TenantAtlas/apps/platform/tests/Feature/Filament/AuditLogDetailInspectionTest.php

<?php

declare(strict_types=1);

use App\Filament\Pages\Monitoring\AuditLog as AuditLogPage;
use App\Models\AuditLog as AuditLogModel;
use App\Models\BackupSet;
use App\Models\Tenant;
use App\Models\User;
use Filament\Facades\Filament;
use Livewire\Features\SupportTesting\Testable;
use Livewire\Livewire;

function auditLogDetailTestComponent(User $user, ?Tenant $tenant = null, ?int $selectedAuditLogId = null): Testable
{
    test()->actingAs($user);
    Filament::setTenant($tenant, true);

    if ($selectedAuditLogId !== null) {
        return Livewire::withQueryParams(['event' => $selectedAuditLogId])
            ->actingAs($user)
            ->test(AuditLogPage::class);
    }

    return Livewire::actingAs($user)->test(AuditLogPage::class);
}

function auditLogDetailTestRecord(Tenant $tenant, array $attributes = []): AuditLogModel
{
    return AuditLogModel::query()->create(array_merge([
        'workspace_id' => (int) $tenant->workspace_id,
        'tenant_id' => (int) $tenant->getKey(),
        'actor_email' => 'auditor@example.com',
        'actor_name' => 'Audit Operator',
        'action' => 'backup.created',
        'status' => 'success',
        'resource_type' => 'backup_set',
        'resource_id' => '1',
        'summary' => 'Backup set created',
        'metadata' => [
            'item_count' => 12,
        ],
        'recorded_at' => now(),
    ], $attributes));
}

it('shows readable detail sections and a related link for an accessible target', function (): void {
    [$user, $tenant] = createUserWithTenant(role: 'owner');

    $backupSet = BackupSet::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'name' => 'Nightly iOS backup',
    ]);

    $audit = auditLogDetailTestRecord($tenant, [
        'resource_id' => (string) $backupSet->getKey(),
        'target_label' => $backupSet->name,
        'summary' => 'Backup set created for Nightly iOS backup',
    ]);

    auditLogDetailTestComponent($user, selectedAuditLogId: (int) $audit->getKey())
        ->assertCanSeeTableRecords([$audit])
        ->assertSet('selectedAuditLogId', (int) $audit->getKey())
        ->assertSee('Readable context')
        ->assertSee('Technical metadata')
        ->assertSee('Nightly iOS backup')
        ->assertSee('Open backup set');
});

it('keeps deleted targets readable while suppressing their drill-down link', function (): void {
    [$user, $tenant] = createUserWithTenant(role: 'owner');

    $backupSet = BackupSet::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'name' => 'Archived backup',
    ]);

    $backupSet->delete();

    $audit = auditLogDetailTestRecord($tenant, [
        'action' => 'backup.archived',
        'resource_id' => (string) $backupSet->getKey(),
        'target_label' => 'Archived backup',
        'summary' => 'Backup set archived for Archived backup',
    ]);

    auditLogDetailTestComponent($user, selectedAuditLogId: (int) $audit->getKey())
        ->assertCanSeeTableRecords([$audit])
        ->assertSet('selectedAuditLogId', (int) $audit->getKey())
        ->assertSee('Archived backup')
        ->assertSee('Technical metadata')
        ->assertDontSee('Open backup set');
});