ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
add45df609
TenantAtlas/tests/Feature/Findings/FindingRbacTest.php
ahmido 7ac53f4cc4 feat(111): findings workflow + SLA settings (#135) 
Implements spec 111 (Findings workflow + SLA) and fixes Workspace findings SLA settings UX/validation.

Key changes:
- Findings workflow service + SLA policy and alerting.
- Workspace settings: allow partial SLA overrides without auto-filling unset severities in the UI; effective values still resolve via defaults.
- New migrations, jobs, command, UI/resource updates, and comprehensive test coverage.

Tests:
- `vendor/bin/sail artisan test --compact` (1779 passed, 8 skipped).

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #135
2026-02-25 01:48:01 +00:00

67 lines
2.2 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Resources\FindingResource;
use App\Filament\Resources\FindingResource\Pages\ListFindings;
use App\Models\Finding;
use App\Services\Findings\FindingWorkflowService;
use Filament\Facades\Filament;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Livewire\Livewire;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
uses(RefreshDatabase::class);
it('returns 404 for non-members on findings pages', function (): void {
$tenant = \App\Models\Tenant::factory()->create();
[$user] = createUserWithTenant(role: 'owner');
$finding = Finding::factory()->for($tenant)->create();
$this->actingAs($user)
->get(FindingResource::getUrl('index', tenant: $tenant))
->assertNotFound();
$this->actingAs($user)
->get(FindingResource::getUrl('view', ['record' => $finding], tenant: $tenant))
->assertNotFound();
});
it('shows triage row action disabled for readonly members', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'readonly');
$this->actingAs($user);
Filament::setTenant($tenant, true);
$finding = Finding::factory()->for($tenant)->create([
'status' => Finding::STATUS_NEW,
]);
Livewire::test(ListFindings::class)
->assertTableActionVisible('triage', $finding)
->assertTableActionDisabled('triage', $finding);
});
it('enforces 404 for non-member and 403 for member missing capability in workflow service', function (): void {
[$owner, $tenant] = createUserWithTenant(role: 'owner');
[$readonly] = createUserWithTenant(tenant: $tenant, role: 'readonly');
$outsider = \App\Models\User::factory()->create();
$finding = Finding::factory()->for($tenant)->create([
'status' => Finding::STATUS_NEW,
]);
$service = app(FindingWorkflowService::class);
expect(fn () => $service->triage($finding, $tenant, $outsider))
->toThrow(NotFoundHttpException::class);
expect(fn () => $service->triage($finding, $tenant, $readonly))
->toThrow(AuthorizationException::class);
$triaged = $service->triage($finding, $tenant, $owner);
expect($triaged->status)->toBe(Finding::STATUS_TRIAGED);
});
Reference in New Issue View Git Blame Copy Permalink