48 lines
1.6 KiB
PHP
48 lines
1.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Resources\OperationRunResource\Pages\ViewOperationRun;
|
|
use App\Models\OperationRun;
|
|
use Filament\Facades\Filament;
|
|
use Livewire\Livewire;
|
|
|
|
it('redacts forbidden evidence fields in rendered verification reports', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'operator');
|
|
$this->actingAs($user);
|
|
|
|
$tenant->makeCurrent();
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$report = json_decode(
|
|
(string) file_get_contents(base_path('specs/074-verification-checklist/contracts/examples/fail.json')),
|
|
true,
|
|
512,
|
|
JSON_THROW_ON_ERROR,
|
|
);
|
|
|
|
$report['checks'][0]['evidence'][] = ['kind' => 'authorization', 'value' => 'Bearer abc.def.ghi'];
|
|
$report['checks'][0]['evidence'][] = ['kind' => 'access_token', 'value' => 'super-secret'];
|
|
$report['checks'][0]['message'] = 'Authorization: Bearer abc.def.ghi access_token=super-secret';
|
|
|
|
$run = OperationRun::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'user_id' => (int) $user->getKey(),
|
|
'type' => 'provider.connection.check',
|
|
'status' => 'completed',
|
|
'outcome' => 'failed',
|
|
'context' => [
|
|
'verification_report' => $report,
|
|
],
|
|
]);
|
|
|
|
assertNoOutboundHttp(function () use ($run): void {
|
|
Livewire::test(ViewOperationRun::class, ['record' => $run->getRouteKey()])
|
|
->assertSee('Verification report')
|
|
->assertSee('Token acquisition works')
|
|
->assertDontSee('access_token')
|
|
->assertDontSee('Bearer abc.def.ghi')
|
|
->assertDontSee('super-secret');
|
|
});
|
|
});
|