TenantAtlas/apps/platform/tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php

<?php

declare(strict_types=1);

use App\Filament\Resources\EvidenceSnapshotResource;
use App\Filament\Resources\FindingResource;
use App\Filament\Resources\ReviewPackResource;
use App\Filament\Resources\StoredReportResource;
use App\Models\Finding;
use App\Models\ManagedEnvironment;
use App\Models\ReviewPack;
use App\Models\StoredReport;
use App\Models\User;
use App\Models\Workspace;
use App\Models\WorkspaceMembership;
use Illuminate\Foundation\Testing\RefreshDatabase;

uses(RefreshDatabase::class);

pest()->browser()->timeout(20_000);

it('smokes governance artifact admin routes for one managed environment', function (): void {
    $workspace = Workspace::factory()->create([
        'name' => 'Spec 282 Workspace',
    ]);

    $tenant = ManagedEnvironment::factory()->active()->create([
        'workspace_id' => (int) $workspace->getKey(),
        'name' => 'Spec 282 Production',
        'slug' => 'spec-282-production',
    ]);

    $user = User::factory()->create();

    WorkspaceMembership::factory()->create([
        'workspace_id' => (int) $workspace->getKey(),
        'user_id' => (int) $user->getKey(),
        'role' => 'owner',
    ]);

    $user->tenants()->syncWithoutDetaching([
        (int) $tenant->getKey() => ['role' => 'owner'],
    ]);

    Finding::factory()->for($tenant)->create([
        'workspace_id' => (int) $workspace->getKey(),
    ]);

    $snapshot = seedTenantReviewEvidence($tenant);
    $review = composeTenantReviewForTest($tenant, $user, $snapshot);
    $report = StoredReport::query()
        ->where('managed_environment_id', (int) $tenant->getKey())
        ->where('workspace_id', (int) $tenant->workspace_id)
        ->where('report_type', StoredReport::REPORT_TYPE_PERMISSION_POSTURE)
        ->latest('id')
        ->firstOrFail();

    ReviewPack::factory()->ready()->create([
        'managed_environment_id' => (int) $tenant->getKey(),
        'workspace_id' => (int) $tenant->workspace_id,
        'tenant_review_id' => (int) $review->getKey(),
        'evidence_snapshot_id' => (int) $snapshot->getKey(),
        'initiated_by_user_id' => (int) $user->getKey(),
        'expires_at' => now()->addDay(),
    ]);

    $this->actingAs($user);

    visit(route('admin.workspace.managed-tenants.index', ['workspace' => $workspace]))
        ->waitForText('Spec 282 Production')
        ->click('[wire\\:key="tenant-'.$tenant->getKey().'"]')
        ->waitForText('Spec 282 Production')
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();

    visit(FindingResource::getUrl('index', tenant: $tenant, panel: 'admin'))
        ->waitForText('Findings')
        ->assertScript("window.location.pathname.includes('/admin/workspaces/{$workspace->getRouteKey()}/environments/{$tenant->getRouteKey()}/findings')", true)
        ->assertScript("!window.location.pathname.includes('/admin/t/')", true)
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();

    visit(ReviewPackResource::getUrl('index', tenant: $tenant, panel: 'admin'))
        ->waitForText('Review Packs')
        ->assertScript("window.location.pathname.includes('/admin/workspaces/{$workspace->getRouteKey()}/environments/{$tenant->getRouteKey()}/review-packs')", true)
        ->assertScript("!window.location.pathname.includes('/admin/t/')", true)
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();

    visit(EvidenceSnapshotResource::getUrl('view', ['record' => $snapshot], tenant: $tenant, panel: 'admin'))
        ->waitForText('Outcome summary')
        ->assertSee('Evidence snapshot #'.$snapshot->getKey())
        ->assertScript("window.location.pathname.includes('/admin/workspaces/{$workspace->getRouteKey()}/environments/{$tenant->getRouteKey()}/evidence/{$snapshot->getRouteKey()}')", true)
        ->assertScript("!window.location.pathname.includes('/admin/t/')", true)
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();

    visit(StoredReportResource::getUrl('index', tenant: $tenant, panel: 'admin'))
        ->waitForText('Stored reports')
        ->assertSee('Permission posture report')
        ->assertScript("window.location.pathname.includes('/admin/workspaces/{$workspace->getRouteKey()}/environments/{$tenant->getRouteKey()}/stored-reports')", true)
        ->assertScript("!window.location.pathname.includes('/admin/t/')", true)
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs()
        ->click('Permission posture report')
        ->waitForText('Permission posture summary')
        ->assertSee('Stored report')
        ->assertSee('Raw payload')
        ->assertScript("window.location.pathname.includes('/admin/workspaces/{$workspace->getRouteKey()}/environments/{$tenant->getRouteKey()}/stored-reports/{$report->getRouteKey()}')", true)
        ->assertScript("!window.location.pathname.includes('/admin/t/')", true)
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();
});