TenantAtlas/apps/platform/tests/Browser/Spec340PostScopeContractVerificationSmokeTest.php

<?php

declare(strict_types=1);

use App\Filament\Pages\EnvironmentDashboard;
use App\Filament\Pages\Governance\DecisionRegister;
use App\Filament\Pages\Governance\GovernanceInbox;
use App\Filament\Pages\Monitoring\FindingExceptionsQueue;
use App\Filament\Pages\Reviews\CustomerReviewWorkspace;
use App\Filament\Pages\Reviews\ReviewRegister;
use App\Filament\Resources\BaselineProfileResource;
use App\Filament\Resources\BaselineSnapshotResource;
use App\Filament\Resources\ProviderConnectionResource;
use App\Support\ManagedEnvironmentLinks;
use App\Support\OperationRunLinks;
use Tests\Browser\Support\Spec322WorkspaceEnvironmentBrowserHarness as Spec322Harness;

pest()->browser()->timeout(120_000);

it('Spec340 verifies workspace and environment browser scope contracts without hidden remembered filters', function (): void {
    $fixture = Spec322Harness::fixture();

    Spec322Harness::authenticate($this, $fixture['user'], $fixture['workspace']);

    visit(route('admin.workspace.home', ['workspace' => $fixture['workspace']]))
        ->waitForText($fixture['workspace']->name)
        ->assertScript('document.querySelector("[data-testid=\"admin-sidebar-scope-indicator\"]")?.getAttribute("aria-label")?.includes("Workspace")', true)
        ->assertDontSee('Environment filter:')
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();

    $cleanWorkspaceSurfaces = [
        'operations hub' => [
            'url' => OperationRunLinks::index(workspace: $fixture['workspace']),
            'wide_text' => 'Operations Hub',
        ],
        'provider connections hub' => [
            'url' => ProviderConnectionResource::getUrl('index', panel: 'admin'),
            'wide_text' => 'Spec322 Browser Provider B',
        ],
        'evidence overview hub' => [
            'url' => route('admin.evidence.overview'),
            'wide_text' => $fixture['environmentB']->name,
        ],
        'alerts hub' => [
            'url' => route('filament.admin.alerts'),
            'wide_text' => 'Alerts',
        ],
        'audit log hub' => [
            'url' => route('admin.monitoring.audit-log'),
            'wide_text' => 'Audit Log',
        ],
        'review register hub' => [
            'url' => ReviewRegister::getUrl(panel: 'admin'),
            'wide_text' => 'Review Register',
        ],
        'customer review workspace hub' => [
            'url' => CustomerReviewWorkspace::getUrl(panel: 'admin'),
            'wide_text' => 'Customer Review Workspace',
        ],
        'governance inbox hub' => [
            'url' => GovernanceInbox::getUrl(panel: 'admin'),
            'wide_text' => 'Governance Inbox',
        ],
        'decision register hub' => [
            'url' => DecisionRegister::getUrl(panel: 'admin'),
            'wide_text' => 'Decision Register',
        ],
        'finding exceptions queue hub' => [
            'url' => FindingExceptionsQueue::getUrl(panel: 'admin'),
            'wide_text' => 'Finding exceptions',
        ],
        'baseline profiles workspace surface' => [
            'url' => BaselineProfileResource::getUrl('index', panel: 'admin'),
            'wide_text' => 'Baseline Profiles',
        ],
        'baseline snapshots workspace surface' => [
            'url' => BaselineSnapshotResource::getUrl('index', panel: 'admin'),
            'wide_text' => 'Baseline Snapshots',
        ],
    ];

    foreach ($cleanWorkspaceSurfaces as $surface) {
        $page = visit($surface['url']);

        Spec322Harness::assertWorkspaceOnly($page, $surface['wide_text'], $fixture['environmentA']->name);
    }

    Spec322Harness::authenticate($this, $fixture['user'], $fixture['workspace'], $fixture['environmentA']);

    visit(EnvironmentDashboard::getUrl(panel: 'admin', tenant: $fixture['environmentA']))
        ->waitForText($fixture['environmentA']->name)
        ->assertScript('window.location.pathname.includes("/workspaces/")', true)
        ->assertScript('window.location.pathname.includes("/environments/")', true)
        ->assertScript('document.querySelector("[data-testid=\"admin-sidebar-scope-indicator\"]")?.getAttribute("aria-label")?.includes("Environment")', true)
        ->assertScript('! window.location.search.includes("environment_id=")', true)
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();

