ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
b776623300
TenantAtlas/tests/Feature/ProviderConnections/AuthorizationSemanticsTest.php
ahmido e15eee8f26 fix: consolidate tenant creation + harden selection flows (#131) 
## Summary
- Removes the legacy Tenant CRUD create page (`/admin/tenants/create`) so tenant creation is handled exclusively via the onboarding wizard.
- Updates tenant selection flows and pages to prevent Livewire polling/notification-related 404s on workspace-scoped routes.
- Aligns empty-state UX with enterprise patterns (avoid duplicate CTAs).

## Key changes
- Tenant creation
  - Removed `CreateTenant` page + route from `TenantResource`.
  - `TenantResource::canCreate()` now returns `false` (CRUD creation disabled).
  - Tenants list now surfaces an **Add tenant** action that links to onboarding (`admin.onboarding`).
- Onboarding wizard
  - Removed redundant legacy step-cards from the blade view (Wizard schema is the source of truth).
  - Disabled topbar on the onboarding page to avoid lazy-loaded notifications.
- Choose tenant
  - Enterprise UI redesign + workspace context.
  - Uses Livewire `selectTenant()` instead of a form POST.
  - Disabled topbar and gated BODY_END hook to avoid background polling.
- Baseline profiles
  - Hide header create action when table is empty to avoid duplicate CTAs.

## Tests
- `vendor/bin/sail artisan test --compact --filter='Onboarding|ManagedTenantOnboarding'`
- `vendor/bin/sail artisan test --compact --filter='ManagedTenantsLivewireUpdate'`
- `vendor/bin/sail artisan test --compact --filter='TenantSetup|TenantResourceAuth|TenantAdminAuth|ListTenants'`
- `vendor/bin/sail artisan test --compact --filter='BaselineProfile'`
- `vendor/bin/sail artisan test --compact --filter='ChooseTenant|TenantMake|TenantScoping|AdminTenantScoped|AdminHomeRedirect|WorkspaceContext'`

## Notes
- Filament v5 / Livewire v4 compatible.
- No new assets introduced; no deploy pipeline changes required.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #131
2026-02-22 19:54:24 +00:00

31 lines
973 B
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Models\ProviderConnection;
use App\Models\Tenant;
use App\Models\User;
it('enforces 404 for non-members and 403 for missing manage capability on mutations', function (): void {
$tenant = Tenant::factory()->create();
$connection = ProviderConnection::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'provider' => 'microsoft',
]);
// Non-member outsider is redirected by workspace middleware (no workspace membership).
$outsider = User::factory()->create();
$this->actingAs($outsider)
->get('/admin/provider-connections/'.$connection->getKey().'/edit')
->assertRedirect();
[$readonly] = createUserWithTenant(tenant: $tenant, role: 'readonly');
$this->actingAs($readonly)
->get('/admin/provider-connections/create?tenant_id='.(string) $tenant->external_id)
->assertForbidden();
});
Reference in New Issue View Git Blame Copy Permalink