ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
ccfd491260
TenantAtlas/tests/Feature/Filament/BackupSetUiEnforcementTest.php
Ahmed Darrazi 95ccc3008c feat: enforce Filament RBAC via UiEnforcement v2
2026-01-30 17:51:24 +01:00

72 lines
2.2 KiB
PHP
Raw Blame History

<?php
use App\Filament\Resources\BackupSetResource;
use App\Filament\Resources\BackupSetResource\Pages\ListBackupSets;
use App\Models\BackupSet;
use App\Models\Tenant;
use App\Models\User;
use App\Support\Auth\UiTooltips;
use Filament\Facades\Filament;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Http;
use Livewire\Livewire;
uses(RefreshDatabase::class);
beforeEach(function (): void {
Http::preventStrayRequests();
});
test('non-members are denied access to BackupSet tenant routes (404)', function () {
$tenant = Tenant::factory()->create();
$otherTenant = Tenant::factory()->create();
[$user] = createUserWithTenant($otherTenant, role: 'owner');
$this->actingAs($user)
->get(BackupSetResource::getUrl('index', tenant: $tenant))
->assertStatus(404);
});
test('members without capability see BackupSet actions disabled with standard tooltip and cannot execute', function () {
$tenant = Tenant::factory()->create();
[$user] = createUserWithTenant($tenant, role: 'readonly');
$backupSet = BackupSet::factory()->create([
'tenant_id' => $tenant->getKey(),
'status' => 'completed',
'deleted_at' => null,
]);
Filament::setTenant($tenant, true);
Livewire::actingAs($user)
->test(ListBackupSets::class)
->assertTableActionDisabled('archive', $backupSet)
->assertTableActionExists('archive', fn ($action): bool => $action->getTooltip() === UiTooltips::insufficientPermission(), $backupSet)
->callTableAction('archive', $backupSet);
expect($backupSet->fresh()->trashed())->toBeFalse();
});
test('members with capability can execute BackupSet actions', function () {
$tenant = Tenant::factory()->create();
[$user] = createUserWithTenant($tenant, role: 'owner');
$backupSet = BackupSet::factory()->create([
'tenant_id' => $tenant->getKey(),
'status' => 'completed',
'deleted_at' => null,
]);
Filament::setTenant($tenant, true);
Livewire::actingAs($user)
->test(ListBackupSets::class)
->assertTableActionEnabled('archive', $backupSet)
->callTableAction('archive', $backupSet);
expect($backupSet->fresh()->trashed())->toBeTrue();
});
Reference in New Issue View Git Blame Copy Permalink