ahmido
9fbd3e5ec7
## Summary - turn the tenant registry into a workspace-scoped recovery triage surface with backup posture and recovery evidence columns - preserve workspace overview backup and recovery drilldown intent by routing multi-tenant cases into filtered tenant registry slices - add the Spec 186 planning artifacts, focused regression coverage, and shared triage presentation helpers ## Testing - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/TenantRegistryRecoveryTriageTest.php tests/Feature/Filament/WorkspaceOverviewSummaryMetricsTest.php tests/Feature/Filament/WorkspaceOverviewDrilldownContinuityTest.php tests/Feature/Filament/TenantResourceIndexIsWorkspaceScopedTest.php tests/Feature/Filament/WorkspaceOverviewAuthorizationTest.php tests/Feature/Guards/ActionSurfaceContractTest.php tests/Feature/Guards/FilamentTableStandardsGuardTest.php` ## Notes - no schema change - no new persisted recovery truth - branch includes the full Spec 186 spec, plan, research, data model, contract, quickstart, and tasks artifacts Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #217
186 lines
8.8 KiB
PHP
186 lines
8.8 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\User;
|
|
use App\Models\Tenant;
|
|
use App\Models\Workspace;
|
|
use App\Models\WorkspaceMembership;
|
|
use App\Services\Auth\CapabilityResolver;
|
|
use App\Support\Auth\Capabilities;
|
|
use App\Support\Workspaces\WorkspaceContext;
|
|
use Carbon\CarbonImmutable;
|
|
|
|
use function Pest\Laravel\mock;
|
|
|
|
afterEach(function (): void {
|
|
CarbonImmutable::setTestNow();
|
|
});
|
|
|
|
it('returns 404 when the active workspace is outside the users membership scope', function (): void {
|
|
$user = User::factory()->create();
|
|
$workspace = Workspace::factory()->create(['name' => 'Hidden Workspace']);
|
|
|
|
WorkspaceMembership::factory()->create([
|
|
'workspace_id' => (int) Workspace::factory()->create()->getKey(),
|
|
'user_id' => (int) $user->getKey(),
|
|
'role' => 'owner',
|
|
]);
|
|
|
|
$this->actingAs($user)
|
|
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspace->getKey()])
|
|
->get('/admin')
|
|
->assertNotFound();
|
|
});
|
|
|
|
it('falls back to workspace-safe operations recovery when only workspace-level activity is actionable', function (): void {
|
|
$tenant = \App\Models\Tenant::factory()->create(['status' => 'active']);
|
|
[$user, $tenant] = createUserWithTenant($tenant, role: 'readonly', workspaceRole: 'readonly');
|
|
[$profile, $snapshot] = seedActiveBaselineForTenant($tenant);
|
|
seedBaselineCompareRun($tenant, $profile, $snapshot, workspaceOverviewCompareCoverage());
|
|
$backupSet = workspaceOverviewSeedHealthyBackup($tenant, [
|
|
'completed_at' => now()->subMinutes(10),
|
|
]);
|
|
workspaceOverviewSeedRestoreHistory($tenant, $backupSet, 'completed');
|
|
|
|
\App\Models\OperationRun::factory()->tenantlessForWorkspace($tenant->workspace()->firstOrFail())->create([
|
|
'status' => \App\Support\OperationRunStatus::Running->value,
|
|
'outcome' => \App\Support\OperationRunOutcome::Pending->value,
|
|
]);
|
|
|
|
$workspace = $tenant->workspace()->firstOrFail();
|
|
$overview = app(\App\Support\Workspaces\WorkspaceOverviewBuilder::class)->build($workspace, $user);
|
|
|
|
expect($overview['attention_items'])->toBe([])
|
|
->and($overview['calmness']['is_calm'])->toBeFalse()
|
|
