ahmido
3ec582a182
## Summary - retire legacy `/admin/t` and active `/admin/tenants` product surfaces in favor of canonical workspace-scoped managed-environment routes - centralize runtime URL generation through `ManagedEnvironmentLinks` and update intended URL handling to reject legacy tenant paths - remove dormant tenant panel runtime, rename test helpers to the admin environment context, and add guard coverage for route/helper regressions ## Validation - targeted Feature guard, workspace, provider connection, required permissions, and Filament test lanes run under Sail - browser smoke coverage run for provider connection and workspace RBAC environment access flows - formatting and diff checks completed with Pint and `git diff --check` ## Notes - Filament remains on v5 with Livewire v4 - provider registration stays in `apps/platform/bootstrap/providers.php` - retired tenant resource global search is disabled and destructive action confirmation rules remain unchanged Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #352
66 lines
2.6 KiB
PHP
66 lines
2.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Support\ManagedEnvironmentLinks;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
use App\Support\Workspaces\WorkspaceIntendedUrl;
|
|
use App\Support\Workspaces\WorkspaceRedirectResolver;
|
|
|
|
it('does not store retired tenant route intended URLs', function (string $path): void {
|
|
WorkspaceIntendedUrl::store($path);
|
|
|
|
expect(session()->get(WorkspaceContext::INTENDED_URL_SESSION_KEY))->toBeNull();
|
|
})->with([
|
|
'/admin/t',
|
|
'/admin/t/example',
|
|
'/admin/tenants',
|
|
'/admin/tenants/example',
|
|
'/admin/tenants/example/required-permissions',
|
|
'/admin/tenants/example/provider-connections',
|
|
]);
|
|
|
|
it('drops unsafe external intended URLs on consume', function (): void {
|
|
session()->put(WorkspaceContext::INTENDED_URL_SESSION_KEY, 'https://example.test/admin/workspaces/1/environments');
|
|
|
|
expect(WorkspaceIntendedUrl::consume())->toBeNull();
|
|
});
|
|
|
|
it('rejects retired intended URLs and falls back to the canonical environment destination', function (string $intendedUrl): void {
|
|
[$user, $tenant] = createMinimalUserWithTenant(role: 'owner');
|
|
$workspace = $tenant->workspace()->firstOrFail();
|
|
|
|
$resolved = app(WorkspaceRedirectResolver::class)->resolve($workspace, $user, $intendedUrl);
|
|
|
|
expect($resolved)->toBe(ManagedEnvironmentLinks::viewUrl($tenant))
|
|
->and($resolved)->not->toContain('/admin/tenants')
|
|
->and($resolved)->not->toContain('/admin/t/');
|
|
})->with([
|
|
'/admin/t/example',
|
|
'/admin/tenants',
|
|
'/admin/tenants/example',
|
|
'/admin/tenants/example/provider-connections',
|
|
'https://example.test/admin/tenants/example',
|
|
]);
|
|
|
|
it('normalizes legacy operations intended URL to the workspace-scoped operations route', function (): void {
|
|
[$user, $tenant] = createMinimalUserWithTenant(role: 'owner');
|
|
$workspace = $tenant->workspace()->firstOrFail();
|
|
|
|
$resolved = app(WorkspaceRedirectResolver::class)->resolve($workspace, $user, '/admin/operations?activeTab=active');
|
|
|
|
expect($resolved)->toBe(ManagedEnvironmentLinks::operationsUrl($workspace, ['activeTab' => 'active']))
|
|
->and($resolved)->toContain('/admin/workspaces/')
|
|
->and($resolved)->not->toContain('/admin/operations?');
|
|
});
|
|
|
|
it('does not preserve ambiguous legacy operation detail intended URLs', function (): void {
|
|
[$user, $tenant] = createMinimalUserWithTenant(role: 'owner');
|
|
$workspace = $tenant->workspace()->firstOrFail();
|
|
|
|
$resolved = app(WorkspaceRedirectResolver::class)->resolve($workspace, $user, '/admin/operations/123');
|
|
|
|
expect($resolved)->toBe(ManagedEnvironmentLinks::viewUrl($tenant));
|
|
});
|
|
|