ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
ab17e2695b
TenantAtlas/tests/Feature/Rbac/BackupItemsRelationManagerSemanticsTest.php
Ahmed Darrazi ab17e2695b feat: add Intune RBAC inventory and backup support
2026-03-09 11:39:36 +01:00

121 lines
4.1 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Resources\BackupSetResource;
use App\Filament\Resources\BackupSetResource\Pages\EditBackupSet;
use App\Filament\Resources\BackupSetResource\RelationManagers\BackupItemsRelationManager;
use App\Filament\Resources\PolicyVersionResource;
use App\Models\BackupItem;
use App\Models\BackupSet;
use App\Models\Policy;
use App\Models\PolicyVersion;
use App\Models\User;
use App\Models\WorkspaceMembership;
use Filament\Actions\Action;
use Filament\Facades\Filament;
use Livewire\Livewire;
it('returns 404 for non-members before capability checks on backup item actions', function (): void {
[$owner, $tenant] = createUserWithTenant(role: 'owner');
$this->actingAs($owner);
$tenant->makeCurrent();
Filament::setTenant($tenant, true);
$backupSet = BackupSet::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
]);
$backupItem = BackupItem::factory()->for($backupSet)->for($tenant)->create();
$outsider = User::factory()->create();
WorkspaceMembership::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'user_id' => (int) $outsider->getKey(),
'role' => 'owner',
]);
$this->actingAs($outsider);
$tenant->makeCurrent();
Filament::setTenant($tenant, true);
$this->get(BackupSetResource::getUrl('view', ['record' => $backupSet], tenant: $tenant))
->assertNotFound();
});
it('keeps actions visible but disabled for members missing capability', function (): void {
[$readonlyUser, $tenant] = createUserWithTenant(role: 'readonly');
$this->actingAs($readonlyUser);
$tenant->makeCurrent();
Filament::setTenant($tenant, true);
$backupSet = BackupSet::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
]);
$backupItem = BackupItem::factory()->for($backupSet)->for($tenant)->create();
Livewire::test(BackupItemsRelationManager::class, [
'ownerRecord' => $backupSet,
'pageClass' => EditBackupSet::class,
])
->assertTableActionVisible('remove', $backupItem)
->assertTableActionDisabled('remove', $backupItem);
});
it('routes versioned RBAC foundation items to immutable policy version detail', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$this->actingAs($user);
$tenant->makeCurrent();
Filament::setTenant($tenant, true);
$policy = Policy::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'external_id' => 'role-def-1',
'policy_type' => 'intuneRoleDefinition',
'platform' => 'all',
'display_name' => 'Current role label',
'last_synced_at' => null,
]);
$version = PolicyVersion::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'policy_id' => (int) $policy->getKey(),
'policy_type' => 'intuneRoleDefinition',
'platform' => 'all',
'snapshot' => [
'displayName' => 'Captured RBAC role',
],
]);
$backupSet = BackupSet::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
]);
$backupItem = BackupItem::factory()->for($backupSet)->for($tenant)->create([
'policy_id' => (int) $policy->getKey(),
'policy_version_id' => (int) $version->getKey(),
'policy_identifier' => 'role-def-1',
'policy_type' => 'intuneRoleDefinition',
'platform' => 'all',
'payload' => [
'displayName' => 'Captured RBAC role',
],
'metadata' => [
'displayName' => 'Captured RBAC role',
],
]);
Livewire::test(BackupItemsRelationManager::class, [
'ownerRecord' => $backupSet,
'pageClass' => EditBackupSet::class,
])
->assertTableColumnFormattedStateSet('policy.display_name', 'Captured RBAC role', $backupItem)
->assertTableActionVisible('view', $backupItem)
->assertTableActionExists('view', function (Action $action) use ($tenant, $version): bool {
return $action->getLabel() === 'View version'
&& $action->getUrl() === PolicyVersionResource::getUrl('view', ['record' => $version], tenant: $tenant);
}, $backupItem);
});
Reference in New Issue View Git Blame Copy Permalink