ahmido
acc8947384
## Summary - add the Spec 194 governance action catalog, friction classes, reason policies, and regression guards - align exception, review, evidence, finding, tenant, provider connection, and system run actions to the shared semantics model - add focused feature, RBAC, audit, unit, and browser coverage, including the tenant detail triage header consistency update ## Verification - ran the focused Spec 194 verification pack from the quickstart and task plan - ran targeted tenant triage coverage after the detail-header update - ran `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` ## Filament Notes - Filament v5 / Livewire v4 compliance preserved - provider registration remains in `apps/platform/bootstrap/providers.php` - globally searchable resources were not changed - destructive actions remain confirmation-gated and server-authorized - no new Filament assets were introduced; the existing `cd apps/platform && php artisan filament:assets` deploy step stays unchanged Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #229
103 lines
3.9 KiB
PHP
103 lines
3.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Jobs\GenerateReviewPackJob;
|
|
use App\Models\AuditLog;
|
|
use App\Models\EvidenceSnapshot;
|
|
use App\Services\ReviewPackService;
|
|
use App\Services\TenantReviews\TenantReviewLifecycleService;
|
|
use App\Services\TenantReviews\TenantReviewService;
|
|
use App\Support\Audit\AuditActionId;
|
|
use Illuminate\Support\Facades\Storage;
|
|
|
|
beforeEach(function (): void {
|
|
Storage::fake('exports');
|
|
});
|
|
|
|
it('records tenant-review audit history across create, refresh, publish, export, successor, and archive flows', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$reviewService = app(TenantReviewService::class);
|
|
$lifecycle = app(TenantReviewLifecycleService::class);
|
|
|
|
$initialSnapshot = seedTenantReviewEvidence($tenant);
|
|
$review = $reviewService->create($tenant, $initialSnapshot, $user);
|
|
$review = $reviewService->compose($review);
|
|
|
|
EvidenceSnapshot::query()
|
|
->where('tenant_id', (int) $tenant->getKey())
|
|
->where('status', 'active')
|
|
->update([
|
|
'status' => 'expired',
|
|
'expires_at' => now(),
|
|
]);
|
|
|
|
$refreshSnapshot = seedTenantReviewEvidence(
|
|
tenant: $tenant,
|
|
findingCount: 6,
|
|
driftCount: 2,
|
|
operationRunCount: 2,
|
|
);
|
|
$review = $reviewService->refresh($review, $user, $refreshSnapshot);
|
|
$review = $reviewService->compose($review->fresh());
|
|
|
|
$published = $lifecycle->publish($review, $user, 'Publishing the current review pack.');
|
|
|
|
EvidenceSnapshot::query()
|
|
->where('tenant_id', (int) $tenant->getKey())
|
|
->where('status', 'active')
|
|
->update([
|
|
'status' => 'expired',
|
|
'expires_at' => now(),
|
|
]);
|
|
|
|
$pack = app(ReviewPackService::class)->generateFromReview($published, $user, [
|
|
'include_pii' => true,
|
|
'include_operations' => true,
|
|
]);
|
|
|
|
$job = new GenerateReviewPackJob(
|
|
reviewPackId: (int) $pack->getKey(),
|
|
operationRunId: (int) $pack->operation_run_id,
|
|
);
|
|
app()->call([$job, 'handle']);
|
|
|
|
$nextReview = $lifecycle->createNextReview($published->fresh(), $user, seedTenantReviewEvidence(
|
|
tenant: $tenant,
|
|
findingCount: 7,
|
|
driftCount: 1,
|
|
operationRunCount: 3,
|
|
));
|
|
|
|
$lifecycle->archive($nextReview, $user, 'Replacing with a newer governance review.');
|
|
|
|
expect(AuditLog::query()->where('action', AuditActionId::TenantReviewCreated->value)->exists())->toBeTrue()
|
|
->and(AuditLog::query()->where('action', AuditActionId::TenantReviewRefreshed->value)->exists())->toBeTrue()
|
|
->and(AuditLog::query()->where('action', AuditActionId::TenantReviewPublished->value)->exists())->toBeTrue()
|
|
->and(AuditLog::query()->where('action', AuditActionId::TenantReviewExported->value)->exists())->toBeTrue()
|
|
->and(AuditLog::query()->where('action', AuditActionId::TenantReviewSuccessorCreated->value)->exists())->toBeTrue()
|
|
->and(AuditLog::query()->where('action', AuditActionId::TenantReviewArchived->value)->exists())->toBeTrue();
|
|
|
|
$exportAudit = AuditLog::query()
|
|
->where('action', AuditActionId::TenantReviewExported->value)
|
|
->latest('id')
|
|
->first();
|
|
|
|
$publishAudit = AuditLog::query()
|
|
->where('action', AuditActionId::TenantReviewPublished->value)
|
|
->latest('id')
|
|
->first();
|
|
|
|
$archiveAudit = AuditLog::query()
|
|
->where('action', AuditActionId::TenantReviewArchived->value)
|
|
->latest('id')
|
|
->first();
|
|
|
|
expect($exportAudit)->not->toBeNull()
|
|
->and($exportAudit?->resource_type)->toBe('tenant_review')
|
|
->and(data_get($exportAudit?->metadata, 'review_pack_id'))->toBe((int) $pack->getKey())
|
|
->and(data_get($publishAudit?->metadata, 'reason'))->toBe('Publishing the current review pack.')
|
|
->and(data_get($archiveAudit?->metadata, 'reason'))->toBe('Replacing with a newer governance review.');
|
|
});
|