TenantAtlas/tests/Feature/Evidence/EvidenceOverviewPageTest.php

<?php

declare(strict_types=1);

use App\Filament\Resources\EvidenceSnapshotResource;
use App\Models\EvidenceSnapshot;
use App\Models\Tenant;
use App\Support\Evidence\EvidenceCompletenessState;
use App\Support\Evidence\EvidenceSnapshotStatus;
use App\Support\Workspaces\WorkspaceContext;
use Filament\Facades\Filament;
use Illuminate\Foundation\Testing\RefreshDatabase;

uses(RefreshDatabase::class);

it('shows only authorized tenant rows on the workspace evidence overview', function (): void {
    $tenantA = Tenant::factory()->create();
    [$user, $tenantA] = createUserWithTenant(tenant: $tenantA, role: 'owner');
    $tenantB = Tenant::factory()->create(['workspace_id' => (int) $tenantA->workspace_id]);
    createUserWithTenant(tenant: $tenantB, user: $user, role: 'owner');

    $foreignWorkspaceTenant = Tenant::factory()->create();

    foreach ([
        [$tenantA, EvidenceCompletenessState::Complete->value],
        [$tenantB, EvidenceCompletenessState::Partial->value],
        [$foreignWorkspaceTenant, EvidenceCompletenessState::Missing->value],
    ] as [$tenant, $state]) {
        EvidenceSnapshot::query()->create([
            'tenant_id' => (int) $tenant->getKey(),
            'workspace_id' => (int) $tenant->workspace_id,
            'status' => EvidenceSnapshotStatus::Active->value,
            'completeness_state' => $state,
            'summary' => [
                'missing_dimensions' => $state === EvidenceCompletenessState::Missing->value ? 2 : 0,
                'stale_dimensions' => 0,
            ],
            'generated_at' => now(),
        ]);
    }

    Filament::setTenant(null, true);

    $this->actingAs($user)
        ->withSession([WorkspaceContext::SESSION_KEY => (int) $tenantA->workspace_id])
        ->get(route('admin.evidence.overview'))
        ->assertOk()
        ->assertSee($tenantA->name)
        ->assertSee($tenantB->name)
        ->assertDontSee($foreignWorkspaceTenant->name);
});

it('returns 404 for users without workspace membership on the evidence overview', function (): void {
    $workspaceTenant = Tenant::factory()->create();
    $user = App\Models\User::factory()->create();

    Filament::setTenant(null, true);

    $this->actingAs($user)
        ->withSession([WorkspaceContext::SESSION_KEY => (int) $workspaceTenant->workspace_id])
        ->get(route('admin.evidence.overview'))
        ->assertNotFound();
});

it('applies the entitled tenant prefilter on the workspace evidence overview', function (): void {
    $tenantA = Tenant::factory()->create();
    [$user, $tenantA] = createUserWithTenant(tenant: $tenantA, role: 'owner');
    $tenantB = Tenant::factory()->create(['workspace_id' => (int) $tenantA->workspace_id]);
    createUserWithTenant(tenant: $tenantB, user: $user, role: 'owner');

    foreach ([[$tenantA, EvidenceCompletenessState::Complete->value], [$tenantB, EvidenceCompletenessState::Partial->value]] as [$tenant, $state]) {
        EvidenceSnapshot::query()->create([
            'tenant_id' => (int) $tenant->getKey(),
            'workspace_id' => (int) $tenant->workspace_id,
            'status' => EvidenceSnapshotStatus::Active->value,
            'completeness_state' => $state,
            'summary' => ['missing_dimensions' => 0, 'stale_dimensions' => 0],
            'generated_at' => now(),
        ]);
    }

    Filament::setTenant(null, true);

    $this->actingAs($user)
        ->withSession([WorkspaceContext::SESSION_KEY => (int) $tenantA->workspace_id])
        ->get(route('admin.evidence.overview', ['tenant_id' => (int) $tenantB->getKey()]))
        ->assertOk()
        ->assertSee(EvidenceSnapshotResource::getUrl('index', tenant: $tenantB))
        ->assertDontSee(EvidenceSnapshotResource::getUrl('index', tenant: $tenantA));
});