bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
545d6d4cd05b2a0b53fa11d03d740ffeb628ed76
crewli/api/tests/Feature/FormBuilder/Options/FormFieldOptionsActivityLogTest.php
bert.hausmans a791a276fa fix(form-builder): canonicalize JSON for byte-stable storage (WS-6) 
MySQL 8.0 JSON columns may reorder associative-array keys on
round-trip. For audit-immutable values (schema snapshots, webhook
payloads, activity log diffs), this is corrupting: re-emits produce
different byte sequences for the same logical content.

Introduced JsonCanonicalizer (recursive ksort on associative arrays;
numeric-indexed lists preserve order) and applied at every writer
site that produces byte-stable JSON:

- FormSubmissionService: canonicalize the schema_snapshot array
  before storage (audit-immutable per ARCH §4.3, RFC-WS-6 v1.1).
- FormField::logFieldChange / FormSchema::logSchemaChange: canonicalize
  activity-log properties before withProperties() so old/new diffs
  read back byte-stable.
- BindingActivityLogger: canonicalize both the pass-level and
  per-binding activity properties.
- FormWebhookDispatcher: canonicalize payload_snapshot before
  storage (delivery-time HMAC re-encodes the same canonical bytes).
- DeliverFormWebhookJob: switched json_encode to
  JsonCanonicalizer::encode for the HMAC-signed body, so the
  signature is byte-stable across re-deliveries and reproducible by
  receivers from the same logical payload.

Sites NOT canonicalized (deliberate):
- form_schemas.settings — opaque UI config; key order has no
  semantic meaning, no byte-stability requirement.
- form_schemas.translations / form_fields.translations — read by
  display layer; key order doesn't matter.
- form_templates.schema_snapshot — user-supplied input via store/
  update; user is the source of truth, not audit-immutable in the
  same way as form_submissions.schema_snapshot.

Reverted the 7 assertEquals workarounds from session 2.6:
- ConditionalLogicActivityLogPayloadTest
- ConditionalLogicBackfillTest::test_rollback_reconstructs_canonical_json
- FormFieldBindingMigrationTest::test_rollback_reconstructs_json_and_drops_table
- FormFieldOptionServiceAndScopeTest::test_replace_options_emits_activity_log_on_field_only
- FormFieldOptionsActivityLogTest::test_field_updated_payload_contains_options_diff_when_options_change
- FormFieldOptionsBackfillTest::test_forward_migration_backfills_rows_strips_translations_and_rewrites_snapshot
- FormFieldOptionsSnapshotAndStrictRequestTest::test_submission_snapshot_embeds_rich_shape_options

Each now uses assertSame on JsonCanonicalizer::encode of both sides —
byte-stable comparison meaningful regardless of MySQL JSON storage
behavior.

New regression test SchemaSnapshotByteStableAcrossReemitsTest
exercises the contract end-to-end: complex schema with bindings,
validation rules, options, conditional logic, submitted; reads
schema_snapshot via three roads (Eloquent cast, fresh model, raw
bytes) and asserts the canonical encode is identical.

ARCH-FORM-BUILDER.md §4.6.1 gets a "Byte-stability" sub-section
explaining what's canonicalized and why.

Test count: 1388 → 1400 (+11 JsonCanonicalizer unit, +1 snapshot
regression). Larastan clean. Rector dry-run unchanged at 355.

