liderra/portal
1
0
Fork 0
Code Issues Pull Requests Actions 66 Packages Projects Releases Wiki Activity
Files
a4a8ea31b9a723dc3a30bfde1cb43385169edb22
portal/app/tests/Feature
T
History
Дмитрий a4a8ea31b9 refactor(security): единый источник security-заголовков — nginx 
Убраны дубли HTTP-заголовков. nginx уже шлёт enforcing CSP, X-Frame-Options,
X-Content-Type-Options, Referrer-Policy, HSTS, Permissions-Policy, COOP, CORP
через add_header always. App-уровневый middleware SecurityHeaders дублировал
четыре из них и слал лишний CSP Report-Only; на проде add_header always плюс
PHP-заголовок давали дубль в ответе.

- удалён middleware SecurityHeaders и его регистрация в bootstrap/app.php
- SecurityHeadersTest переписан: фиксирует, что приложение эти заголовки не ставит

Прод-дедуп вступит в силу после деплоя. Verify локально 4 из 4 green.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-18 09:31:47 +03:00
..
Admin
fix: 152-FZ erasure - surgical scrub of deals.phones JSONB plus email no-op, F-P1b
2026-06-16 11:54:45 +03:00
Api
feat(projects): RegionsBulkDialog — subject-level regions (89 RF subjects) #1426
2026-05-18 03:41:46 +03:00
Audit
WIP чекпойнт: lead-region/supplier бэкенд + фронт-редизайн + Pint + тесты
2026-06-17 05:17:12 +03:00
Auth
feat(security): per-IP route-throttle на auth-эндпоинтах — P1 go-live
2026-06-17 19:56:23 +03:00
Billing
feat(billing): R-19 — share-aware requiredLeadsForTomorrow
2026-05-28 20:05:53 +03:00
Console
WIP чекпойнт: lead-region/supplier бэкенд + фронт-редизайн + Pint + тесты
2026-06-17 05:17:12 +03:00
Database
feat(supplier): supplier_manual_sync_queue table (Tier 3 queue)
2026-05-19 12:55:06 +03:00
Deals
style+fix(auth): pint formatting + nullsafe.neverNull fix + P1 plan DONE marker
2026-05-22 17:43:18 +03:00
ExceptionHandling
feat(exceptions): reduce verbosity для constraint violations (SQLSTATE 23xxx)
2026-05-29 14:14:04 +03:00
Http
feat(security): webhook DNS-rebind пиннинг + аддитивный HMAC supplier-webhook — edge/P2 go-live
2026-06-17 20:21:11 +03:00
Imitation
feat(imitation): imitation:seed command to populate local portal
2026-06-04 05:09:29 +03:00
Import
fix(migrations): clean migrate:fresh resilience (partition parent guard + delta idempotency)
2026-06-03 20:01:55 +03:00
Incidents
feat(incidents): single-lead-storm detection in incidents:watch-failures
2026-05-29 09:11:27 +03:00
Integration
feat(slepok): Task 2.5 — LeadRouter reads from project_routing_snapshots (R-01 closure)
2026-05-28 05:48:15 +03:00
Jobs
WIP чекпойнт: lead-region/supplier бэкенд + фронт-редизайн + Pint + тесты
2026-06-17 05:17:12 +03:00
LeadRouter
WIP чекпойнт: lead-region/supplier бэкенд + фронт-редизайн + Pint + тесты
2026-06-17 05:17:12 +03:00
Logging
feat(security): PII-scrubbing процессор логов — Medium go-live
2026-06-17 20:43:28 +03:00
Migrations
WIP чекпойнт: lead-region/supplier бэкенд + фронт-редизайн + Pint + тесты
2026-06-17 05:17:12 +03:00
Models
fix(tests): RefreshDatabase on LookupsTest + ProjectExtensionsTest — close quirk #62
2026-05-14 05:29:34 +03:00
Notifications
refactor(billing): Phase 2 — remove legacy ProcessWebhookJob + cascade test cleanup
