ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
73a879d061
TenantAtlas/app/Filament/Widgets/Dashboard/RecentDriftFindings.php
ahmido 73a879d061 feat: implement spec 147 tenant context enforcement (#176) 
## Summary
- implement Spec 147 for workspace-first tenant selector and remembered tenant context enforcement
- harden canonical and tenant-bound route behavior so selected tenant mismatch stays informational
- fix drift finding subject fallback for workspace-safe RBAC identifiers and centralize finding subject resolution

## Testing
- vendor/bin/sail artisan test --compact tests/Feature/Filament/FindingViewRbacEvidenceTest.php tests/Feature/Findings/FindingsListDefaultsTest.php
- vendor/bin/sail bin pint --dirty --format agent

## Notes
- branch pushed at de0679cd8b
- includes the spec artifacts under specs/147-tenant-selector-remembered-context-enforcement/

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #176
2026-03-16 22:52:58 +00:00

95 lines
3.9 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Filament\Widgets\Dashboard;
use App\Filament\Resources\FindingResource;
use App\Models\Finding;
use App\Models\Tenant;
use App\Support\Badges\BadgeDomain;
use App\Support\Badges\BadgeRenderer;
use App\Support\OpsUx\ActiveRuns;
use Filament\Facades\Filament;
use Filament\Tables\Columns\TextColumn;
use Filament\Tables\Table;
use Filament\Widgets\TableWidget;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Support\Arr;
class RecentDriftFindings extends TableWidget
{
protected int|string|array $columnSpan = 'full';
public function table(Table $table): Table
{
$tenant = Filament::getTenant();
return $table
->heading('Recent Drift Findings')
->query($this->getQuery())
->poll(fn (): ?string => ($tenant instanceof Tenant) && ActiveRuns::existForTenant($tenant) ? '10s' : null)
->defaultSort('created_at', 'desc')
->paginated(\App\Support\Filament\TablePaginationProfiles::widget())
->columns([
TextColumn::make('short_id')
->label('ID')
->state(fn (Finding $record): string => '#'.$record->getKey())
->copyable()
->copyableState(fn (Finding $record): string => (string) $record->getKey()),
TextColumn::make('subject_display_name')
->label('Subject')
->placeholder('—')
->limit(40)
->state(fn (Finding $record): ?string => $record->resolvedSubjectDisplayName())
->description(function (Finding $record): ?string {
if (Arr::get($record->evidence_jsonb ?? [], 'summary.kind') !== 'rbac_role_definition') {
return null;
}
return __('findings.drift.rbac_role_definition');
})
->tooltip(fn (Finding $record): ?string => $record->resolvedSubjectDisplayName()),
TextColumn::make('severity')
->badge()
->sortable()
->formatStateUsing(BadgeRenderer::label(BadgeDomain::FindingSeverity))
->color(BadgeRenderer::color(BadgeDomain::FindingSeverity))
->icon(BadgeRenderer::icon(BadgeDomain::FindingSeverity))
->iconColor(BadgeRenderer::iconColor(BadgeDomain::FindingSeverity)),
TextColumn::make('status')
->badge()
->sortable()
->toggleable(isToggledHiddenByDefault: true)
->formatStateUsing(BadgeRenderer::label(BadgeDomain::FindingStatus))
->color(BadgeRenderer::color(BadgeDomain::FindingStatus))
->icon(BadgeRenderer::icon(BadgeDomain::FindingStatus))
->iconColor(BadgeRenderer::iconColor(BadgeDomain::FindingStatus)),
TextColumn::make('created_at')
->label('Created')
->sortable()
->since(),
])
->recordUrl(fn (Finding $record): ?string => $tenant instanceof Tenant
? FindingResource::getUrl('view', ['record' => $record], tenant: $tenant)
: null)
->emptyStateHeading('No drift findings')
->emptyStateDescription('You\'re looking good — no drift findings to review yet.');
}
/**
* @return Builder<Finding>
*/
private function getQuery(): Builder
{
$tenant = Filament::getTenant();
$tenantId = $tenant instanceof Tenant ? $tenant->getKey() : null;
return Finding::query()
->withSubjectDisplayName()
->when($tenantId, fn (Builder $query) => $query->where('tenant_id', $tenantId))
->where('finding_type', Finding::FINDING_TYPE_DRIFT)
->latest('created_at');
}
}
Reference in New Issue View Git Blame Copy Permalink