ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
797728a243
TenantAtlas/tests/Feature/ProviderConnections/ProviderConnectionAuthorizationSpec081Test.php
Ahmed Darrazi 051db1842d feat(107): implement Workspace Chooser v1 — all 40 tasks complete 
Spec 107: Workspace Chooser v1 (Enterprise) + In-App Switch Entry Point

## Core changes
- Refactor EnsureWorkspaceSelected middleware: 7-step algorithm with
  auto-resume (single membership + last_workspace_id), stale session
  detection, ?choose=1 forced chooser, workspace-optional path bypass
- Create WorkspaceRedirectResolver for DRY tenant-count branching
  (0→managed-tenants, 1→tenant-dashboard, >1→choose-tenant)
- Add WorkspaceAutoSelected + WorkspaceSelected audit enum cases
- Rewrite ChooseWorkspace page: role badges, tenant counts,
  wire:click selection, audit logging, WorkspaceRedirectResolver
- Add 'Switch workspace' user menu item in AdminPanelProvider
- Rewrite SwitchWorkspaceController with audit + resolver
- Replace inline tenant branching in routes/web.php with resolver

## New test files (6)
- WorkspaceRedirectResolverTest (5 tests
Spec 107: Workspace Chooser v1 (Enterprise) + In-App Switch Entry Point

## Core changes
- Refactor EnsureWorkspaceSelected middleware: 7-step algorithmst
## Core changes
- Refactor EnsureWorkspaceSelected middleware: 7-stepes - Refactor Ensng  auto-resume (single membership + last_workspace_id), stale sessioid  detection, ?choose=1 forced chooser, w (security invariant preserve- Create WorkspaceRedirectResolver for DRY tenant-count branching

  (0→managed-tenants, 1→tenant-dashboapped (8163 assertions)
2026-02-22 17:19:19 +01:00

60 lines
1.9 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Resources\ProviderConnectionResource;
use App\Models\ProviderConnection;
use App\Models\Tenant;
use App\Models\User;
use App\Support\Workspaces\WorkspaceContext;
it('Spec081 redirects non-members on provider connection management routes', function (): void {
$tenant = Tenant::factory()->create([
'status' => 'active',
]);
$connection = ProviderConnection::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'workspace_id' => (int) $tenant->workspace_id,
]);
$user = User::factory()->create();
$this->actingAs($user)
->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
])
->get(ProviderConnectionResource::getUrl('edit', ['record' => $connection], tenant: $tenant))
->assertRedirect();
});
it('Spec081 returns 403 for members without provider manage capability', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'readonly');
$connection = ProviderConnection::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'workspace_id' => (int) $tenant->workspace_id,
]);
$this->actingAs($user)
->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
])
->get(ProviderConnectionResource::getUrl('index', tenant: $tenant))
->assertOk();
$this->actingAs($user)
->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
])
->get(ProviderConnectionResource::getUrl('create', tenant: $tenant))
->assertForbidden();
$this->actingAs($user)
->withSession([
WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id,
])
->get(ProviderConnectionResource::getUrl('edit', ['record' => $connection], tenant: $tenant))
->assertForbidden();
});
Reference in New Issue View Git Blame Copy Permalink