Дмитрий
9b99d81deb
Plan 1/5 Task 2 — SaaS-level агрегатная сущность для проектов у поставщиков. Несколько Лидерра-tenant'ов могут шарить один supplier_project (sharing-model spec §2.3): для site/call — по domain/phone; для sms — по (sender, keyword) на B2 или (sender) на B3. RLS НЕ применяется (таблица не tenant-scoped), defense-in-depth через REVOKE ALL FROM crm_app_user. Колонки: platform, signal_type, unique_key (TEXT), supplier_external_id, current_limit, current_workdays/regions (jsonb), sync_status (pending/ok/failed), last_synced_at, inactive_since (TTL 180 дней), timestamps. CHECK constraints (chk_supplier_projects_*): - platform IN (B1, B2, B3) - signal_type IN (site, call, sms) - sync_status IN (pending, ok, failed) - NOT (platform=B1 AND signal_type=sms) — B1 не поддерживает СМС Indexes: UNIQUE(platform, unique_key); btree на sync_status, inactive_since. Тесты: 6/6 (table+columns / unique / platform CHECK / sync_status CHECK / no RLS / no privileges). Schema: v8.12 → v8.13. Метрики: 56→57 таблиц / 98→101 индексов; RLS/функции/триггеры без изменений.
96 lines
2.7 KiB
PHP
96 lines
2.7 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\Schema;
|
|
|
|
test('supplier_projects table exists with required columns', function () {
|
|
expect(Schema::hasTable('supplier_projects'))->toBeTrue();
|
|
|
|
foreach ([
|
|
'id',
|
|
'platform',
|
|
'signal_type',
|
|
'unique_key',
|
|
'supplier_external_id',
|
|
'current_limit',
|
|
'current_workdays',
|
|
'current_regions',
|
|
'sync_status',
|
|
'last_synced_at',
|
|
'inactive_since',
|
|
'created_at',
|
|
'updated_at',
|
|
] as $col) {
|
|
expect(Schema::hasColumn('supplier_projects', $col))->toBeTrue();
|
|
}
|
|
});
|
|
|
|
test('supplier_projects has unique constraint on (platform, unique_key)', function () {
|
|
$idx = DB::selectOne(
|
|
"SELECT indexdef
|
|
FROM pg_indexes
|
|
WHERE tablename = 'supplier_projects'
|
|
AND indexname = 'supplier_projects_platform_unique_key_unique'"
|
|
);
|
|
|
|
expect($idx)->not->toBeNull();
|
|
expect($idx->indexdef)
|
|
->toContain('UNIQUE')
|
|
->toContain('platform')
|
|
->toContain('unique_key');
|
|
});
|
|
|
|
test('supplier_projects platform check constraint allows only B1, B2, B3', function () {
|
|
$check = DB::selectOne(
|
|
"SELECT pg_get_constraintdef(c.oid) AS def
|
|
FROM pg_constraint c
|
|
JOIN pg_class t ON c.conrelid = t.oid
|
|
WHERE t.relname = 'supplier_projects' AND c.conname = 'chk_supplier_projects_platform'"
|
|
);
|
|
|
|
expect($check)->not->toBeNull();
|
|
expect($check->def)
|
|
->toContain("'B1'")
|
|
->toContain("'B2'")
|
|
->toContain("'B3'");
|
|
});
|
|
|
|
test('supplier_projects sync_status check constraint', function () {
|
|
$check = DB::selectOne(
|
|
"SELECT pg_get_constraintdef(c.oid) AS def
|
|
FROM pg_constraint c
|
|
JOIN pg_class t ON c.conrelid = t.oid
|
|
WHERE t.relname = 'supplier_projects' AND c.conname = 'chk_supplier_projects_sync_status'"
|
|
);
|
|
|
|
expect($check)->not->toBeNull();
|
|
expect($check->def)
|
|
->toContain("'pending'")
|
|
->toContain("'ok'")
|
|
->toContain("'failed'");
|
|
});
|
|
|
|
test('supplier_projects has NO RLS policy (relrowsecurity = false)', function () {
|
|
$row = DB::selectOne(
|
|
"SELECT relrowsecurity
|
|
FROM pg_class
|
|
WHERE relname = 'supplier_projects' AND relkind = 'r'"
|
|
);
|
|
|
|
expect($row)->not->toBeNull();
|
|
expect($row->relrowsecurity)->toBeFalse();
|
|
});
|
|
|
|
test('supplier_projects has REVOKE ALL on crm_app_user (no privileges in role_table_grants)', function () {
|
|
$rows = DB::select(
|
|
"SELECT privilege_type
|
|
FROM information_schema.role_table_grants
|
|
WHERE table_name = 'supplier_projects'
|
|
AND grantee = 'crm_app_user'"
|
|
);
|
|
|
|
expect($rows)->toBe([]);
|
|
});
|