    $rememberedEnvironmentCleanHub = visit(ProviderConnectionResource::getUrl('index', panel: 'admin'));
    Spec322Harness::assertWorkspaceOnly($rememberedEnvironmentCleanHub, 'Spec322 Browser Provider B', $fixture['environmentA']->name)
        ->assertScript('document.querySelector("a[href*=\'/admin/choose-workspace\']") instanceof HTMLAnchorElement', true)
        ->assertScript('Array.from(document.querySelectorAll("form[action*=\'/admin/select-environment\'] input[name=\'managed_environment_id\']")).length >= 2', true)
        ->assertScript('Array.from(document.querySelectorAll("form[action*=\'/admin/select-environment\']")).every((form) => ! form.action.includes("environment_id"))', true);
});

it('Spec340 verifies filtered hub reload history and provider connection authority contracts', function (): void {
    $fixture = Spec322Harness::fixture();

    Spec322Harness::authenticate($this, $fixture['user'], $fixture['workspace'], $fixture['environmentA']);

    $filteredOperations = visit(OperationRunLinks::index($fixture['environmentA']));
    Spec322Harness::assertFilteredWorkspaceHub($filteredOperations, $fixture['environmentA'], 'Inventory sync');

    $filteredOperations->script('window.location.reload();');
    Spec322Harness::assertFilteredWorkspaceHub($filteredOperations, $fixture['environmentA'], 'Inventory sync');

    $filteredProviderConnections = visit(ProviderConnectionResource::getUrl('index', [
        'environment_id' => (int) $fixture['environmentA']->getKey(),
    ], panel: 'admin'));
    Spec322Harness::assertFilteredWorkspaceHub($filteredProviderConnections, $fixture['environmentA'], 'Spec322 Browser Provider B');
    $filteredProviderConnections->assertScript(
        'Array.from(document.querySelectorAll("a[href*=\'/provider-connections/create\']")).some((element) => element.href.includes("environment_id="))',
        true,
    );

    Spec322Harness::clearWorkspaceHubEnvironmentFilter($filteredProviderConnections);
    Spec322Harness::assertWorkspaceOnly($filteredProviderConnections, 'Spec322 Browser Provider B', $fixture['environmentA']->name);

    $filteredProviderConnections->script('window.history.back();');
    Spec322Harness::assertFilteredWorkspaceHub($filteredProviderConnections, $fixture['environmentA'], 'Spec322 Browser Provider B');

    $filteredProviderConnections->script('window.history.forward();');
    Spec322Harness::assertWorkspaceOnly($filteredProviderConnections, 'Spec322 Browser Provider B', $fixture['environmentA']->name);

    visit(ProviderConnectionResource::getUrl('create', panel: 'admin'))
        ->assertScript('document.body.innerText.includes("403") || document.body.innerText.includes("Forbidden") || document.body.innerText.includes("404") || document.body.innerText.includes("Not Found")', true)
        ->assertNoJavaScriptErrors();

    visit(ProviderConnectionResource::getUrl('view', [
        'record' => $fixture['connectionA'],
    ], panel: 'admin'))
        ->waitForText('Spec322 Browser Provider A')
        ->assertSee($fixture['environmentA']->name)
        ->assertSee('Target scope')
        ->assertScript(
            '(() => { const environmentId = new URLSearchParams(window.location.search).get("environment_id"); return environmentId === null || environmentId === "'.((int) $fixture['environmentA']->getKey()).'"; })()',
            true,
        )
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();

    visit(ManagedEnvironmentLinks::providerConnectionUrl($fixture['connectionA'], 'edit', $fixture['environmentA']))
        ->waitForText('Spec322 Browser Provider A')
        ->assertScript('window.location.search.includes("environment_id=")', true)
        ->assertNoJavaScriptErrors()
        ->assertNoConsoleLogs();
});