDontSee('spec412-browser-scope-hidden')
->assertDontSee('spec412-browser-source-hidden')
->assertDontSee('spec412-browser-subject-hidden')
->assertNoJavaScriptErrors()
->assertNoConsoleLogs();
$connection = ProviderConnection::factory()
->platform()
->verifiedHealthy()
->create([
'workspace_id' => (int) $environment->workspace_id,
'managed_environment_id' => (int) $environment->getKey(),
'display_name' => 'Spec412 Browser Provider',
]);
[$readonly] = createUserWithTenant(
tenant: $environment,
role: 'readonly',
workspaceRole: 'readonly',
clearCapabilityCaches: true,
);
visit(spec412BrowserLoginUrl($readonly, $environment, '/admin/no-access?surface=provider-connections&reason=permission'))
->resize(1440, 1000)
->waitForText('You do not have access to provider connections.')
->assertSee('You are signed in, but your current workspace or environment role does not include provider connection access.')
->assertDontSee('You do not have access to a workspace yet.')
->assertDontSee('Ask an administrator to add you to a workspace, then sign in again.')
->assertDontSee('Spec412 Browser Provider')
->assertNoJavaScriptErrors()
->assertNoConsoleLogs();
});
function spec412AuthenticateBrowser(
mixed $test,
User $user,
ManagedEnvironment $environment,
): void {
$workspaceId = (int) $environment->workspace_id;
$session = [
WorkspaceContext::SESSION_KEY => $workspaceId,
WorkspaceContext::LAST_ENVIRONMENT_IDS_SESSION_KEY => [
(string) $workspaceId => (int) $environment->getKey(),
],
];
$test->actingAs($user)->withSession($session);
foreach ($session as $key => $value) {
session()->put($key, $value);
}
setAdminPanelContext($environment);
}
function spec412BrowserLoginUrl(User $user, ManagedEnvironment $environment, string $redirect): string
{
return route('admin.local.smoke-login', [
'email' => $user->email,
'tenant' => $environment->external_id,
'workspace' => $environment->workspace->slug,
'redirect' => spec412RelativeBrowserPath($redirect),
]);
}
function spec412RelativeBrowserPath(string $url): string
{
$parts = parse_url($url);
if ($parts === false) {
return '/admin';
}
return ($parts['path'] ?? '/admin').(isset($parts['query']) ? '?'.$parts['query'] : '');
}
Reference in New Issue View Git Blame Copy Permalink