->and($overview['calmness']['next_action']['kind'])->toBe('operations_index')
|
|
->and($overview['calmness']['next_action']['url'])->toContain('tenant_scope=all')
|
|
->and($overview['calmness']['next_action']['url'])->toContain('activeTab=active');
|
|
});
|
|
|
|
it('uses switch workspace as the zero-tenant recovery action', function (): void {
|
|
$user = User::factory()->create();
|
|
$workspace = Workspace::factory()->create();
|
|
|
|
WorkspaceMembership::factory()->create([
|
|
'workspace_id' => (int) $workspace->getKey(),
|
|
'user_id' => (int) $user->getKey(),
|
|
'role' => 'readonly',
|
|
]);
|
|
|
|
$overview = app(\App\Support\Workspaces\WorkspaceOverviewBuilder::class)->build($workspace, $user);
|
|
|
|
expect($overview['calmness']['is_calm'])->toBeFalse()
|
|
->and($overview['calmness']['next_action']['kind'])->toBe('switch_workspace')
|
|
->and($overview['attention_empty_state']['action_label'])->toBe('Switch workspace');
|
|
});
|
|
|
|
it('keeps single-tenant backup and recovery metric drill-through available when the tenant dashboard stays membership-accessible', function (): void {
|
|
CarbonImmutable::setTestNow(CarbonImmutable::create(2026, 4, 9, 9, 0, 0, 'UTC'));
|
|
|
|
$backupTenant = Tenant::factory()->create(['status' => 'active']);
|
|
[$user, $backupTenant] = createUserWithTenant($backupTenant, role: 'readonly', workspaceRole: 'readonly');
|
|
workspaceOverviewSeedQuietTenantTruth($backupTenant);
|
|
$backupTenantSet = workspaceOverviewSeedHealthyBackup($backupTenant, [
|
|
'completed_at' => now()->subDays(2),
|
|
]);
|
|
workspaceOverviewSeedRestoreHistory($backupTenant, $backupTenantSet, 'completed');
|
|
|
|
$recoveryTenant = Tenant::factory()->create([
|
|
'status' => 'active',
|
|
'workspace_id' => (int) $backupTenant->workspace_id,
|
|
'name' => 'Recovery Tenant',
|
|
]);
|
|
createUserWithTenant($recoveryTenant, $user, role: 'readonly', workspaceRole: 'readonly');
|
|
workspaceOverviewSeedQuietTenantTruth($recoveryTenant);
|
|
$recoveryBackup = workspaceOverviewSeedHealthyBackup($recoveryTenant, [
|
|
'completed_at' => now()->subMinutes(20),
|
|
]);
|
|
workspaceOverviewSeedRestoreHistory($recoveryTenant, $recoveryBackup, 'follow_up');
|
|
|
|
mock(CapabilityResolver::class, function ($mock): void {
|
|
$mock->shouldReceive('primeMemberships')->once();
|
|
$mock->shouldReceive('isMember')->andReturnTrue();
|
|
$mock->shouldReceive('can')
|
|
->andReturnUsing(static function ($user, Tenant $tenant, string $capability): bool {
|
|
return match ($capability) {
|
|
Capabilities::TENANT_VIEW => false,
|
|
default => false,
|
|
};
|
|
});
|
|
});
|
|
|
|
$overview = app(\App\Support\Workspaces\WorkspaceOverviewBuilder::class)
|
|
->build($backupTenant->workspace()->firstOrFail(), $user);
|
|
$metrics = collect($overview['summary_metrics'])->keyBy('key');
|
|
|
|
expect($metrics->get('backup_attention_tenants')['value'])->toBe(1)
|
|
->and($metrics->get('backup_attention_tenants')['destination']['kind'])->toBe('tenant_dashboard')
|
|
->and($metrics->get('backup_attention_tenants')['destination']['disabled'])->toBeFalse()
|
|
->and($metrics->get('backup_attention_tenants')['destination_url'])->toContain('/admin/t/')
|
|
->and($metrics->get('recovery_attention_tenants')['value'])->toBe(1)
|
|
->and($metrics->get('recovery_attention_tenants')['destination']['kind'])->toBe('tenant_dashboard')
