dd9512ed10
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m12s
Replaced legacy tenant and environment bindings in the BaselineDriftEngine with the new ProviderResourceIdentity framework as defined in Spec 382.
129 lines
5.2 KiB
PHP
129 lines
5.2 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Resources\FindingResource\Pages\ListFindings;
|
|
use App\Models\Finding;
|
|
use App\Support\Baselines\BaselineSubjectKey;
|
|
use App\Support\Baselines\SubjectClass;
|
|
use Filament\Facades\Filament;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Livewire\Livewire;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
function findingsDefaultIndicatorLabels($component): array
|
|
{
|
|
return collect($component->instance()->getTable()->getFilterIndicators())
|
|
->map(fn ($indicator): string => (string) $indicator->getLabel())
|
|
->all();
|
|
}
|
|
|
|
it('defaults to a cross-lifecycle findings view across all finding types', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'manager');
|
|
$this->actingAs($user);
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$openDrift = Finding::factory()->for($tenant)->create([
|
|
'finding_type' => Finding::FINDING_TYPE_DRIFT,
|
|
'status' => Finding::STATUS_NEW,
|
|
]);
|
|
|
|
$openPermission = Finding::factory()->permissionPosture()->for($tenant)->create([
|
|
'status' => Finding::STATUS_TRIAGED,
|
|
]);
|
|
|
|
$openEntra = Finding::factory()->entraAdminRoles()->for($tenant)->create([
|
|
'status' => Finding::STATUS_IN_PROGRESS,
|
|
]);
|
|
|
|
$reopened = Finding::factory()->for($tenant)->create([
|
|
'finding_type' => Finding::FINDING_TYPE_DRIFT,
|
|
'status' => Finding::STATUS_REOPENED,
|
|
]);
|
|
|
|
$resolved = Finding::factory()->for($tenant)->create([
|
|
'status' => Finding::STATUS_RESOLVED,
|
|
]);
|
|
|
|
$closed = Finding::factory()->for($tenant)->create([
|
|
'status' => Finding::STATUS_CLOSED,
|
|
]);
|
|
|
|
$riskAccepted = Finding::factory()->for($tenant)->create([
|
|
'status' => Finding::STATUS_RISK_ACCEPTED,
|
|
]);
|
|
|
|
Livewire::test(ListFindings::class)
|
|
->assertCanSeeTableRecords([$openDrift, $openPermission, $openEntra, $reopened, $resolved, $closed, $riskAccepted]);
|
|
});
|
|
|
|
it('keeps findings list defaults calm with explicit sortability and hidden forensic detail', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'manager');
|
|
$this->actingAs($user);
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$component = Livewire::test(ListFindings::class);
|
|
$table = $component->instance()->getTable();
|
|
|
|
expect($table->getPaginationPageOptions())->toBe(\App\Support\Filament\TablePaginationProfiles::resource());
|
|
expect($table->getDefaultSortColumn())->toBe('created_at');
|
|
expect($table->getDefaultSortDirection())->toBe('desc');
|
|
expect($table->getEmptyStateHeading())->toBe('No findings match this view');
|
|
expect($table->getColumn('subject_display_name')?->isSearchable())->toBeTrue();
|
|
expect($table->getColumn('governance_validity'))->not->toBeNull();
|
|
expect($table->getColumn('due_at')?->isSortable())->toBeTrue();
|
|
expect($table->getColumn('evidence_fidelity')?->isToggledHiddenByDefault())->toBeTrue();
|
|
expect($table->getColumn('subject_type')?->isToggledHiddenByDefault())->toBeTrue();
|
|
expect($table->getColumn('subject_external_id')?->isToggledHiddenByDefault())->toBeTrue();
|
|
expect($table->getColumn('scope_key')?->isToggledHiddenByDefault())->toBeTrue();
|
|
expect(count($table->getVisibleColumns()))->toBeLessThanOrEqual(8);
|
|
expect($component->instance()->getTable()->getFilter('workflow_family'))->not->toBeNull();
|
|
expect($component->instance()->getTable()->getFilter('governance_validity'))->not->toBeNull();
|
|
});
|
|
|
|
it('defines created date-range narrowing with active indicators on the findings table', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'manager');
|
|
$this->actingAs($user);
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$component = Livewire::test(ListFindings::class)
|
|
->assertTableFilterExists('created_at')
|
|
->set('tableFilters.created_at.from', now()->subDay()->toDateString())
|
|
->set('tableFilters.created_at.until', now()->toDateString());
|
|
|
|
expect(findingsDefaultIndicatorLabels($component))
|
|
->toContain('Created from '.now()->subDay()->toFormattedDateString())
|
|
->toContain('Created until '.now()->toFormattedDateString());
|
|
});
|
|
|
|
it('shows evidence display-name fallback in the findings list when the subject external id is workspace-safe', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'manager');
|
|
$this->actingAs($user);
|
|
Filament::setTenant($tenant, true);
|
|
|
|
$subjectKey = baselineProviderResourceSubjectKeyForTest(
|
|
'intuneRoleDefinition',
|
|
'rbac-role-1',
|
|
SubjectClass::FoundationBacked,
|
|
);
|
|
$subjectExternalId = BaselineSubjectKey::workspaceSafeSubjectExternalId('intuneRoleDefinition', $subjectKey);
|
|
|
|
$finding = Finding::factory()->for($tenant)->create([
|
|
'finding_type' => Finding::FINDING_TYPE_DRIFT,
|
|
'subject_type' => 'policy',
|
|
'subject_external_id' => (string) $subjectExternalId,
|
|
'evidence_jsonb' => [
|
|
'policy_type' => 'intuneRoleDefinition',
|
|
'display_name' => 'Security Reader',
|
|
'summary' => [
|
|
'kind' => 'rbac_role_definition',
|
|
],
|
|
],
|
|
]);
|
|
|
|
Livewire::test(ListFindings::class)
|
|
->assertCanSeeTableRecords([$finding])
|
|
->assertSee('Security Reader');
|
|
});
|