ahmido
8426741068
## Summary - add explicit BaselineSnapshot lifecycle truth with conservative backfill and a shared truth resolver - block baseline compare from building, incomplete, or superseded snapshots and align workspace/tenant UI truth surfaces with effective snapshot state - surface artifact truth separately from operation outcome across baseline profile, snapshot, compare, and operation run pages ## Testing - integrated browser smoke test on the active feature surfaces - `vendor/bin/sail artisan test --compact tests/Feature/Filament/BaselineSnapshotTruthSurfaceTest.php tests/Feature/Filament/BaselineProfileCompareStartSurfaceTest.php` - targeted baseline lifecycle and compare guard coverage added in Pest - `vendor/bin/sail bin pint --dirty --format agent` ## Notes - Livewire v4 compliance preserved - no panel provider registration changes were needed; Laravel 12 providers remain in `bootstrap/providers.php` - global search remains disabled for the affected baseline resources by design - destructive actions remain confirmation-gated; capture and compare actions keep their existing authorization and confirmation behavior - no new panel assets were added; existing deploy flow for `filament:assets` is unchanged Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #189
121 lines
4.7 KiB
PHP
121 lines
4.7 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Resources\BaselineProfileResource;
|
|
use App\Filament\Resources\BaselineSnapshotResource;
|
|
use App\Models\BaselineProfile;
|
|
use App\Models\BaselineSnapshot;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
|
|
it('shows effective and latest baseline truth separately on the baseline profile detail page', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$profile = BaselineProfile::factory()->active()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'name' => 'Security Baseline',
|
|
]);
|
|
|
|
$currentSnapshot = BaselineSnapshot::factory()->complete()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
'captured_at' => now()->subHour(),
|
|
'completed_at' => now()->subHour(),
|
|
]);
|
|
|
|
$latestAttempt = BaselineSnapshot::factory()->incomplete()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
'captured_at' => now(),
|
|
]);
|
|
|
|
$profile->update(['active_snapshot_id' => (int) $currentSnapshot->getKey()]);
|
|
session()->put(WorkspaceContext::SESSION_KEY, (int) $tenant->workspace_id);
|
|
|
|
$this->actingAs($user)
|
|
->get(BaselineProfileResource::getUrl('view', ['record' => $profile], panel: 'admin'))
|
|
->assertOk()
|
|
->assertSee('Baseline truth')
|
|
->assertSee('Current snapshot')
|
|
->assertSee('Snapshot #'.$currentSnapshot->getKey().' (Complete)')
|
|
->assertSee('Latest attempt')
|
|
->assertSee('Snapshot #'.$latestAttempt->getKey().' (Incomplete)')
|
|
->assertSee('Compare readiness')
|
|
->assertSee('No eligible compare target')
|
|
->assertSee('Assign this baseline to a tenant you can compare, or use an account with access to an assigned tenant.');
|
|
});
|
|
|
|
it('shows compare readiness as ready when a consumable snapshot and eligible target tenant exist', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$profile = BaselineProfile::factory()->active()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'name' => 'Security Baseline',
|
|
]);
|
|
|
|
$currentSnapshot = BaselineSnapshot::factory()->complete()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
'captured_at' => now()->subHour(),
|
|
'completed_at' => now()->subHour(),
|
|
]);
|
|
|
|
$profile->update(['active_snapshot_id' => (int) $currentSnapshot->getKey()]);
|
|
|
|
\App\Models\BaselineTenantAssignment::factory()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
]);
|
|
|
|
session()->put(WorkspaceContext::SESSION_KEY, (int) $tenant->workspace_id);
|
|
|
|
$this->actingAs($user)
|
|
->get(BaselineProfileResource::getUrl('view', ['record' => $profile], panel: 'admin'))
|
|
->assertOk()
|
|
->assertSee('Compare readiness')
|
|
->assertSee('Ready')
|
|
->assertSee('No action needed.');
|
|
});
|
|
|
|
it('shows lifecycle and current-truth state across baseline snapshot list and detail surfaces', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$profile = BaselineProfile::factory()->active()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'name' => 'Security Baseline',
|
|
]);
|
|
|
|
$historicalSnapshot = BaselineSnapshot::factory()->complete()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
'captured_at' => now()->subDay(),
|
|
'completed_at' => now()->subDay(),
|
|
]);
|
|
|
|
$currentSnapshot = BaselineSnapshot::factory()->complete()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
'captured_at' => now(),
|
|
'completed_at' => now(),
|
|
]);
|
|
|
|
$profile->update(['active_snapshot_id' => (int) $currentSnapshot->getKey()]);
|
|
session()->put(WorkspaceContext::SESSION_KEY, (int) $tenant->workspace_id);
|
|
|
|
$this->actingAs($user)
|
|
->get(BaselineSnapshotResource::getUrl(panel: 'admin'))
|
|
->assertOk()
|
|
->assertSee('Lifecycle')
|
|
->assertSee('Current truth')
|
|
->assertSee('Historical trace')
|
|
->assertSee('Current baseline');
|
|
|
|
$this->actingAs($user)
|
|
->get(BaselineSnapshotResource::getUrl('view', ['record' => $historicalSnapshot], panel: 'admin'))
|
|
->assertOk()
|
|
->assertSee('Snapshot truth')
|
|
->assertSee('Historical trace')
|
|
->assertSee('Superseded');
|
|
});
|