ahmido
417df4f9aa
## Summary
- centralize tenant operability into a lane-aware, actor-aware policy boundary
- align selector eligibility, administrative discoverability, remembered context, tenant-bound routes, and canonical run viewers
- add focused Pest coverage plus Spec 148 artifacts and final polish task completion
## Validation
- `vendor/bin/sail artisan test --compact tests/Unit/Tenants/TenantOperabilityServiceTest.php tests/Unit/Tenants/TenantOperabilityOutcomeTest.php tests/Feature/Workspaces/ChooseTenantPageTest.php tests/Feature/Workspaces/SelectTenantControllerTest.php tests/Feature/TenantRBAC/ArchivedTenantRouteAccessTest.php tests/Feature/TenantRBAC/TenantRouteDenyAsNotFoundTest.php tests/Feature/Operations/TenantlessOperationRunViewerTest.php tests/Feature/OpsUx/OperateHubShellTest.php tests/Feature/Rbac/TenantLifecycleActionVisibilityTest.php tests/Feature/TenantRBAC/TenantSwitcherScopeTest.php tests/Feature/Rbac/TenantResourceAuthorizationTest.php tests/Feature/Filament/ManagedTenantsLandingLifecycleTest.php tests/Feature/Filament/TenantGlobalSearchLifecycleScopeTest.php tests/Feature/Onboarding/OnboardingDraftLifecycleTest.php tests/Feature/Onboarding/OnboardingDraftAuthorizationTest.php`
- `vendor/bin/sail bin pint --dirty --format agent`
- manual browser smoke checks on `/admin/choose-tenant`, `/admin/tenants`, `/admin/onboarding`, `/admin/onboarding/{draft}`, and `/admin/operations/{run}`
## Filament / platform notes
- Livewire v4 compliance preserved
- panel provider registration unchanged in `bootstrap/providers.php`
- Tenant resource global search remains backed by existing view/edit pages and is now separated from active-only selector eligibility
- destructive actions remain action closures with confirmation and authorization enforcement
- no asset pipeline changes and no new `filament:assets` deployment requirement
Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #177
46 lines
1.8 KiB
PHP
46 lines
1.8 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Support\Tenants\TenantInteractionLane;
|
|
use App\Support\Tenants\TenantLifecycle;
|
|
use App\Support\Tenants\TenantOperabilityOutcome;
|
|
use App\Support\Tenants\TenantOperabilityQuestion;
|
|
use App\Support\Tenants\TenantOperabilityReasonCode;
|
|
|
|
it('builds allowed outcomes with stable defaults', function (): void {
|
|
$outcome = TenantOperabilityOutcome::allow(
|
|
question: TenantOperabilityQuestion::AdministrativeDiscoverability,
|
|
lifecycle: TenantLifecycle::Archived,
|
|
lane: TenantInteractionLane::AdministrativeManagement,
|
|
metadata: ['selected_tenant_id' => 123],
|
|
);
|
|
|
|
expect($outcome->allowed)->toBeTrue()
|
|
->and($outcome->discoverable)->toBeTrue()
|
|
->and($outcome->reasonCode)->toBeNull()
|
|
->and($outcome->metadata)->toBe(['selected_tenant_id' => 123]);
|
|
});
|
|
|
|
it('distinguishes capability and lifecycle denials', function (): void {
|
|
$capabilityOutcome = TenantOperabilityOutcome::deny(
|
|
question: TenantOperabilityQuestion::ArchiveEligibility,
|
|
lifecycle: TenantLifecycle::Active,
|
|
lane: TenantInteractionLane::AdministrativeManagement,
|
|
reasonCode: TenantOperabilityReasonCode::MissingCapability,
|
|
requiredCapability: 'tenant.manage',
|
|
);
|
|
|
|
$lifecycleOutcome = TenantOperabilityOutcome::deny(
|
|
question: TenantOperabilityQuestion::SelectorEligibility,
|
|
lifecycle: TenantLifecycle::Onboarding,
|
|
lane: TenantInteractionLane::StandardActiveOperating,
|
|
reasonCode: TenantOperabilityReasonCode::SelectorIneligibleLifecycle,
|
|
);
|
|
|
|
expect($capabilityOutcome->isDeniedForCapability())->toBeTrue()
|
|
->and($capabilityOutcome->isDeniedForLifecycle())->toBeFalse()
|
|
->and($lifecycleOutcome->isDeniedForCapability())->toBeFalse()
|
|
->and($lifecycleOutcome->isDeniedForLifecycle())->toBeTrue();
|
|
});
|