2026-05-24 18:51:12 +03:00
Pd
feat(pdn): ретеншен ПДн удалённых лидов — анонимизация soft-deleted сделок — F-P1
2026-06-17 17:24:48 +03:00
Plan4/Schema
refactor(webhook): Phase 4 — DROP migration + schema v8.35 + test/factory cleanup
2026-05-24 18:51:17 +03:00
Plan5
feat(projects): П12-П15 (замечания #4-#7) — UX и фильтры на странице «Проекты»
2026-05-22 18:50:04 +03:00
Project
feat(supplier): group recompute + pause + source-change + root auto-link
2026-05-22 16:52:30 +03:00
Projects
style+done(p2): pint formatting + P2 plan DONE marker
2026-05-22 18:53:11 +03:00
Reports
fix(rls): close 4 dev↔prod RLS gaps in cron/jobs (hole #7 Phase B)
2026-05-23 10:16:46 +03:00
Rules
feat(rules): add Signal validators (Domain, Phone, SmsSender) with comprehensive datasets
2026-05-10 17:05:19 +03:00
Schedule
feat(billing-v2-c): SyncSupplierProjectsJob исключает frozen-проекты из заказа
2026-05-26 20:39:16 +03:00
Scheduler
feat(ops): scheduler heartbeat — пульс 11 cron-задач + watcher (hole #6)
2026-05-23 11:48:20 +03:00
Security
style+done(p2): pint formatting + P2 plan DONE marker
2026-05-22 18:53:11 +03:00
Services
feat: merge lead-region cascade to main — deals-city + rossvyaz normalize, prod-parity verified
2026-06-16 07:17:38 +03:00
Supplier
fix(test): routing-snapshot today+tomorrow в CsvWebhookRaceTest + PII на slack/papertrail/stderr
2026-06-17 21:37:41 +03:00
AdminBillingActionsTest.php
refactor(webhook): Phase 4 — DROP migration + schema v8.35 + test/factory cleanup
2026-05-24 18:51:17 +03:00
AdminBillingIndexTest.php
test: починка харнеса AdminBilling и AdminIncidents
2026-06-18 09:05:06 +03:00
AdminIncidentRknNotifyTest.php
feat(admin): G6 backend — incident РКН-notify endpoint
2026-05-16 14:09:53 +03:00
AdminIncidentShowTest.php
refactor(webhook): Phase 4 — DROP migration + schema v8.35 + test/factory cleanup
2026-05-24 18:51:17 +03:00
AdminIncidentsIndexTest.php
test: починка харнеса AdminBilling и AdminIncidents
2026-06-18 09:05:06 +03:00
AdminSystemSettingsTest.php
phase2(7-features): bulk-actions / new-deal / tenant-card / system-edit / webhook / smart-filters / impersonation-list
2026-05-09 05:33:21 +03:00
AdminTenantShowTest.php
feat(deals): sweep 14->5 funnel slugs — controllers, mocks, stories, tests
2026-05-18 03:42:41 +03:00
AdminTenantsIndexTest.php
phase2(admin-tenants-mrr): mrr_rub в /api/admin/tenants (этап 7)
2026-05-09 10:08:12 +03:00
ApiKeyControllerTest.php
refactor(api): ApiKeyController index() excludes expired keys (review M1)
2026-05-15 22:06:14 +03:00
DashboardSummaryTest.php
fix(dashboard): верхняя строка дашборда — настоящие числа вместо заглушки — F5
2026-06-17 16:02:04 +03:00
DealCreateTest.php
test(deals): drop obsolete ids-based export tests from DealCreateTest (superseded by DealExportTest)
2026-05-18 03:42:40 +03:00
DealDestroyTest.php
feat(api): J1 — auth:sanctum+tenant middleware на /api/deals*
2026-05-16 15:18:13 +03:00
DealExportTest.php
test(deals): drop obsolete ids-based export tests from DealCreateTest (superseded by DealExportTest)
2026-05-18 03:42:40 +03:00
DealIndexTest.php