|
|
->and($metrics->get('recovery_attention_tenants')['destination']['disabled'])->toBeFalse()
|
|
->and($metrics->get('recovery_attention_tenants')['destination_url'])->toContain('/admin/t/');
|
|
});
|
|
|
|
it('falls back to the visible tenant dashboard when hidden peers are excluded from backup and recovery metric drill-through', function (): void {
|
|
CarbonImmutable::setTestNow(CarbonImmutable::create(2026, 4, 9, 9, 0, 0, 'UTC'));
|
|
|
|
$visibleBackupTenant = Tenant::factory()->create(['status' => 'active']);
|
|
[$user, $visibleBackupTenant] = createUserWithTenant($visibleBackupTenant, role: 'readonly', workspaceRole: 'readonly');
|
|
workspaceOverviewSeedQuietTenantTruth($visibleBackupTenant);
|
|
$visibleBackupSet = workspaceOverviewSeedHealthyBackup($visibleBackupTenant, [
|
|
'completed_at' => now()->subDays(2),
|
|
]);
|
|
workspaceOverviewSeedRestoreHistory($visibleBackupTenant, $visibleBackupSet, 'completed');
|
|
|
|
$visibleRecoveryTenant = Tenant::factory()->create([
|
|
'status' => 'active',
|
|
'workspace_id' => (int) $visibleBackupTenant->workspace_id,
|
|
'name' => 'Visible Recovery Tenant',
|
|
]);
|
|
createUserWithTenant($visibleRecoveryTenant, $user, role: 'readonly', workspaceRole: 'readonly');
|
|
workspaceOverviewSeedQuietTenantTruth($visibleRecoveryTenant);
|
|
$visibleRecoveryBackup = workspaceOverviewSeedHealthyBackup($visibleRecoveryTenant, [
|
|
'completed_at' => now()->subMinutes(20),
|
|
]);
|
|
workspaceOverviewSeedRestoreHistory($visibleRecoveryTenant, $visibleRecoveryBackup, 'follow_up');
|
|
|
|
$hiddenBackupTenant = Tenant::factory()->create([
|
|
'status' => 'active',
|
|
'workspace_id' => (int) $visibleBackupTenant->workspace_id,
|
|
'name' => 'Hidden Backup Tenant',
|
|
]);
|
|
workspaceOverviewSeedQuietTenantTruth($hiddenBackupTenant);
|
|
|
|
$hiddenRecoveryTenant = Tenant::factory()->create([
|
|
'status' => 'active',
|
|
'workspace_id' => (int) $visibleBackupTenant->workspace_id,
|
|
'name' => 'Hidden Recovery Tenant',
|
|
]);
|
|
workspaceOverviewSeedQuietTenantTruth($hiddenRecoveryTenant);
|
|
$hiddenRecoveryBackup = workspaceOverviewSeedHealthyBackup($hiddenRecoveryTenant, [
|
|
'completed_at' => now()->subMinutes(18),
|
|
]);
|
|
workspaceOverviewSeedRestoreHistory($hiddenRecoveryTenant, $hiddenRecoveryBackup, 'follow_up');
|
|
|
|
mock(CapabilityResolver::class, function ($mock): void {
|
|
$mock->shouldReceive('primeMemberships')->once();
|
|
$mock->shouldReceive('isMember')->andReturnTrue();
|
|
$mock->shouldReceive('can')->andReturnFalse();
|
|
});
|
|
|
|
$metrics = collect(
|
|
app(\App\Support\Workspaces\WorkspaceOverviewBuilder::class)
|
|
->build($visibleBackupTenant->workspace()->firstOrFail(), $user)['summary_metrics'],
|
|
)->keyBy('key');
|
|
|
|
expect($metrics->get('backup_attention_tenants')['value'])->toBe(1)
|
|
->and($metrics->get('backup_attention_tenants')['destination']['kind'])->toBe('tenant_dashboard')
|
|
->and($metrics->get('backup_attention_tenants')['destination_url'])->toContain('/admin/t/')
|
|
->and($metrics->get('recovery_attention_tenants')['value'])->toBe(1)
|
|
->and($metrics->get('recovery_attention_tenants')['destination']['kind'])->toBe('tenant_dashboard')
|
|
->and($metrics->get('recovery_attention_tenants')['destination_url'])->toContain('/admin/t/');
|
|
});
|