ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
e15d80cca5
TenantAtlas/apps/platform/tests/Feature/Findings/FindingsClaimHandoffTest.php
ahmido 712576c447
Some checks failed
Main Confidence / confidence (push) Failing after 44s
Details
feat: add findings intake queue and stabilize follow-up regressions (#260) 
## Summary
- add the new admin findings intake queue at `/admin/findings/intake` with fixed `Unassigned` and `Needs triage` views, tenant-safe filtering, claim flow, and continuity into tenant finding detail and `My Findings`
- add Spec 222 artifacts (`spec`, `plan`, `tasks`, `research`, `data model`, `quickstart`, contract, checklist) and register the new admin page
- fix follow-up regressions uncovered during full-suite validation around findings action-surface declarations, findings list default columns, provider-blocked run messaging, operation catalog aliases, and workspace overview query volume

## Validation
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Findings/FindingsIntakeQueueTest.php tests/Feature/Authorization/FindingsIntakeAuthorizationTest.php tests/Feature/Findings/FindingsClaimHandoffTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact`

## Notes
- Filament remains on v5 with Livewire v4-compatible patterns
- provider registration remains unchanged in `apps/platform/bootstrap/providers.php`
- no new assets or schema changes are introduced

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #260
2026-04-21 22:54:08 +00:00

105 lines
3.8 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Filament\Pages\Findings\FindingsIntakeQueue;
use App\Filament\Pages\Findings\MyFindingsInbox;
use App\Models\AuditLog;
use App\Models\Finding;
use App\Models\Tenant;
use App\Models\User;
use App\Services\Findings\FindingWorkflowService;
use App\Support\Audit\AuditActionId;
use App\Support\Workspaces\WorkspaceContext;
use Livewire\Livewire;
it('mounts the claim confirmation and moves the finding into my findings without changing owner or lifecycle', function (): void {
$tenant = Tenant::factory()->create(['status' => 'active']);
[$user, $tenant] = createUserWithTenant($tenant, role: 'manager', workspaceRole: 'manager');
$owner = User::factory()->create();
createUserWithTenant($tenant, $owner, role: 'owner', workspaceRole: 'manager');
$finding = Finding::factory()->reopened()->for($tenant)->create([
'workspace_id' => (int) $tenant->workspace_id,
'owner_user_id' => (int) $owner->getKey(),
'assignee_user_id' => null,
'subject_external_id' => 'claimable',
]);
$this->actingAs($user);
setAdminPanelContext();
session()->put(WorkspaceContext::SESSION_KEY, (int) $tenant->workspace_id);
Livewire::actingAs($user)
->test(FindingsIntakeQueue::class)
->assertTableActionVisible('claim', $finding)
->mountTableAction('claim', $finding)
->callMountedTableAction()
->assertCanNotSeeTableRecords([$finding]);
$finding->refresh();
expect((int) $finding->assignee_user_id)->toBe((int) $user->getKey())
->and((int) $finding->owner_user_id)->toBe((int) $owner->getKey())
->and($finding->status)->toBe(Finding::STATUS_REOPENED);
$audit = AuditLog::query()
->where('tenant_id', (int) $tenant->getKey())
->where('resource_type', 'finding')
->where('resource_id', (string) $finding->getKey())
->where('action', AuditActionId::FindingAssigned->value)
->latest('id')
->first();
expect($audit)->not->toBeNull()
->and(data_get($audit?->metadata ?? [], 'assignee_user_id'))->toBe((int) $user->getKey())
->and(data_get($audit?->metadata ?? [], 'owner_user_id'))->toBe((int) $owner->getKey());
Livewire::actingAs($user)
->test(MyFindingsInbox::class)
->assertCanSeeTableRecords([$finding]);
});
it('refuses a stale claim after another operator already claimed the finding first', function (): void {
$tenant = Tenant::factory()->create(['status' => 'active']);
[$operatorA, $tenant] = createUserWithTenant($tenant, role: 'manager', workspaceRole: 'manager');
$operatorB = User::factory()->create();
createUserWithTenant($tenant, $operatorB, role: 'manager', workspaceRole: 'manager');
$finding = Finding::factory()->for($tenant)->create([
'workspace_id' => (int) $tenant->workspace_id,
'status' => Finding::STATUS_NEW,
'assignee_user_id' => null,
]);
$this->actingAs($operatorA);
setAdminPanelContext();
session()->put(WorkspaceContext::SESSION_KEY, (int) $tenant->workspace_id);
$component = Livewire::actingAs($operatorA)
->test(FindingsIntakeQueue::class)
->mountTableAction('claim', $finding);
app(FindingWorkflowService::class)->claim($finding, $tenant, $operatorB);
$component
->callMountedTableAction();
expect((int) $finding->refresh()->assignee_user_id)->toBe((int) $operatorB->getKey());
Livewire::actingAs($operatorA)
->test(FindingsIntakeQueue::class)
->assertCanNotSeeTableRecords([$finding]);
expect(
AuditLog::query()
->where('tenant_id', (int) $tenant->getKey())
->where('resource_type', 'finding')
->where('resource_id', (string) $finding->getKey())
->where('action', AuditActionId::FindingAssigned->value)
->count()
)->toBe(1);
});
Reference in New Issue View Git Blame Copy Permalink