bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
23a5696288fa7841b1162dfd8fcba3321483ab5d
crewli/api/tests/Feature/FormBuilder/Channels/SubmissionChannelAuthTest.php
bert.hausmans 1afe11609a test(form-builder): WS-6 v1.3-delta D2 tests 
~30 new tests + 6 modified covering D2 deliverables.

NEW test files:
- FormSubmissionSubmittedListenerOrderTest: rewritten — flips
  identity-match assertion from sync to ShouldQueue + adds AST-level
  structural guard that every queued listener has the
  apply_status=COMPLETED gate as an early statement
  (form-builder.queued-listener.skipped_apply_failed log line + ApplyStatus::COMPLETED check).
- TriggerPersonIdentityMatchOnFormSubmitTest: rewritten — drops
  failsafe-pad assertions; adds gate-skip tests (null/PENDING/PARTIAL/FAILED);
  invariant-violation throw test; broadcast-dispatch test.
- ApplyBindingsOnFormSubmitTest: extended — initial
  identity_match_status='pending' write, apply_completed_at on both
  paths, classifier-derived failure_response_code per exception subclass,
  unknown_error fallback, deadline wrapper invocation captured by
  test double, outer-transaction failure record.
- SyncTagPickerSelectionsOnSubmitGateTest (NEW): canonical skip-log
  assertion for null/PENDING/PARTIAL/FAILED apply_status; no-skip-log
  assertion for COMPLETED. Uses Log::spy because FormTagSyncService
  is final and can't be Mockery-mocked.
- FormBindingApplicatorDeadlineTest (NEW): withDeadline returns clone;
  no-deadline path; generous-deadline path; timeout exception thrown
  with correct submissionId + reasonCode (temporary_error inherited
  via FormBindingInfraException). Uses incident_report purpose for
  anonymous-allowed branch to avoid PersonProvisioner constraints.
- RetryServiceFailureClassifierTest (NEW): per-subclass
  failure_response_code mapping in recordFailure; apply_completed_at
  symmetry-fix coverage.
- SubmissionChannelAuthTest (NEW): submitter authorised, other user
  denied, missing submission denied, org admin currently denied
  (locks v1 contract per BACKLOG TECH-CHANNEL-AUTH-ORG-ADMIN).
- FormSubmissionResourceIdentityMatchTest: extended — DataProvider
  iterates over all six non-person purposes asserting
  identity_match=null per RFC §Q2 v1.3 contract.

MODIFIED to fit v1.3 layout:
- IdentityMatchOnSubmitTest: rewritten — directly invokes the listener
  with apply_status=COMPLETED pre-set, mirroring ApplyBindings'
  happy-path output (the test fixtures lack an identity-key binding
  so going through full event dispatch fails at PersonProvisioner).
  Drops the failsafe-pad assertion in test_public_submission_marked_pending;
  replaces with v1.3 contract: subject_type=null leaves
  identity_match_status untouched.
- TagPickerSyncListenerTest: same fix — sets apply_status=COMPLETED
  on the submission and invokes the listener directly.

Full suite: 1621 passing (4281 assertions). Larastan: 0 errors.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-08 03:20:27 +02:00

120 lines
4.2 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace Tests\Feature\FormBuilder\Channels;
use App\Models\FormBuilder\FormSchema;
use App\Models\FormBuilder\FormSubmission;
use App\Models\Organisation;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Broadcast;
use Tests\TestCase;
/**
* Per RFC-WS-6 §Q1 v1.3 addition 2.
*
* The submission.{submissionId} private channel authorises only the
* submitter (user whose id matches submissions.submitted_by_user_id).
* Org-admin access is deferred — see BACKLOG entry
* TECH-CHANNEL-AUTH-ORG-ADMIN.
*
* Broadcast::auth() drives the same callback path that Laravel's
* broadcasting auth middleware uses on a websocket subscription
* attempt. Tests pose as authenticated users and assert the boolean
* outcome.
*/
final class SubmissionChannelAuthTest extends TestCase
{
use RefreshDatabase;
private function authoriseSubscription(?User $user, FormSubmission $submission): bool
{
// Resolve the channel callback registered in routes/channels.php.
// Broadcast::channel() returns the manager; Broadcast::driver()
// exposes the channel callbacks. The cleanest contract test is
// to call the callback directly via the registered closure
// returned by getChannels().
$channels = Broadcast::getChannels();
$name = "submission.{$submission->id}";
foreach ($channels as $pattern => $callback) {
// Pattern is 'submission.{submissionId}'; convert to a regex
// so we can match the concrete channel name.
$regex = '/^'.str_replace(['{submissionId}', '.'], ['([^.]+)', '\\.'], $pattern).'$/';
if (! preg_match($regex, $name, $matches)) {
continue;
}
$result = $callback($user, $matches[1]);
return (bool) $result;
}
$this->fail("No channel callback registered for {$name}");
}
private function makeSubmission(?User $submitter): FormSubmission
{
$org = Organisation::factory()->create();
$schema = FormSchema::factory()->create(['organisation_id' => $org->id]);
return FormSubmission::factory()->create([
'form_schema_id' => $schema->id,
'organisation_id' => $org->id,
'submitted_by_user_id' => $submitter?->id,
]);
}
public function test_submitter_is_authorised(): void
{
$submitter = User::factory()->create();
$submission = $this->makeSubmission($submitter);
$this->assertTrue($this->authoriseSubscription($submitter, $submission));
}
public function test_other_authenticated_user_is_denied(): void
{
$submitter = User::factory()->create();
$other = User::factory()->create();
$submission = $this->makeSubmission($submitter);
$this->assertFalse($this->authoriseSubscription($other, $submission));
}
public function test_subscription_is_denied_when_submission_does_not_exist(): void
{
$user = User::factory()->create();
// Build a submission, then delete it so the FK lookup returns null.
$submission = $this->makeSubmission($user);
$submissionId = (string) $submission->id;
$submission->forceDelete();
// Reuse the submitter's User and a fake submission shell.
$shell = new FormSubmission;
$shell->id = $submissionId;
$this->assertFalse($this->authoriseSubscription($user, $shell));
}
public function test_org_admin_is_currently_denied_per_backlog_entry(): void
{
// Locks the v1 contract: even an org admin of the submission's
// organisation is denied because the canonical Spatie helper
// hasn't been audited yet. See BACKLOG entry
// TECH-CHANNEL-AUTH-ORG-ADMIN. When that lands, this test should
// flip to expectTrue() in the same PR as the auth-callback
// extension.
$orgAdmin = User::factory()->create();
$submitter = User::factory()->create();
$submission = $this->makeSubmission($submitter);
$this->assertFalse(
$this->authoriseSubscription($orgAdmin, $submission),
'V1 contract: org admins are NOT authorised. Flip with TECH-CHANNEL-AUTH-ORG-ADMIN.',
);
}
}
Reference in New Issue View Git Blame Copy Permalink