43 lines
1.4 KiB
PHP
43 lines
1.4 KiB
PHP
<?php
|
|
|
|
use App\Models\PlatformUser;
|
|
use App\Models\Tenant;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
it('keeps the guest entry surfaces reachable after relocation', function (): void {
|
|
$this->get('/')->assertSuccessful();
|
|
$this->get('/admin')->assertRedirectContains('/admin/login');
|
|
$this->get('/admin/choose-workspace')->assertRedirectContains('/admin/login');
|
|
$this->get('/system')->assertRedirectContains('/system/login');
|
|
});
|
|
|
|
it('keeps choose workspace reachable for authenticated workspace members', function (): void {
|
|
[$user] = createUserWithTenant(role: 'owner');
|
|
|
|
$this->actingAs($user)
|
|
->get('/admin/choose-workspace')
|
|
->assertSuccessful();
|
|
});
|
|
|
|
it('preserves deny as not found semantics for non member tenant backup set access', function (): void {
|
|
$tenant = Tenant::factory()->create();
|
|
[$user] = createUserWithTenant(role: 'owner');
|
|
|
|
$this->actingAs($user)
|
|
->get('/admin/t/'.$tenant->external_id.'/backup-sets')
|
|
->assertNotFound();
|
|
});
|
|
|
|
it('preserves forbidden semantics for authenticated platform users without system access capability', function (): void {
|
|
$platformUser = PlatformUser::factory()->create([
|
|
'capabilities' => [],
|
|
'is_active' => true,
|
|
]);
|
|
|
|
$this->actingAs($platformUser, 'platform')
|
|
->get('/system')
|
|
->assertForbidden();
|
|
});
|