michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
24cbbccf4cd6096fb975fae7a1075a782c1919b6
michaelschiemer/tests/Unit/Framework/Auth/ValueObjects/NamespaceAccessPolicyTest.php
Michael Schiemer fc3d7e6357 feat(Production): Complete production deployment infrastructure 
- Add comprehensive health check system with multiple endpoints
- Add Prometheus metrics endpoint
- Add production logging configurations (5 strategies)
- Add complete deployment documentation suite:
  * QUICKSTART.md - 30-minute deployment guide
  * DEPLOYMENT_CHECKLIST.md - Printable verification checklist
  * DEPLOYMENT_WORKFLOW.md - Complete deployment lifecycle
  * PRODUCTION_DEPLOYMENT.md - Comprehensive technical reference
  * production-logging.md - Logging configuration guide
  * ANSIBLE_DEPLOYMENT.md - Infrastructure as Code automation
  * README.md - Navigation hub
  * DEPLOYMENT_SUMMARY.md - Executive summary
- Add deployment scripts and automation
- Add DEPLOYMENT_PLAN.md - Concrete plan for immediate deployment
- Update README with production-ready features

All production infrastructure is now complete and ready for deployment.
2025-10-25 19:18:37 +02:00

102 lines
4.2 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Framework\Auth\ValueObjects\NamespaceAccessPolicy;
describe('NamespaceAccessPolicy', function () {
describe('blocked()', function () {
it('creates policy that blocks all controllers', function () {
$policy = NamespaceAccessPolicy::blocked();
expect($policy->isControllerBlocked('App\Application\Admin\Dashboard'))->toBeTrue();
expect($policy->isControllerBlocked('App\Application\Admin\UserController'))->toBeTrue();
expect($policy->hasRestrictions())->toBeTrue();
});
});
describe('blockedExcept()', function () {
it('blocks all except allowed controllers', function () {
$policy = NamespaceAccessPolicy::blockedExcept(
'App\Application\Admin\LoginController',
'App\Application\Admin\HealthController'
);
expect($policy->isControllerBlocked('App\Application\Admin\LoginController'))->toBeFalse();
expect($policy->isControllerBlocked('App\Application\Admin\HealthController'))->toBeFalse();
expect($policy->isControllerBlocked('App\Application\Admin\Dashboard'))->toBeTrue();
expect($policy->hasRestrictions())->toBeTrue();
});
it('handles empty allowlist', function () {
$policy = NamespaceAccessPolicy::blockedExcept();
expect($policy->isControllerBlocked('App\Application\Admin\Dashboard'))->toBeTrue();
});
});
describe('allowed()', function () {
it('allows all controllers', function () {
$policy = NamespaceAccessPolicy::allowed();
expect($policy->isControllerBlocked('App\Application\Admin\Dashboard'))->toBeFalse();
expect($policy->isControllerBlocked('App\Application\Admin\UserController'))->toBeFalse();
expect($policy->hasRestrictions())->toBeFalse();
});
});
describe('withAllowedControllers()', function () {
it('adds controllers to allowlist', function () {
$policy = NamespaceAccessPolicy::blocked();
$newPolicy = $policy->withAllowedControllers(
'App\Application\Admin\LoginController'
);
expect($newPolicy->isControllerBlocked('App\Application\Admin\LoginController'))->toBeFalse();
expect($newPolicy->isControllerBlocked('App\Application\Admin\Dashboard'))->toBeTrue();
});
it('preserves existing allowlist', function () {
$policy = NamespaceAccessPolicy::blockedExcept(
'App\Application\Admin\LoginController'
);
$newPolicy = $policy->withAllowedControllers(
'App\Application\Admin\HealthController'
);
expect($newPolicy->isControllerBlocked('App\Application\Admin\LoginController'))->toBeFalse();
expect($newPolicy->isControllerBlocked('App\Application\Admin\HealthController'))->toBeFalse();
expect($newPolicy->isControllerBlocked('App\Application\Admin\Dashboard'))->toBeTrue();
});
it('handles duplicate controllers', function () {
$policy = NamespaceAccessPolicy::blockedExcept(
'App\Application\Admin\LoginController'
);
$newPolicy = $policy->withAllowedControllers(
'App\Application\Admin\LoginController',
'App\Application\Admin\HealthController'
);
expect($newPolicy->isControllerBlocked('App\Application\Admin\LoginController'))->toBeFalse();
expect($newPolicy->isControllerBlocked('App\Application\Admin\HealthController'))->toBeFalse();
});
});
describe('immutability', function () {
it('does not modify original policy when adding controllers', function () {
$original = NamespaceAccessPolicy::blocked();
$modified = $original->withAllowedControllers(
'App\Application\Admin\LoginController'
);
expect($original->isControllerBlocked('App\Application\Admin\LoginController'))->toBeTrue();
expect($modified->isControllerBlocked('App\Application\Admin\LoginController'))->toBeFalse();
});
});
});
Reference in New Issue View Git Blame Copy Permalink