ahmido
966b7af472
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m0s
## Summary - productize the customer review workspace and released-review drilldown into a calmer customer-safe governance flow - make review-pack and evidence-proof access explicit, capability-aware, and auditable in the shared Filament resources - add focused Pest coverage, browser smoke coverage, and the full Spec 258 artifact package ## Notes - Filament stays on v5 with Livewire v4 surfaces; no provider registration changes were introduced - no new global-search scope, destructive action surface, or asset registration was added - bounded additive audit action IDs were added for workspace open and evidence proof open events ## Validation - focused Pest feature suites for workspace, review detail, review-pack, and evidence flows - bounded browser smoke: `tests/Browser/Reviews/CustomerReviewWorkspaceSmokeTest.php` - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #310
263 lines
11 KiB
PHP
263 lines
11 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Pages\Reviews\ReviewRegister;
|
|
use App\Filament\Pages\Reviews\CustomerReviewWorkspace;
|
|
use App\Filament\Resources\TenantReviewResource;
|
|
use App\Filament\Resources\TenantReviewResource\Pages\ListTenantReviews;
|
|
use App\Filament\Resources\TenantReviewResource\Pages\ViewTenantReview;
|
|
use App\Models\ReviewPack;
|
|
use App\Models\Tenant;
|
|
use App\Models\TenantReview;
|
|
use App\Models\User;
|
|
use App\Support\TenantReviewStatus;
|
|
use App\Services\TenantReviews\TenantReviewLifecycleService;
|
|
use App\Support\Ui\GovernanceActions\GovernanceActionCatalog;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
use Filament\Actions\Action;
|
|
use Filament\Actions\ActionGroup;
|
|
use Illuminate\Support\Facades\Storage;
|
|
use Livewire\Features\SupportTesting\Testable;
|
|
use Livewire\Livewire;
|
|
use Tests\Feature\Concerns\BuildsGovernanceArtifactTruthFixtures;
|
|
|
|
uses(BuildsGovernanceArtifactTruthFixtures::class);
|
|
|
|
beforeEach(function (): void {
|
|
Storage::fake('exports');
|
|
});
|
|
|
|
function tenantReviewContractHeaderActions(Testable $component): array
|
|
{
|
|
$instance = $component->instance();
|
|
|
|
if ($instance->getCachedHeaderActions() === []) {
|
|
$instance->cacheInteractsWithHeaderActions();
|
|
}
|
|
|
|
return $instance->getCachedHeaderActions();
|
|
}
|
|
|
|
it('disables tenant-review global search while keeping the view page available for resource inspection', function (): void {
|
|
$reflection = new ReflectionClass(TenantReviewResource::class);
|
|
|
|
expect($reflection->getStaticPropertyValue('isGloballySearchable'))->toBeFalse()
|
|
->and(array_keys(TenantReviewResource::getPages()))->toContain('view');
|
|
});
|
|
|
|
it('keeps tenant review list and canonical register empty states to a single CTA', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$this->actingAs($user);
|
|
setTenantPanelContext($tenant);
|
|
|
|
Livewire::actingAs($user)
|
|
->test(ListTenantReviews::class)
|
|
->assertTableEmptyStateActionsExistInOrder(['create_first_review'])
|
|
->assertSee('No tenant reviews yet')
|
|
->mountAction('create_review')
|
|
->assertActionMounted('create_review');
|
|
|
|
setAdminPanelContext();
|
|
session()->put(WorkspaceContext::SESSION_KEY, (int) $tenant->workspace_id);
|
|
|
|
Livewire::actingAs($user)
|
|
->test(ReviewRegister::class)
|
|
->searchTable('no-such-review')
|
|
->assertTableEmptyStateActionsExistInOrder(['clear_filters_empty'])
|
|
->assertSee('No review records match this view');
|
|
});
|
|
|
|
it('keeps tenant review list inspection on row click and reserves the row action for executive export', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
$review = composeTenantReviewForTest($tenant, $user);
|
|
|
|
$this->actingAs($user);
|
|
setTenantPanelContext($tenant);
|
|
|
|
$livewire = Livewire::actingAs($user)
|
|
