ahmido
866875559f
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m4s
Implements platform feature branch `259-compliance-evidence-mapping`. Target branch: `platform-dev`. Follow-up integration path after merge: `platform-dev` -> `dev`. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #312
72 lines
3.1 KiB
PHP
72 lines
3.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Pages\Reviews\CustomerReviewWorkspace;
|
|
use App\Filament\Resources\EvidenceSnapshotResource;
|
|
use App\Models\AuditLog;
|
|
use App\Models\EvidenceSnapshot;
|
|
use App\Support\Audit\AuditActionId;
|
|
use App\Support\Evidence\EvidenceCompletenessState;
|
|
use App\Support\Evidence\EvidenceSnapshotStatus;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
it('records audit entries when a snapshot is queued and expired', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$snapshot = app(App\Services\Evidence\EvidenceSnapshotService::class)->generate($tenant, $user);
|
|
|
|
$snapshot->update([
|
|
'status' => EvidenceSnapshotStatus::Active->value,
|
|
'completeness_state' => EvidenceCompletenessState::Complete->value,
|
|
]);
|
|
|
|
app(App\Services\Evidence\EvidenceSnapshotService::class)->expire($snapshot, $user, 'Evidence basis is obsolete.');
|
|
|
|
$expiredAudit = AuditLog::query()
|
|
->where('action', AuditActionId::EvidenceSnapshotExpired->value)
|
|
->latest('id')
|
|
->first();
|
|
|
|
expect(AuditLog::query()->where('action', AuditActionId::EvidenceSnapshotCreated->value)->exists())->toBeTrue()
|
|
->and(AuditLog::query()->where('action', AuditActionId::EvidenceSnapshotExpired->value)->exists())->toBeTrue()
|
|
->and(data_get($expiredAudit?->metadata, 'reason'))->toBe('Evidence basis is obsolete.');
|
|
});
|
|
|
|
it('records audit entries when customer review proof is opened explicitly', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'readonly');
|
|
|
|
$snapshot = EvidenceSnapshot::query()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'status' => EvidenceSnapshotStatus::Active->value,
|
|
'completeness_state' => EvidenceCompletenessState::Complete->value,
|
|
'summary' => ['finding_count' => 1],
|
|
'generated_at' => now(),
|
|
]);
|
|
|
|
$this->actingAs($user)
|
|
->get(EvidenceSnapshotResource::getUrl('view', ['record' => $snapshot], tenant: $tenant, panel: 'tenant').'?'.http_build_query([
|
|
'source_surface' => CustomerReviewWorkspace::SOURCE_SURFACE,
|
|
'review_id' => '123',
|
|
'tenant_filter_id' => (string) $tenant->getKey(),
|
|
'interpretation_version' => 'compliance_evidence_mapping.v1',
|
|
]))
|
|
->assertOk();
|
|
|
|
$audit = AuditLog::query()
|
|
->where('action', AuditActionId::EvidenceSnapshotOpened->value)
|
|
->latest('id')
|
|
->first();
|
|
|
|
expect($audit)->not->toBeNull()
|
|
->and($audit?->resource_type)->toBe('evidence_snapshot')
|
|
->and(data_get($audit?->metadata, 'evidence_snapshot_id'))->toBe((int) $snapshot->getKey())
|
|
->and(data_get($audit?->metadata, 'source_surface'))->toBe(CustomerReviewWorkspace::SOURCE_SURFACE)
|
|
->and(data_get($audit?->metadata, 'review_id'))->toBe('123')
|
|
->and(data_get($audit?->metadata, 'tenant_filter_id'))->toBe((string) $tenant->getKey())
|
|
->and(data_get($audit?->metadata, 'interpretation_version'))->toBe('compliance_evidence_mapping.v1');
|
|
});
|