Implement compliance exports and retention overrides
This commit is contained in:
Codex Agent
116
tests/Feature/Api/Tenant/DataExportApiTest.php
Normal file
116
tests/Feature/Api/Tenant/DataExportApiTest.php
Normal file
@@ -0,0 +1,116 @@
|
||||
<?php
|
||||
|
||||
namespace Tests\Feature\Api\Tenant;
|
||||
|
||||
use App\Enums\DataExportScope;
|
||||
use App\Jobs\GenerateDataExport;
|
||||
use App\Models\DataExport;
|
||||
use App\Models\Event;
|
||||
use App\Models\Tenant;
|
||||
use Illuminate\Support\Facades\Queue;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Tests\Feature\Tenant\TenantTestCase;
|
||||
|
||||
class DataExportApiTest extends TenantTestCase
|
||||
{
|
||||
public function test_tenant_can_request_event_export(): void
|
||||
{
|
||||
Queue::fake();
|
||||
|
||||
$event = Event::factory()->create(['tenant_id' => $this->tenant->id]);
|
||||
|
||||
$response = $this->authenticatedRequest('POST', '/api/v1/tenant/exports', [
|
||||
'scope' => 'event',
|
||||
'event_id' => $event->id,
|
||||
'include_media' => true,
|
||||
]);
|
||||
|
||||
$response->assertStatus(202)
|
||||
->assertJsonPath('data.scope', 'event')
|
||||
->assertJsonPath('data.status', DataExport::STATUS_PENDING);
|
||||
|
||||
$this->assertDatabaseHas('data_exports', [
|
||||
'tenant_id' => $this->tenant->id,
|
||||
'event_id' => $event->id,
|
||||
'scope' => DataExportScope::EVENT->value,
|
||||
'include_media' => true,
|
||||
]);
|
||||
|
||||
Queue::assertPushed(GenerateDataExport::class);
|
||||
}
|
||||
|
||||
public function test_exports_index_filters_to_tenant_scopes(): void
|
||||
{
|
||||
$event = Event::factory()->create(['tenant_id' => $this->tenant->id]);
|
||||
$otherTenant = Tenant::factory()->create();
|
||||
$otherEvent = Event::factory()->create(['tenant_id' => $otherTenant->id]);
|
||||
|
||||
DataExport::query()->create([
|
||||
'user_id' => $this->tenantUser->id,
|
||||
'tenant_id' => $this->tenant->id,
|
||||
'event_id' => $event->id,
|
||||
'scope' => DataExportScope::EVENT->value,
|
||||
'status' => DataExport::STATUS_READY,
|
||||
'include_media' => false,
|
||||
]);
|
||||
|
||||
DataExport::query()->create([
|
||||
'user_id' => $this->tenantUser->id,
|
||||
'tenant_id' => $this->tenant->id,
|
||||
'scope' => DataExportScope::USER->value,
|
||||
'status' => DataExport::STATUS_READY,
|
||||
'include_media' => false,
|
||||
]);
|
||||
|
||||
DataExport::query()->create([
|
||||
'user_id' => $this->tenantUser->id,
|
||||
'tenant_id' => $otherTenant->id,
|
||||
'event_id' => $otherEvent->id,
|
||||
'scope' => DataExportScope::EVENT->value,
|
||||
'status' => DataExport::STATUS_READY,
|
||||
'include_media' => true,
|
||||
]);
|
||||
|
||||
$response = $this->authenticatedRequest('GET', '/api/v1/tenant/exports');
|
||||
|
||||
$response->assertOk();
|
||||
$this->assertCount(1, $response->json('data'));
|
||||
$this->assertSame($event->id, $response->json('data.0.event.id'));
|
||||
}
|
||||
|
||||
public function test_event_export_rejects_foreign_event(): void
|
||||
{
|
||||
$otherTenant = Tenant::factory()->create();
|
||||
$otherEvent = Event::factory()->create(['tenant_id' => $otherTenant->id]);
|
||||
|
||||
$response = $this->authenticatedRequest('POST', '/api/v1/tenant/exports', [
|
||||
'scope' => 'event',
|
||||
'event_id' => $otherEvent->id,
|
||||
]);
|
||||
|
||||
$response->assertStatus(404);
|
||||
}
|
||||
|
||||
public function test_ready_export_can_be_downloaded(): void
|
||||
{
|
||||
Storage::fake('local');
|
||||
|
||||
Storage::disk('local')->put('exports/tenant-export.zip', 'demo-content');
|
||||
|
||||
$export = DataExport::query()->create([
|
||||
'user_id' => $this->tenantUser->id,
|
||||
'tenant_id' => $this->tenant->id,
|
||||
'scope' => DataExportScope::TENANT->value,
|
||||
'status' => DataExport::STATUS_READY,
|
||||
