forked from fa/breadcrumb-the-shire
Saving security levels appeared broken in both the domain detail view and the domains grid. Root causes: - Repository never unwrapped MintyPHP DB rows (nested by table name), so reads always returned defaults even though writes succeeded. - Batch queries bound tenant_id last while SQL expected it first, so list/detail enrichment for the grid matched nothing. - Detail page AJAX submit looked up CSRF via a non-existent data attribute and dropped the note field entirely. - Endpoint used a hand-rolled CSRF check instead of Session::checkCsrfToken(). Fixes: - DomainSecurityLevelRepository: use RepositoryArrayHelper::unwrap(List), swap param order in listLevelsByDomainNos / listDetailsByDomainNos, centralize table name in a const. - security-level-data endpoint: canonical Session::checkCsrfToken(), unified JSON/PRG error path with proper HTTP status codes and flash. - Detail page: drop broken AJAX hijack, rely on native form POST + PRG (GR-CORE-012). - Grid list: refetch via gridRef.grid.forceRender() after dialog save instead of DOM-only mutation, so Grid.js internal state stays in sync. - Add dedicated Note column next to the badge with ellipsis + title tooltip. - Replace console.* in the dialog with showAsyncFlash for user-visible errors; add i18n keys (de/en) for all error messages. - Drop unused postAction import and TENANT_ID_OTHER test constant. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
141 lines
5.2 KiB
PHP
141 lines
5.2 KiB
PHP
<?php
|
|
|
|
namespace MintyPHP\Tests\Module\Helpdesk\Service;
|
|
|
|
use MintyPHP\Module\Helpdesk\Repository\DomainSecurityLevelRepository;
|
|
use MintyPHP\Module\Helpdesk\Service\DomainSecurityLevelService;
|
|
use PHPUnit\Framework\TestCase;
|
|
|
|
class DomainSecurityLevelServiceTest extends TestCase
|
|
{
|
|
private const TENANT_ID = 1;
|
|
|
|
public function testGetLevelReturnsDefaultForUnknownDomain(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->method('findByTenantAndDomainNo')->willReturn(null);
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertSame('normal', $service->getLevel(self::TENANT_ID, 'DNS00001'));
|
|
}
|
|
|
|
public function testGetLevelReturnsStoredValue(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->method('findByTenantAndDomainNo')->willReturn([
|
|
'security_level' => 'kritisch',
|
|
]);
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertSame('kritisch', $service->getLevel(self::TENANT_ID, 'DNS00001'));
|
|
}
|
|
|
|
public function testGetLevelDefaultsOnInvalidStoredValue(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->method('findByTenantAndDomainNo')->willReturn([
|
|
'security_level' => 'ungueltig',
|
|
]);
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertSame('normal', $service->getLevel(self::TENANT_ID, 'DNS00001'));
|
|
}
|
|
|
|
public function testGetLevelReturnsDefaultForEmptyDomainNo(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->expects($this->never())->method('findByTenantAndDomainNo');
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertSame('normal', $service->getLevel(self::TENANT_ID, ''));
|
|
}
|
|
|
|
public function testSetLevelRejectsInvalidLevel(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->expects($this->never())->method('upsert');
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertFalse($service->setLevel(self::TENANT_ID, 'DNS00001', 'ungueltig', 1));
|
|
}
|
|
|
|
public function testSetLevelRejectsEmptyDomainNo(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->expects($this->never())->method('upsert');
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertFalse($service->setLevel(self::TENANT_ID, '', 'hoch', 1));
|
|
}
|
|
|
|
public function testSetLevelCallsUpsertWithCorrectParams(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->expects($this->once())
|
|
->method('upsert')
|
|
->with(self::TENANT_ID, 'DNS00001', 'hoch', 42)
|
|
->willReturn(true);
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertTrue($service->setLevel(self::TENANT_ID, 'DNS00001', 'hoch', 42));
|
|
}
|
|
|
|
public function testSetLevelAllowsAllValidLevels(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->method('upsert')->willReturn(true);
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
foreach (['niedrig', 'normal', 'hoch', 'kritisch'] as $level) {
|
|
$this->assertTrue($service->setLevel(self::TENANT_ID, 'DNS00001', $level, 1));
|
|
}
|
|
}
|
|
|
|
public function testGetAllLevelsForDomainsReturnsEmptyForEmptyInput(): void
|
|
{
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->expects($this->never())->method('listLevelsByDomainNos');
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
|
|
$this->assertSame([], $service->getAllLevelsForDomains(self::TENANT_ID, []));
|
|
}
|
|
|
|
public function testGetAllLevelsForDomainsDelegatesToRepository(): void
|
|
{
|
|
$expected = ['DNS00001' => 'hoch', 'DNS00002' => 'niedrig'];
|
|
$repository = $this->createMock(DomainSecurityLevelRepository::class);
|
|
$repository->method('listLevelsByDomainNos')->willReturn($expected);
|
|
|
|
$service = new DomainSecurityLevelService($repository);
|
|
$result = $service->getAllLevelsForDomains(self::TENANT_ID, ['DNS00001', 'DNS00002']);
|
|
|
|
$this->assertSame($expected, $result);
|
|
}
|
|
|
|
public function testGetBadgeVariantMapping(): void
|
|
{
|
|
$this->assertSame('info', DomainSecurityLevelService::getBadgeVariant('niedrig'));
|
|
$this->assertSame('neutral', DomainSecurityLevelService::getBadgeVariant('normal'));
|
|
$this->assertSame('warning', DomainSecurityLevelService::getBadgeVariant('hoch'));
|
|
$this->assertSame('error', DomainSecurityLevelService::getBadgeVariant('kritisch'));
|
|
$this->assertSame('neutral', DomainSecurityLevelService::getBadgeVariant('unknown'));
|
|
}
|
|
|
|
public function testGetAllowedLevelsReturnsFourLevels(): void
|
|
{
|
|
$levels = DomainSecurityLevelService::getAllowedLevels();
|
|
|
|
$this->assertCount(4, $levels);
|
|
$this->assertSame(['niedrig', 'normal', 'hoch', 'kritisch'], $levels);
|
|
}
|
|
}
|