readProjectFile('pages/admin/tenants/index().php'); $this->assertStringContainsString('AuthorizationService::class', $indexContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW', $indexContent); $dataContent = $this->readProjectFile('pages/admin/tenants/data().php'); $this->assertStringContainsString('Guard::requireAbilityDecisionOrForbidden(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW);', $dataContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW', $dataContent); $createContent = $this->readProjectFile('pages/admin/tenants/create().php'); $this->assertStringContainsString('actionCreateContext(', $createContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CREATE', $createContent); $editContent = $this->readProjectFile('pages/admin/tenants/edit($id).php'); $this->assertStringContainsString('AuthorizationService::class', $editContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_EDIT_CONTEXT', $editContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_EDIT_SUBMIT', $editContent); $customFieldCreate = $this->readProjectFile('pages/admin/tenants/custom-field-create($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE', $customFieldCreate); $customFieldUpdate = $this->readProjectFile('pages/admin/tenants/custom-field-update($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE', $customFieldUpdate); $customFieldDelete = $this->readProjectFile('pages/admin/tenants/custom-field-delete($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE', $customFieldDelete); } public function testAdminTenantDeleteUsesCentralPolicy(): void { $deleteContent = $this->readProjectFile('pages/admin/tenants/delete($id).php'); $this->assertStringContainsString('AuthorizationService::class', $deleteContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_DELETE', $deleteContent); } public function testAdminTenantMediaEndpointsUseCentralPolicies(): void { $logoView = $this->readProjectFile('pages/admin/tenants/logo-file().php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_LOGO_VIEW', $logoView); $logoUpload = $this->readProjectFile('pages/admin/tenants/logo($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $logoUpload); $logoDelete = $this->readProjectFile('pages/admin/tenants/logo-delete($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $logoDelete); $faviconUpload = $this->readProjectFile('pages/admin/tenants/favicon($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $faviconUpload); $faviconDelete = $this->readProjectFile('pages/admin/tenants/favicon-delete($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $faviconDelete); } }