1
0
Files
breadcrumb-the-shire/modules/helpdesk/tests/Module/Helpdesk/Service/DomainSecurityLevelServiceTest.php
fs fb86c02427 fix(helpdesk): repair security-level persistence, enrichment, and list UX
Saving security levels appeared broken in both the domain detail view and
the domains grid. Root causes:

- Repository never unwrapped MintyPHP DB rows (nested by table name), so
  reads always returned defaults even though writes succeeded.
- Batch queries bound tenant_id last while SQL expected it first, so
  list/detail enrichment for the grid matched nothing.
- Detail page AJAX submit looked up CSRF via a non-existent data attribute
  and dropped the note field entirely.
- Endpoint used a hand-rolled CSRF check instead of Session::checkCsrfToken().

Fixes:
- DomainSecurityLevelRepository: use RepositoryArrayHelper::unwrap(List),
  swap param order in listLevelsByDomainNos / listDetailsByDomainNos,
  centralize table name in a const.
- security-level-data endpoint: canonical Session::checkCsrfToken(),
  unified JSON/PRG error path with proper HTTP status codes and flash.
- Detail page: drop broken AJAX hijack, rely on native form POST + PRG
  (GR-CORE-012).
- Grid list: refetch via gridRef.grid.forceRender() after dialog save
  instead of DOM-only mutation, so Grid.js internal state stays in sync.
- Add dedicated Note column next to the badge with ellipsis + title
  tooltip.
- Replace console.* in the dialog with showAsyncFlash for user-visible
  errors; add i18n keys (de/en) for all error messages.
- Drop unused postAction import and TENANT_ID_OTHER test constant.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 14:04:21 +02:00

141 lines
5.2 KiB
PHP

<?php
namespace MintyPHP\Tests\Module\Helpdesk\Service;
use MintyPHP\Module\Helpdesk\Repository\DomainSecurityLevelRepository;
use MintyPHP\Module\Helpdesk\Service\DomainSecurityLevelService;
use PHPUnit\Framework\TestCase;
class DomainSecurityLevelServiceTest extends TestCase
{
private const TENANT_ID = 1;
public function testGetLevelReturnsDefaultForUnknownDomain(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->method('findByTenantAndDomainNo')->willReturn(null);
$service = new DomainSecurityLevelService($repository);
$this->assertSame('normal', $service->getLevel(self::TENANT_ID, 'DNS00001'));
}
public function testGetLevelReturnsStoredValue(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->method('findByTenantAndDomainNo')->willReturn([
'security_level' => 'kritisch',
]);
$service = new DomainSecurityLevelService($repository);
$this->assertSame('kritisch', $service->getLevel(self::TENANT_ID, 'DNS00001'));
}
public function testGetLevelDefaultsOnInvalidStoredValue(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->method('findByTenantAndDomainNo')->willReturn([
'security_level' => 'ungueltig',
]);
$service = new DomainSecurityLevelService($repository);
$this->assertSame('normal', $service->getLevel(self::TENANT_ID, 'DNS00001'));
}
public function testGetLevelReturnsDefaultForEmptyDomainNo(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->expects($this->never())->method('findByTenantAndDomainNo');
$service = new DomainSecurityLevelService($repository);
$this->assertSame('normal', $service->getLevel(self::TENANT_ID, ''));
}
public function testSetLevelRejectsInvalidLevel(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->expects($this->never())->method('upsert');
$service = new DomainSecurityLevelService($repository);
$this->assertFalse($service->setLevel(self::TENANT_ID, 'DNS00001', 'ungueltig', 1));
}
public function testSetLevelRejectsEmptyDomainNo(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->expects($this->never())->method('upsert');
$service = new DomainSecurityLevelService($repository);
$this->assertFalse($service->setLevel(self::TENANT_ID, '', 'hoch', 1));
}
public function testSetLevelCallsUpsertWithCorrectParams(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->expects($this->once())
->method('upsert')
->with(self::TENANT_ID, 'DNS00001', 'hoch', 42)
->willReturn(true);
$service = new DomainSecurityLevelService($repository);
$this->assertTrue($service->setLevel(self::TENANT_ID, 'DNS00001', 'hoch', 42));
}
public function testSetLevelAllowsAllValidLevels(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->method('upsert')->willReturn(true);
$service = new DomainSecurityLevelService($repository);
foreach (['niedrig', 'normal', 'hoch', 'kritisch'] as $level) {
$this->assertTrue($service->setLevel(self::TENANT_ID, 'DNS00001', $level, 1));
}
}
public function testGetAllLevelsForDomainsReturnsEmptyForEmptyInput(): void
{
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->expects($this->never())->method('listLevelsByDomainNos');
$service = new DomainSecurityLevelService($repository);
$this->assertSame([], $service->getAllLevelsForDomains(self::TENANT_ID, []));
}
public function testGetAllLevelsForDomainsDelegatesToRepository(): void
{
$expected = ['DNS00001' => 'hoch', 'DNS00002' => 'niedrig'];
$repository = $this->createMock(DomainSecurityLevelRepository::class);
$repository->method('listLevelsByDomainNos')->willReturn($expected);
$service = new DomainSecurityLevelService($repository);
$result = $service->getAllLevelsForDomains(self::TENANT_ID, ['DNS00001', 'DNS00002']);
$this->assertSame($expected, $result);
}
public function testGetBadgeVariantMapping(): void
{
$this->assertSame('info', DomainSecurityLevelService::getBadgeVariant('niedrig'));
$this->assertSame('neutral', DomainSecurityLevelService::getBadgeVariant('normal'));
$this->assertSame('warning', DomainSecurityLevelService::getBadgeVariant('hoch'));
$this->assertSame('error', DomainSecurityLevelService::getBadgeVariant('kritisch'));
$this->assertSame('neutral', DomainSecurityLevelService::getBadgeVariant('unknown'));
}
public function testGetAllowedLevelsReturnsFourLevels(): void
{
$levels = DomainSecurityLevelService::getAllowedLevels();
$this->assertCount(4, $levels);
$this->assertSame(['niedrig', 'normal', 'hoch', 'kritisch'], $levels);
}
}