TenantAtlas/apps/platform/tests/Feature/Filament/TenantDiagnosticsRepairsTest.php

<?php

declare(strict_types=1);

use App\Filament\Pages\TenantDiagnostics;
use App\Models\AuditLog;
use App\Models\TenantMembership;
use App\Support\Audit\AuditActionId;
use App\Support\Rbac\UiTooltips;
use Filament\Actions\Action;
use Filament\Facades\Filament;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\DB;
use Livewire\Livewire;

uses(RefreshDatabase::class);

describe('Tenant diagnostics repairs', function () {
    it('hides repair actions when no defect is present', function () {
        [$owner, $tenant] = createUserWithTenant(role: 'owner');

        $this->actingAs($owner);

        Filament::setTenant($tenant, true);

        Livewire::test(TenantDiagnostics::class)
            ->assertSee('All good')
            ->assertActionHidden('bootstrapOwner')
            ->assertActionHidden('mergeDuplicateMemberships');
    });

    it('allows an authorized member to bootstrap an owner when a tenant has no owners', function () {
        [$manager, $tenant] = createUserWithTenant(role: 'manager');

        $this->actingAs($manager);

        Filament::setTenant($tenant, true);

        expect(TenantMembership::query()
            ->where('tenant_id', (int) $tenant->getKey())
            ->where('role', 'owner')
            ->count())->toBe(0);

        Livewire::test(TenantDiagnostics::class)
            ->assertSee('Missing owner')
            ->assertActionVisible('bootstrapOwner')
            ->assertActionEnabled('bootstrapOwner')
            ->mountAction('bootstrapOwner')
            ->callMountedAction()
            ->assertSuccessful();

        expect(TenantMembership::query()
            ->where('tenant_id', (int) $tenant->getKey())
            ->where('role', 'owner')
            ->count())->toBe(1);

        expect(AuditLog::query()
            ->where('tenant_id', (int) $tenant->getKey())
            ->where('action', AuditActionId::TenantMembershipBootstrapRecover->value)
            ->exists())->toBeTrue();
    });

    it('shows repair actions as disabled for readonly members', function () {
        [$readonly, $tenant] = createUserWithTenant(role: 'readonly');

        $this->actingAs($readonly);

        Filament::setTenant($tenant, true);

        // Force missing-owner state.
        TenantMembership::query()
            ->where('tenant_id', (int) $tenant->getKey())
            ->update(['role' => 'readonly']);

        Livewire::test(TenantDiagnostics::class)
            ->assertActionVisible('bootstrapOwner')
            ->assertActionDisabled('bootstrapOwner')
            ->assertActionExists('bootstrapOwner', function (Action $action): bool {
                return $action->getTooltip() === UiTooltips::INSUFFICIENT_PERMISSION;
            });
    });

    it('merges duplicate memberships for the current user (diagnostics repair)', function () {
        [$owner, $tenant] = createUserWithTenant(role: 'owner');

        $this->actingAs($owner);

        Filament::setTenant($tenant, true);

        // Intentionally create a broken state by temporarily dropping the unique uniqueness enforcement.
        // Tests typically run on SQLite, which uses a unique index rather than a named table constraint.
        $driver = DB::getDriverName();
        if ($driver === 'sqlite') {
            DB::statement('DROP INDEX tenant_memberships_tenant_id_user_id_unique');
        } else {
            DB::statement('ALTER TABLE tenant_memberships DROP CONSTRAINT tenant_memberships_tenant_id_user_id_unique');
        }

        TenantMembership::query()->create([
            'tenant_id' => (int) $tenant->getKey(),
            'user_id' => (int) $owner->getKey(),
            'role' => 'readonly',
            'source' => 'manual',
            'created_by_user_id' => (int) $owner->getKey(),
        ]);

        expect(TenantMembership::query()
            ->where('tenant_id', (int) $tenant->getKey())
            ->where('user_id', (int) $owner->getKey())
            ->count())->toBeGreaterThan(1);

        Livewire::test(TenantDiagnostics::class)
            ->assertActionVisible('mergeDuplicateMemberships')
            ->assertActionEnabled('mergeDuplicateMemberships')
            ->mountAction('mergeDuplicateMemberships')
            ->callMountedAction()
            ->assertSuccessful();

        expect(TenantMembership::query()
            ->where('tenant_id', (int) $tenant->getKey())
            ->where('user_id', (int) $owner->getKey())
            ->count())->toBe(1);

        expect(AuditLog::query()
            ->where('tenant_id', (int) $tenant->getKey())
            ->where('action', AuditActionId::TenantMembershipDuplicatesMerged->value)
            ->exists())->toBeTrue();
    });
});