ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
6f8eb28ca2
TenantAtlas/tests/Feature/Filament/TenantDashboardTenantScopeTest.php
ahmido 6f8eb28ca2 feat: add tenant backup health signals (#212) 
## Summary
- add the Spec 180 tenant backup-health resolver and value objects to derive absent, stale, degraded, healthy, and schedule-follow-up posture from existing backup and schedule truth
- surface backup posture and reason-driven drillthroughs in the tenant dashboard and preserve continuity on backup-set and backup-schedule destinations
- add deterministic local/testing browser-fixture seeding plus a local fixture-login helper for the blocked drillthrough `403` scenario, along with the related spec artifacts and focused regression coverage

## Testing
- `vendor/bin/sail artisan test --compact tests/Feature/Auth/BackupHealthBrowserFixtureLoginTest.php tests/Feature/Console/TenantpilotSeedBackupHealthBrowserFixtureCommandTest.php`
- `vendor/bin/sail artisan test --compact tests/Unit/Support/BackupHealth/TenantBackupHealthResolverTest.php tests/Feature/Filament/DashboardKpisWidgetTest.php tests/Feature/Filament/NeedsAttentionWidgetTest.php tests/Feature/Filament/TenantDashboardTruthAlignmentTest.php tests/Feature/Filament/TenantDashboardTenantScopeTest.php tests/Feature/Filament/TenantDashboardDbOnlyTest.php tests/Feature/Filament/BackupSetListContinuityTest.php tests/Feature/Filament/BackupSetEnterpriseDetailPageTest.php tests/Feature/BackupScheduling/BackupScheduleLifecycleTest.php tests/Feature/Auth/BackupHealthBrowserFixtureLoginTest.php tests/Feature/Console/TenantpilotSeedBackupHealthBrowserFixtureCommandTest.php`

## Notes
- Filament v5 / Livewire v4 compliant; no panel-provider change was needed, so `bootstrap/providers.php` remains unchanged
- no new globally searchable resource was introduced, so global-search behavior is unchanged
- no new destructive action was added; existing destructive actions and confirmation behavior remain unchanged
- no new asset registration was added; the existing deploy-time `php artisan filament:assets` step remains sufficient
- the local fixture login helper route is limited to `local` and `testing` environments
- the focused and broader Spec 180 packs are green; the full suite was not rerun after these changes

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #212
2026-04-07 21:35:58 +00:00

106 lines
3.5 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Pages\TenantDashboard;
use App\Filament\Resources\BackupSetResource;
use App\Filament\Widgets\Dashboard\DashboardKpis;
use App\Filament\Widgets\Dashboard\NeedsAttention;
use App\Models\BackupItem;
use App\Models\BackupSet;
use App\Models\Finding;
use App\Models\InventoryItem;
use App\Models\OperationRun;
use App\Models\Tenant;
use App\Services\Auth\CapabilityResolver;
use App\Support\Auth\Capabilities;
use App\Support\Rbac\UiTooltips;
use Filament\Facades\Filament;
use Illuminate\Support\Facades\Gate;
use Livewire\Livewire;
use function Pest\Laravel\mock;
it('does not leak data across tenants on the dashboard', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$otherTenant = Tenant::factory()->create();
InventoryItem::factory()->create([
'tenant_id' => $otherTenant->getKey(),
'external_id' => 'other-tenant-finding',
'display_name' => 'Other Tenant Policy',
]);
Finding::factory()->create([
'tenant_id' => $otherTenant->getKey(),
'finding_type' => Finding::FINDING_TYPE_DRIFT,
'subject_external_id' => 'other-tenant-finding',
]);
OperationRun::factory()->create([
'tenant_id' => $otherTenant->getKey(),
'type' => 'inventory_sync',
'status' => 'running',
'outcome' => 'pending',
'initiator_name' => 'System',
]);
$this->actingAs($user);
$this->get(TenantDashboard::getUrl(tenant: $tenant))
->assertOk()
->assertDontSee('Other Tenant Policy');
});
it('keeps backup summary truth visible on the dashboard while blocked backup drill-through routes still fail with 403', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner', ensureDefaultMicrosoftProviderConnection: false);
$this->actingAs($user);
$backupSet = BackupSet::factory()->for($tenant)->create([
'name' => 'Stale scoped backup',
'item_count' => 1,
'completed_at' => now()->subDays(2),
]);
BackupItem::factory()->for($tenant)->for($backupSet)->create([
'payload' => ['id' => 'policy-stale'],
'metadata' => [],
'assignments' => [],
]);
Gate::define(Capabilities::TENANT_VIEW, fn (): bool => false);
mock(CapabilityResolver::class, function ($mock) use ($tenant): void {
$mock->shouldReceive('isMember')
->andReturnUsing(static fn ($user, Tenant $resolvedTenant): bool => (int) $resolvedTenant->getKey() === (int) $tenant->getKey());
$mock->shouldReceive('can')
->andReturnUsing(static function ($user, Tenant $resolvedTenant, string $capability) use ($tenant): bool {
expect((int) $resolvedTenant->getKey())->toBe((int) $tenant->getKey());
return match ($capability) {
Capabilities::TENANT_VIEW => false,
default => true,
};
});
});
Filament::setCurrentPanel(Filament::getPanel('tenant'));
Filament::setTenant($tenant, true);
Livewire::test(NeedsAttention::class)
->assertSee('Latest backup is stale')
->assertSee(UiTooltips::INSUFFICIENT_PERMISSION)
->assertSee('Open latest backup');
Livewire::test(DashboardKpis::class)
->assertSee('Backup posture')
->assertSee('Stale');
$this->get(TenantDashboard::getUrl(tenant: $tenant))
->assertOk();
$this->get(BackupSetResource::getUrl('index', tenant: $tenant))
->assertForbidden();
});
Reference in New Issue View Git Blame Copy Permalink