ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
e4db44f606
TenantAtlas/apps/platform/tests/Feature/Audit/ProviderConnectionConsentAuditTest.php
ahmido e64bae9cfc feat: cut over tenant core to managed environments (#335) 
## Summary
- replace the legacy Tenant and TenantMembership core models with ManagedEnvironment and ManagedEnvironmentMembership
- propagate the managed environment naming and key changes across Filament resources, pages, controllers, jobs, models, and supporting runtime paths
- add feature 279 spec artifacts and focused managed-environment test coverage for model behavior, route binding, panel context, authorization, and legacy guardrails

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentAuthorizationTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentPanelContextTest.php tests/Feature/ManagedEnvironment/ManagedEnvironmentRouteBindingTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentContextResolverTest.php tests/Unit/ManagedEnvironment/ManagedEnvironmentModelTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Notes
- branch pushed from commit `1123b122`
- browser smoke test file was added but not run in this pass

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #335
2026-05-07 06:38:14 +00:00

86 lines
3.3 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Models\AuditLog;
use App\Models\ProviderConnection;
use App\Models\ManagedEnvironment;
use App\Models\User;
use App\Models\Workspace;
use App\Support\Workspaces\WorkspaceContext;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
it('audits admin consent start with platform connection metadata', function (): void {
config()->set('graph.client_id', 'platform-app-id');
config()->set('graph.client_secret', 'platform-app-secret');
$workspace = Workspace::factory()->create();
$tenant = ManagedEnvironment::factory()->create([
'workspace_id' => (int) $workspace->getKey(),
'managed_environment_id' => 'tenant-consent-start',
'name' => 'ManagedEnvironment Consent Start',
]);
$user = User::factory()->create();
$this->actingAs($user)
->withSession([
WorkspaceContext::SESSION_KEY => (int) $workspace->getKey(),
])
->get(route('admin.consent.start', ['tenant' => $tenant->managed_environment_id]))
->assertRedirect();
$connection = ProviderConnection::query()
->where('managed_environment_id', (int) $tenant->getKey())
->where('provider', 'microsoft')
->firstOrFail();
$log = AuditLog::query()
->where('managed_environment_id', (int) $tenant->getKey())
->where('action', 'provider_connection.consent_started')
->latest('id')
->first();
expect($log)->not->toBeNull()
->and($log?->status)->toBe('success')
->and($log?->actor_id)->toBe((int) $user->getKey())
->and($log?->resource_type)->toBe('provider_connection')
->and($log?->resource_id)->toBe((string) $connection->getKey())
->and($log?->metadata['provider_connection_id'] ?? null)->toBe((int) $connection->getKey())
->and($log?->metadata['connection_type'] ?? null)->toBe('platform')
->and($log?->metadata['effective_client_id'] ?? null)->toBe('platform-app-id');
});
it('audits admin consent callback results with connection type and outcome metadata', function (): void {
$tenant = ManagedEnvironment::factory()->create([
'managed_environment_id' => 'tenant-consent-result',
'name' => 'ManagedEnvironment Consent Result',
]);
$this->get(route('admin.consent.callback', [
'tenant' => $tenant->managed_environment_id,
'admin_consent' => 'true',
]))->assertOk();
$connection = ProviderConnection::query()
->where('managed_environment_id', (int) $tenant->getKey())
->where('provider', 'microsoft')
->firstOrFail();
$log = AuditLog::query()
->where('managed_environment_id', (int) $tenant->getKey())
->where('action', 'provider_connection.consent_result')
->latest('id')
->first();
expect($log)->not->toBeNull()
->and($log?->status)->toBe('success')
->and($log?->resource_type)->toBe('provider_connection')
->and($log?->resource_id)->toBe((string) $connection->getKey())
->and($log?->metadata['provider_connection_id'] ?? null)->toBe((int) $connection->getKey())
->and($log?->metadata['connection_type'] ?? null)->toBe('platform')
->and($log?->metadata['consent_status'] ?? null)->toBe('granted')
->and($log?->metadata['verification_status'] ?? null)->toBe('unknown');
});
Reference in New Issue View Git Blame Copy Permalink