feat(deals): sweep 14->5 funnel slugs — controllers, mocks, stories, tests
2026-05-18 03:42:41 +03:00
DealModelTest.php
phase1(webhook): Deal/WebhookDedupKey + ProcessWebhookJob (advisory lock) — CTO-17 addendum
2026-05-08 15:24:55 +03:00
DealRestoreTest.php
feat(api): J1 — auth:sanctum+tenant middleware на /api/deals*
2026-05-16 15:18:13 +03:00
DealShowTest.php
feat(deals): карточка показывает реальную стоимость лида — F2
2026-06-17 13:30:46 +03:00
DealTransitionTest.php
feat(deals): sweep 14->5 funnel slugs — controllers, mocks, stories, tests
2026-05-18 03:42:41 +03:00
DealUpdateTest.php
feat(deals): sweep 14->5 funnel slugs — controllers, mocks, stories, tests
2026-05-18 03:42:41 +03:00
DemoSeederTest.php
fix(dev): A8 review — production-guard в DemoSeeder + точность README/теста (Sprint 5A)
2026-05-17 02:23:26 +03:00
EndpointAuthHardeningTest.php
fix(security): закрыть открытые эндпоинты + SSRF-гард webhook перед go-live
2026-05-21 19:15:05 +03:00
ExampleTest.php
phase1(scaffold): Laravel 11 + predis + .env под PG 16 + Memurai
2026-05-08 09:37:16 +03:00
ImpersonationTest.php
fix(impersonation): SaaS-admin запросы через pgsql_supplier (BYPASSRLS) — лечит RLS 42704 на проде
2026-05-22 08:40:16 +03:00
LeadStatusesFunnelTest.php
feat(deals): migration — remap deals.status + drop obsolete lead_statuses (14->5)
2026-05-18 03:42:41 +03:00
LeadStatusesIndexTest.php
fix(security): закрыть открытые эндпоинты + SSRF-гард webhook перед go-live
2026-05-21 19:15:05 +03:00
LookupsTest.php
fix(security): закрыть открытые эндпоинты + SSRF-гард webhook перед go-live
2026-05-21 19:15:05 +03:00
PartitionsCreateMonthsTest.php
WIP чекпойнт: lead-region/supplier бэкенд + фронт-редизайн + Pint + тесты
2026-06-17 05:17:12 +03:00
RedisCacheStoreIsolationTest.php
fix(tests): redis cache store -> array driver in test env (kill quirk 72)
2026-05-16 09:57:32 +03:00
ReminderControllerTest.php
phase2(reminders-backend): CRUD + cron-диспетчер + email/inapp (P0 этап 4)
2026-05-09 12:30:38 +03:00
RemindersDispatchDueTest.php
fix(rls): close 4 dev↔prod RLS gaps in cron/jobs (hole #7 Phase B)
2026-05-23 10:16:46 +03:00
RlsSmokeTest.php
refactor(webhook): Phase 4 — DROP migration + schema v8.35 + test/factory cleanup
2026-05-24 18:51:17 +03:00
RunwayCalculatorTest.php
fix(billing): единый источник runway — дашборд = биллинг (F3)
2026-06-17 14:07:22 +03:00
SaasAdminMiddlewareTest.php
fix(admin): снять 503-замок saas-admin зоны — защиту держит nginx basic-auth
2026-05-25 07:35:03 +03:00
SecurityHeadersTest.php
refactor(security): единый источник security-заголовков — nginx
2026-06-18 09:31:47 +03:00
SetTenantContextTest.php
phase1(eloquent): Tenant/User/Project models + SetTenantContext middleware
2026-05-08 14:29:50 +03:00
TenantModelsTest.php
phase1(eloquent): Tenant/User/Project models + SetTenantContext middleware
2026-05-08 14:29:50 +03:00
WebhookSettingsControllerTest.php
fix(security): SSRF-гард на сохранении webhook target_url (защита будущей доставки)
2026-05-22 03:25:16 +03:00
WebhookSsrfGuardTest.php
fix(security): закрыть открытые эндпоинты + SSRF-гард webhook перед go-live
2026-05-21 19:15:05 +03:00