Refs: WS-6 session 2.6 deviation #4 cleanup, RFC-WS-6 v1.1

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-29 00:11:18 +02:00

154 lines
5.7 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace Tests\Feature\FormBuilder\Options;
use App\Enums\FormBuilder\FormFieldType;
use App\Models\FormBuilder\FormField;
use App\Models\FormBuilder\FormFieldLibrary;
use App\Models\FormBuilder\FormSchema;
use App\Models\Organisation;
use App\Services\FormBuilder\FormFieldOptionService;
use App\Services\FormBuilder\FormFieldService;
use App\Support\Json\JsonCanonicalizer;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Spatie\Activitylog\Models\Activity;
use Tests\TestCase;
/**
* Dual-emit pattern for option changes per ARCH §17.6.3 (mirrors the
* §8.6 / §17.4.2 convention from WS-5b/c): every options change on a
* FormField emits both `field.updated` (carrying the old/new diff in
* its payload) and `field.options_replaced` (semantic event from
* FormFieldOptionService::replaceOptions). FormFieldLibrary writes are
* silent.
*/
final class FormFieldOptionsActivityLogTest extends TestCase
{
use RefreshDatabase;
public function test_field_updated_payload_contains_options_diff_when_options_change(): void
{
$org = Organisation::factory()->create();
$schema = FormSchema::factory()->create(['organisation_id' => $org->id]);
$field = FormField::factory()
->withOptions(['a', 'b'])
->create([
'form_schema_id' => $schema->id,
'field_type' => FormFieldType::SELECT->value,
'slug' => 'colour',
'label' => 'Colour',
]);
// Suppress prior activity (factory creation) and re-bound the
// window for assertion clarity.
Activity::query()->delete();
app(FormFieldService::class)->update($field, [
'options' => [
['value' => 'a', 'label' => 'A', 'sort_order' => 0],
['value' => 'b', 'label' => 'b', 'sort_order' => 1],
['value' => 'c', 'label' => 'c', 'sort_order' => 2],
],
]);
$event = Activity::query()
->where('subject_type', 'form_field')
->where('subject_id', $field->id)
->where('description', 'field.updated')
->first();
$this->assertNotNull($event);
$payload = $event->properties->toArray();
$this->assertArrayHasKey('options', $payload['old']);
$this->assertArrayHasKey('options', $payload['new']);
// RFC-WS-6 session 2.7: activity log properties are canonicalized
// at write; assertSame on canonical encodings of both sides is
// byte-stable across MySQL JSON-column round-trip.
$this->assertSame(
JsonCanonicalizer::encode([
['value' => 'a', 'label' => 'a', 'sort_order' => 0],
['value' => 'b', 'label' => 'b', 'sort_order' => 1],
]),
JsonCanonicalizer::encode($payload['old']['options']),
);
$this->assertSame(
JsonCanonicalizer::encode([
['value' => 'a', 'label' => 'A', 'sort_order' => 0],
['value' => 'b', 'label' => 'b', 'sort_order' => 1],
['value' => 'c', 'label' => 'c', 'sort_order' => 2],
]),
JsonCanonicalizer::encode($payload['new']['options']),
);
}
public function test_field_updated_payload_omits_options_key_when_only_label_changed(): void
{
$org = Organisation::factory()->create();
$schema = FormSchema::factory()->create(['organisation_id' => $org->id]);
$field = FormField::factory()
->withOptions(['a', 'b'])
->create([
'form_schema_id' => $schema->id,
'field_type' => FormFieldType::SELECT->value,
'slug' => 'choice',
'label' => 'Old',
]);
Activity::query()->delete();
app(FormFieldService::class)->update($field, [
'label' => 'New',
]);
$event = Activity::query()
->where('subject_type', 'form_field')
->where('subject_id', $field->id)
->where('description', 'field.updated')
->first();
$this->assertNotNull($event);
$payload = $event->properties->toArray();
$this->assertArrayNotHasKey('options', $payload['old']);
$this->assertArrayNotHasKey('options', $payload['new']);
}
public function test_options_replaced_emits_on_form_field_subject(): void
{
$org = Organisation::factory()->create();
$schema = FormSchema::factory()->create(['organisation_id' => $org->id]);
$field = FormField::factory()->create([
'form_schema_id' => $schema->id,
'field_type' => FormFieldType::SELECT->value,
]);
Activity::query()->delete();
app(FormFieldOptionService::class)->replaceOptions($field, [
['value' => 'x', 'label' => 'X', 'sort_order' => 0],
]);
$this->assertNotNull(Activity::query()
->where('subject_type', 'form_field')
->where('subject_id', $field->id)
->where('description', 'field.options_replaced')
->first());
}
public function test_options_replaced_silent_on_library_subject(): void
{
$org = Organisation::factory()->create();
$library = FormFieldLibrary::factory()->create(['organisation_id' => $org->id]);
Activity::query()->delete();
app(FormFieldOptionService::class)->replaceOptions($library, [
['value' => 'x', 'label' => 'X', 'sort_order' => 0],
]);
$this->assertNull(Activity::query()
->where('subject_type', 'form_field_library')
->where('description', 'field.options_replaced')
->first());
}
}
Reference in New Issue View Git Blame Copy Permalink