ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
acc8947384
TenantAtlas/apps/platform/tests/Feature/Guards/Spec194GovernanceActionSemanticsGuardTest.php
ahmido acc8947384 feat: harden governance action semantics (#229) 
## Summary
- add the Spec 194 governance action catalog, friction classes, reason policies, and regression guards
- align exception, review, evidence, finding, tenant, provider connection, and system run actions to the shared semantics model
- add focused feature, RBAC, audit, unit, and browser coverage, including the tenant detail triage header consistency update

## Verification
- ran the focused Spec 194 verification pack from the quickstart and task plan
- ran targeted tenant triage coverage after the detail-header update
- ran `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Filament Notes
- Filament v5 / Livewire v4 compliance preserved
- provider registration remains in `apps/platform/bootstrap/providers.php`
- globally searchable resources were not changed
- destructive actions remain confirmation-gated and server-authorized
- no new Filament assets were introduced; the existing `cd apps/platform && php artisan filament:assets` deploy step stays unchanged

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #229
2026-04-12 21:21:44 +00:00

76 lines
3.4 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Support\Ui\GovernanceActions\GovernanceActionCatalog;
it('keeps the spec 194 family inventory, surface bindings, and documented deviations explicit', function (): void {
$families = GovernanceActionCatalog::families();
$rules = GovernanceActionCatalog::rules();
$bindings = GovernanceActionCatalog::surfaceBindings();
expect(array_keys($families))->toEqualCanonicalizing([
'exception_decision',
'review_lifecycle',
'evidence_lifecycle',
'run_triage',
'finding_lifecycle',
'tenant_lifecycle',
])
->and(array_keys($rules))->toHaveCount(16)
->and($bindings)->not->toBeEmpty();
foreach ($bindings as $binding) {
$matchingRule = collect($rules)->first(
fn ($rule): bool => $rule->familyKey === $binding['familyKey']
&& in_array($binding['surfaceKey'], $rule->surfaceKeys, true),
);
expect($matchingRule)->not->toBeNull();
}
expect(GovernanceActionCatalog::documentedDeviations())->not->toBeEmpty();
});
it('keeps evidence and review surface bindings aligned to their canonical action names', function (): void {
$bindingsBySurface = collect(GovernanceActionCatalog::surfaceBindings())->groupBy('surfaceKey');
expect($bindingsBySurface->get('view_evidence_snapshot', collect())->pluck('actionName')->all())
->toEqualCanonicalizing(['refresh_evidence', 'expire_snapshot'])
->and($bindingsBySurface->get('view_tenant_review', collect())->pluck('actionName')->all())
->toContain('refresh_review', 'publish_review', 'archive_review');
});
it('keeps triage mutations out of the tenantless run viewer while the system run page owns them', function (): void {
$tenantlessViewer = file_get_contents(base_path('app/Filament/Pages/Operations/TenantlessOperationRunViewer.php'));
$systemViewRun = file_get_contents(base_path('app/Filament/System/Pages/Ops/ViewRun.php'));
expect($tenantlessViewer)->toBeString()
->and($systemViewRun)->toBeString()
->and($tenantlessViewer)->not->toContain("Action::make('retry')")
->and($tenantlessViewer)->not->toContain("Action::make('cancel')")
->and($tenantlessViewer)->not->toContain("Action::make('mark_investigated')")
->and($systemViewRun)->toContain("Action::make('retry')")
->and($systemViewRun)->toContain("Action::make('cancel')")
->and($systemViewRun)->toContain("Action::make('mark_investigated')");
});
it('keeps the governed surface files inside the catalog binding inventory', function (): void {
$boundFiles = collect(GovernanceActionCatalog::surfaceBindings())
->pluck('pageClass')
->unique()
->values()
->all();
expect($boundFiles)->toContain(
'App\\Filament\\Pages\\Monitoring\\FindingExceptionsQueue',
'App\\Filament\\Resources\\FindingExceptionResource\\Pages\\ViewFindingException',
'App\\Filament\\Resources\\EvidenceSnapshotResource\\Pages\\ViewEvidenceSnapshot',
'App\\Filament\\Resources\\TenantReviewResource\\Pages\\ViewTenantReview',
'App\\Filament\\System\\Pages\\Ops\\ViewRun',
'App\\Filament\\Resources\\FindingResource\\Pages\\ViewFinding',
'App\\Filament\\Resources\\TenantResource\\Pages\\ViewTenant',
'App\\Filament\\Resources\\TenantResource\\Pages\\EditTenant',
);
});
Reference in New Issue View Git Blame Copy Permalink