'include_media' => false,
|
||||
'path' => 'exports/tenant-export.zip',
|
||||
'size_bytes' => 123,
|
||||
'expires_at' => now()->addDay(),
|
||||
]);
|
||||
|
||||
$response = $this->authenticatedRequest('GET', route('api.v1.tenant.exports.download', $export));
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertHeader('content-disposition');
|
||||
}
|
||||
}
|
||||
@@ -2,12 +2,14 @@
|
||||
|
||||
namespace Tests\Feature\Console;
|
||||
|
||||
use App\Enums\RetentionOverrideScope;
|
||||
use App\Jobs\ArchiveEventMediaAssets;
|
||||
use App\Models\Event;
|
||||
use App\Models\EventMediaAsset;
|
||||
use App\Models\EventPackage;
|
||||
use App\Models\MediaStorageTarget;
|
||||
use App\Models\Package;
|
||||
use App\Models\RetentionOverride;
|
||||
use Illuminate\Foundation\Testing\RefreshDatabase;
|
||||
use Illuminate\Support\Facades\Queue;
|
||||
use Tests\TestCase;
|
||||
@@ -94,4 +96,55 @@ class DispatchStorageArchiveCommandTest extends TestCase
|
||||
|
||||
Queue::assertNothingPushed();
|
||||
}
|
||||
|
||||
public function test_skips_events_with_retention_override(): void
|
||||
{
|
||||
$target = MediaStorageTarget::create([
|
||||
'key' => 'local-hot',
|
||||
'name' => 'Local Hot',
|
||||
'driver' => 'local',
|
||||
'config' => ['monitor_path' => storage_path('app')],
|
||||
'is_hot' => true,
|
||||
'is_default' => true,
|
||||
'is_active' => true,
|
||||
'priority' => 100,
|
||||
]);
|
||||
|
||||
$event = Event::factory()->create(['status' => 'published']);
|
||||
$package = Package::factory()->create(['gallery_days' => 1]);
|
||||
|
||||
EventPackage::create([
|
||||
'event_id' => $event->id,
|
||||
'package_id' => $package->id,
|
||||
'purchased_price' => 0,
|
||||
'purchased_at' => now()->subDays(10),
|
||||
'used_photos' => 0,
|
||||
'used_guests' => 0,
|
||||
'gallery_expires_at' => now()->subDays(5),
|
||||
]);
|
||||
|
||||
EventMediaAsset::create([
|
||||
'event_id' => $event->id,
|
||||
'media_storage_target_id' => $target->id,
|
||||
'variant' => 'original',
|
||||
'disk' => 'local-hot',
|
||||
'path' => 'events/'.$event->id.'/photo.jpg',
|
||||
'size_bytes' => 1024,
|
||||
'status' => 'hot',
|
||||
]);
|
||||
|
||||
RetentionOverride::factory()->create([
|
||||
'scope' => RetentionOverrideScope::EVENT,
|
||||
'tenant_id' => $event->tenant_id,
|
||||
'event_id' => $event->id,
|
||||
]);
|
||||
|
||||
Queue::fake();
|
||||
|
||||
$this->artisan('storage:archive-pending')
|
||||
->expectsOutput('Dispatched 0 archive job(s).')
|
||||
->assertExitCode(0);
|
||||
|
||||
Queue::assertNothingPushed();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,8 +2,10 @@
|
||||
|
||||
namespace Tests\Feature;
|
||||
|
||||
use App\Enums\RetentionOverrideScope;
|
||||
use App\Jobs\AnonymizeAccount;
|
||||
use App\Models\Package;
|
||||
use App\Models\RetentionOverride;
|
||||
use App\Models\Tenant;
|
||||
use App\Models\TenantPackage;
|
||||
use App\Models\User;
|
||||
@@ -33,6 +35,27 @@ class TenantRetentionCommandTest extends TestCase
|
||||
});
|
||||
}
|
||||
|
||||
public function test_retention_override_skips_tenant_deletion(): void
|
||||
{
|
||||
Queue::fake();
|
||||
|
||||
$tenant = Tenant::factory()->create([
|
||||
'last_activity_at' => now()->subMonths(25),
|
||||
]);
|
||||
$user = User::factory()->create(['tenant_id' => $tenant->id]);
|
||||
$tenant->user()->associate($user)->save();
|
||||
|
||||
RetentionOverride::factory()->create([
|
||||
'scope' => RetentionOverrideScope::TENANT,
|
||||
'tenant_id' => $tenant->id,
|
||||
'event_id' => null,
|
||||
]);
|
||||
|
||||
$this->artisan('tenants:retention-scan')->assertExitCode(0);
|
||||
|
||||
Queue::assertNothingPushed();
|
||||
}
|
||||
|
||||
public function test_warning_is_sent_one_month_before(): void
|
||||
{
|
||||
Queue::fake();
|
||||
|
||||
Reference in New Issue
Block a user