->test(ListTenantReviews::class)
|
|
->assertCanSeeTableRecords([$review]);
|
|
|
|
$table = $livewire->instance()->getTable();
|
|
$rowActionNames = collect($table->getActions())
|
|
->map(static fn ($action): ?string => $action->getName())
|
|
->filter()
|
|
->values()
|
|
->all();
|
|
|
|
expect($rowActionNames)->toEqualCanonicalizing(['export_executive_pack'])
|
|
->and($table->getBulkActions())->toBeEmpty()
|
|
->and($table->getRecordUrl($review))->toBe(TenantReviewResource::tenantScopedUrl('view', ['record' => $review], $tenant));
|
|
});
|
|
|
|
it('requires confirmation for destructive tenant-review actions and preserves disabled management visibility for readonly users', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$owner, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
|
|
[$readonly] = createUserWithTenant(tenant: $tenant, user: User::factory()->create(), role: 'readonly');
|
|
$review = composeTenantReviewForTest($tenant, $owner);
|
|
$refreshRule = GovernanceActionCatalog::rule('refresh_review');
|
|
|
|
setTenantPanelContext($tenant);
|
|
|
|
Livewire::actingAs($readonly)
|
|
->test(ViewTenantReview::class, ['record' => $review->getKey()])
|
|
->assertActionVisible('refresh_review')
|
|
->assertActionDisabled('refresh_review')
|
|
->assertActionVisible('publish_review')
|
|
->assertActionDisabled('publish_review')
|
|
->assertActionVisible('export_executive_pack')
|
|
->assertActionDisabled('export_executive_pack')
|
|
->assertActionVisible('archive_review')
|
|
->assertActionDisabled('archive_review');
|
|
|
|
Livewire::actingAs($owner)
|
|
->test(ViewTenantReview::class, ['record' => $review->getKey()])
|
|
->assertActionExists('refresh_review', fn (Action $action): bool => $action->getLabel() === $refreshRule->canonicalLabel
|
|
&& $action->isConfirmationRequired()
|
|
&& $action->getModalHeading() === $refreshRule->modalHeading
|
|
&& $action->getModalDescription() === $refreshRule->modalDescription)
|
|
->mountAction('refresh_review')
|
|
->assertActionMounted('refresh_review');
|
|
|
|
Livewire::actingAs($owner)
|
|
->test(ViewTenantReview::class, ['record' => $review->getKey()])
|
|
->mountAction('publish_review')
|
|
->assertActionMounted('publish_review')
|
|
->callMountedAction()
|
|
->assertHasActionErrors(['publish_reason']);
|
|
|
|
$published = app(TenantReviewLifecycleService::class)->publish($review, $owner, 'Ready for publication.');
|
|
|
|
Livewire::actingAs($owner)
|
|
->test(ViewTenantReview::class, ['record' => $published->getKey()])
|
|
->mountAction('archive_review')
|
|
->assertActionMounted('archive_review')
|
|
->callMountedAction()
|
|
->assertHasActionErrors(['archive_reason']);
|
|
});
|
|
|
|
it('keeps tenant review header hierarchy to one primary action and moves related links into summary context', function (): void {
|
|
[$owner, $tenant] = createUserWithTenant(role: 'owner');
|
|
$review = composeTenantReviewForTest($tenant, $owner);
|
|
|
|
setTenantPanelContext($tenant);
|
|
|
|
$this->actingAs($owner)
|
|
->get(TenantReviewResource::tenantScopedUrl('view', ['record' => $review], $tenant))
|
|
->assertOk()
|
|
->assertSee('Related context')
|
|
->assertSee('Evidence snapshot');
|
|
|
|
$component = Livewire::actingAs($owner)
|
|
->test(ViewTenantReview::class, ['record' => $review->getKey()]);
|
|
|
|
$topLevelActionNames = collect(tenantReviewContractHeaderActions($component))
|
|
->reject(static fn ($action): bool => $action instanceof ActionGroup)
|
|
->map(static fn ($action): ?string => $action instanceof Action ? $action->getName() : null)
|
|
->filter()
|
|
->values()
|
|
->all();
|
|
$groupLabels = collect(tenantReviewContractHeaderActions($component))
|
|
->filter(static fn ($action): bool => $action instanceof ActionGroup)
|
|
->map(static fn (ActionGroup $action): string => (string) $action->getLabel())
|
|
->values()
|
|
->all();
|
|
|
|
expect($topLevelActionNames)->toBe(['publish_review'])
