readProjectFile('pages/admin/tenants/index().php'); $this->assertStringContainsString('AuthorizationService::class', $indexContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW', $indexContent); $dataContent = $this->readProjectFile('pages/admin/tenants/data().php'); $this->assertStringContainsString('Guard::requireAbilityDecisionOrForbidden(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW);', $dataContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW', $dataContent); $createContent = $this->readProjectFile('pages/admin/tenants/create().php'); $this->assertStringContainsString('AuthorizationService::class', $createContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CREATE', $createContent); $editContent = $this->readProjectFile('pages/admin/tenants/edit($id).php'); $this->assertStringContainsString('AuthorizationService::class', $editContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_EDIT_CONTEXT', $editContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_EDIT_SUBMIT', $editContent); $customFieldCreate = $this->readProjectFile('pages/admin/tenants/custom-field-create($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE', $customFieldCreate); $customFieldUpdate = $this->readProjectFile('pages/admin/tenants/custom-field-update($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE', $customFieldUpdate); $customFieldDelete = $this->readProjectFile('pages/admin/tenants/custom-field-delete($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE', $customFieldDelete); } public function testAdminTenantDeleteUsesCentralPolicy(): void { $deleteContent = $this->readProjectFile('pages/admin/tenants/delete($id).php'); $this->assertStringContainsString('AuthorizationService::class', $deleteContent); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_DELETE', $deleteContent); } public function testAdminTenantMediaEndpointsUseCentralPolicies(): void { $avatarView = $this->readProjectFile('pages/admin/tenants/avatar-file().php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_AVATAR_VIEW', $avatarView); $avatarUpload = $this->readProjectFile('pages/admin/tenants/avatar($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $avatarUpload); $avatarDelete = $this->readProjectFile('pages/admin/tenants/avatar-delete($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $avatarDelete); $faviconUpload = $this->readProjectFile('pages/admin/tenants/favicon($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $faviconUpload); $faviconDelete = $this->readProjectFile('pages/admin/tenants/favicon-delete($id).php'); $this->assertStringContainsString('TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE', $faviconDelete); } }