ahmido
ce0615a9c1
## Summary - move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling - update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location - add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation` - integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404` ## Remaining Rollout Checks - validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout - confirm web, queue, and scheduler processes all start from the expected working directory in staging/production - verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #213
83 lines
2.6 KiB
PHP
83 lines
2.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Models\AuditLog;
|
|
use App\Services\OperationRunService;
|
|
use App\Support\Audit\AuditOutcome;
|
|
use App\Support\OperationRunOutcome;
|
|
use App\Support\OperationRunStatus;
|
|
|
|
it('writes a terminal audit row when an operation run completes', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$service = app(OperationRunService::class);
|
|
|
|
$run = $service->ensureRunWithIdentity(
|
|
tenant: $tenant,
|
|
type: 'inventory_sync',
|
|
identityInputs: ['selection_hash' => 'abc123'],
|
|
context: ['selection_hash' => 'abc123'],
|
|
initiator: $user,
|
|
);
|
|
|
|
$service->updateRun(
|
|
$run,
|
|
status: OperationRunStatus::Completed->value,
|
|
outcome: OperationRunOutcome::Succeeded->value,
|
|
summaryCounts: [
|
|
'total' => 3,
|
|
'processed' => 3,
|
|
'succeeded' => 3,
|
|
'failed' => 0,
|
|
],
|
|
);
|
|
|
|
$audit = AuditLog::query()
|
|
->where('operation_run_id', (int) $run->getKey())
|
|
->latest('id')
|
|
->first();
|
|
|
|
expect($audit)->not->toBeNull();
|
|
|
|
expect($audit?->action)->toBe('operation.completed')
|
|
->and($audit?->summaryText())->toBe('Inventory sync completed')
|
|
->and($audit?->resource_type)->toBe('operation_run')
|
|
->and((string) $audit?->resource_id)->toBe((string) $run->getKey())
|
|
->and($audit?->normalizedOutcome())->toBe(AuditOutcome::Success)
|
|
->and($audit?->actorDisplayLabel())->toBe($user->name)
|
|
->and(data_get($audit?->metadata, 'operation_type'))->toBe('inventory_sync');
|
|
});
|
|
|
|
it('writes blocked terminal audit semantics for blocked runs', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$service = app(OperationRunService::class);
|
|
|
|
$run = $service->ensureRunWithIdentity(
|
|
tenant: $tenant,
|
|
type: 'restore.execute',
|
|
identityInputs: ['restore_run_id' => 44],
|
|
context: ['restore_run_id' => 44],
|
|
initiator: $user,
|
|
);
|
|
|
|
$service->finalizeBlockedRun(
|
|
$run,
|
|
reasonCode: 'intune_rbac.not_configured',
|
|
message: 'Restore is blocked until RBAC is configured.',
|
|
);
|
|
|
|
$audit = AuditLog::query()
|
|
->where('operation_run_id', (int) $run->getKey())
|
|
->latest('id')
|
|
->first();
|
|
|
|
expect($audit)->not->toBeNull();
|
|
|
|
expect($audit?->action)->toBe('operation.blocked')
|
|
->and($audit?->summaryText())->toBe('Restore execution blocked')
|
|
->and($audit?->normalizedOutcome())->toBe(AuditOutcome::Blocked)
|
|
->and(data_get($audit?->metadata, 'failure_summary.0.reason_code'))->toBe('intune_rbac.not_configured');
|
|
});
|