|
|
->and($groupLabels)->toBe(['More', 'Danger']);
|
|
});
|
|
|
|
it('uses the current review-pack download as the only customer-workspace detail header action', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$user, $tenant] = createUserWithTenant(tenant: $tenant, role: 'readonly');
|
|
$snapshot = seedTenantReviewEvidence($tenant);
|
|
|
|
$review = composeTenantReviewForTest($tenant, $user, $snapshot);
|
|
$review->forceFill([
|
|
'status' => TenantReviewStatus::Published->value,
|
|
'published_at' => now(),
|
|
'published_by_user_id' => (int) $user->getKey(),
|
|
])->save();
|
|
|
|
Storage::disk('exports')->put('review-packs/customer-detail-primary.zip', 'PK-test');
|
|
|
|
$pack = ReviewPack::factory()->ready()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'tenant_review_id' => (int) $review->getKey(),
|
|
'evidence_snapshot_id' => (int) $snapshot->getKey(),
|
|
'initiated_by_user_id' => (int) $user->getKey(),
|
|
'file_path' => 'review-packs/customer-detail-primary.zip',
|
|
'file_disk' => 'exports',
|
|
]);
|
|
|
|
$review->forceFill(['current_export_review_pack_id' => (int) $pack->getKey()])->save();
|
|
|
|
setTenantPanelContext($tenant);
|
|
|
|
$component = Livewire::withQueryParams([CustomerReviewWorkspace::DETAIL_CONTEXT_QUERY_KEY => 1])
|
|
->actingAs($user)
|
|
->test(ViewTenantReview::class, ['record' => $review->getKey()])
|
|
->assertActionVisible('download_current_review_pack')
|
|
->assertActionEnabled('download_current_review_pack')
|
|
->assertActionDoesNotExist('publish_review')
|
|
->assertActionDoesNotExist('refresh_review')
|
|
->assertActionDoesNotExist('create_next_review')
|
|
->assertActionDoesNotExist('export_executive_pack')
|
|
->assertActionDoesNotExist('archive_review');
|
|
|
|
$topLevelActionNames = collect(tenantReviewContractHeaderActions($component))
|
|
->map(static fn ($action): ?string => $action instanceof Action ? $action->getName() : null)
|
|
->filter()
|
|
->values()
|
|
->all();
|
|
|
|
expect($topLevelActionNames)->toBe(['download_current_review_pack']);
|
|
});
|
|
|
|
it('shows publication truth and next-step guidance when a review is not yet publishable', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$owner, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
|
|
$snapshot = seedTenantReviewEvidence($tenant);
|
|
|
|
$review = TenantReview::query()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'evidence_snapshot_id' => (int) $snapshot->getKey(),
|
|
'initiated_by_user_id' => (int) $owner->getKey(),
|
|
'status' => 'draft',
|
|
'completeness_state' => 'complete',
|
|
'summary' => [
|
|
'publish_blockers' => ['Review the approval note before publication.'],
|
|
'section_state_counts' => ['complete' => 6, 'partial' => 0, 'missing' => 0, 'stale' => 0],
|
|
],
|
|
'fingerprint' => hash('sha256', 'tenant-review-ui-contract'),
|
|
'generated_at' => now(),
|
|
]);
|
|
|
|
$this->actingAs($owner)
|
|
->get(TenantReviewResource::tenantScopedUrl('view', ['record' => $review], $tenant))
|
|
->assertOk()
|
|
->assertSee('Outcome summary')
|
|
->assertDontSee('Artifact truth')
|
|
->assertSee('Publication blocked')
|
|
->assertSee('Resolve the review blockers before publication');
|
|
});
|
|
|
|
it('keeps executive posture from claiming publication readiness for internal-only reviews', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$owner, $tenant] = createUserWithTenant(tenant: $tenant, role: 'owner');
|
|
|
|
$review = $this->makeInternalOnlyArtifactTruthReview($tenant, $owner);
|
|
|
|
$this->actingAs($owner)
|
|
->get(TenantReviewResource::tenantScopedUrl('view', ['record' => $review], $tenant))
|
|
->assertOk()
|
|
->assertSee('Internal only')
|
|
->assertSee('Publication readiness')
|
|
->assertSee('This review is currently safe for internal use only.')
|
|
->assertDontSee('This review is ready for publication and executive-pack export.');
|
|
});
|