readProjectFile('pages/api/v1/tenants/show($id).php'); $this->assertStringContainsString("'region' => \$tenant['region'] ?? ''", $tenantShowContent); $this->assertStringContainsString("'vat_id' => \$tenant['vat_id'] ?? ''", $tenantShowContent); $this->assertStringContainsString("'support_email' => \$tenant['support_email'] ?? ''", $tenantShowContent); $this->assertStringContainsString("'billing_email' => \$tenant['billing_email'] ?? ''", $tenantShowContent); $this->assertStringContainsString("'primary_color_use_default' => \$primaryColor === ''", $tenantShowContent); $this->assertStringContainsString("'allow_user_theme_mode' => \$allowUserThemeMode", $tenantShowContent); } public function testApiUserWriteEndpointsUseUuidAssignmentInput(): void { $usersIndex = $this->readProjectFile('pages/api/v1/users/index().php'); $this->assertStringContainsString('UserApiWriteInputMapper::class', $usersIndex); $this->assertStringContainsString('->normalize($input)', $usersIndex); $usersShow = $this->readProjectFile('pages/api/v1/users/show($id).php'); $this->assertStringContainsString('UserApiWriteInputMapper::class', $usersShow); $this->assertStringContainsString('->normalize($input)', $usersShow); $mapper = $this->readProjectFile('core/Service/User/UserApiWriteInputMapper.php'); $this->assertStringContainsString("'tenant_ids' => 'use_tenant_uuids'", $mapper); $this->assertStringContainsString("'role_ids' => 'use_role_uuids'", $mapper); $this->assertStringContainsString("'department_ids' => 'use_department_uuids'", $mapper); $this->assertStringContainsString("'primary_tenant_id' => 'use_primary_tenant_uuid'", $mapper); } public function testApiDepartmentEndpointsUseTenantUuidAndNoTenantIdExposure(): void { $departmentIndex = $this->readProjectFile('pages/api/v1/departments/index().php'); $this->assertStringContainsString("ApiResponse::validationFromFormErrors(formErrorsFrom(['tenant_id' => ['use_tenant_uuid']]));", $departmentIndex); $this->assertStringContainsString("if (array_key_exists('tenant_uuid', \$input)) {", $departmentIndex); $departmentShow = $this->readProjectFile('pages/api/v1/departments/show($id).php'); $this->assertStringContainsString("'tenant_uuid' => \$tenantUuid", $departmentShow); $this->assertStringNotContainsString("'tenant_id' => \$department['tenant_id'] ?? null", $departmentShow); $this->assertStringContainsString("'cost_center' => \$department['cost_center'] ?? ''", $departmentShow); } public function testApiRoleShowIncludesPermissionKeys(): void { $roleShow = $this->readProjectFile('pages/api/v1/roles/show($id).php'); $this->assertStringContainsString('RolePermissionRepository::class', $roleShow); $this->assertStringContainsString('listPermissionKeysByRoleIds([$roleId])', $roleShow); $this->assertStringContainsString("'permission_keys' => \$permissionKeys", $roleShow); } }