[ADVISING-999]: Enforce License Rules for Online Admissions

_ide_helper_models.php

@@ -456,6 +456,7 @@ class IdeHelperApplication {}
  * @property \Illuminate\Support\Carbon|null $updated_at
  * @property-read \Illuminate\Database\Eloquent\Model|\Eloquent $author
  * @property-read \Assist\Application\Models\Application $submissible
+ * @method static \Assist\Application\Database\Factories\ApplicationAuthenticationFactory factory($count = null, $state = [])
  * @method static \Illuminate\Database\Eloquent\Builder|ApplicationAuthentication newModelQuery()
  * @method static \Illuminate\Database\Eloquent\Builder|ApplicationAuthentication newQuery()
  * @method static \Illuminate\Database\Eloquent\Builder|ApplicationAuthentication query()
@@ -2457,12 +2458,12 @@ class IdeHelperServiceRequestAssignment {}
  * Assist\ServiceManagement\Models\ServiceRequestHistory
  *
  * @property string $id
- * @property string|null $service_request_id
+ * @property string $service_request_id
  * @property array $original_values
  * @property array $new_values
  * @property \Illuminate\Support\Carbon|null $created_at
  * @property \Illuminate\Support\Carbon|null $updated_at
- * @property-read \Assist\ServiceManagement\Models\ServiceRequest|null $serviceRequest
+ * @property-read \Assist\ServiceManagement\Models\ServiceRequest $serviceRequest
  * @method static \Assist\ServiceManagement\Database\Factories\ServiceRequestHistoryFactory factory($count = null, $state = [])
  * @method static \Illuminate\Database\Eloquent\Builder|ServiceRequestHistory newModelQuery()
  * @method static \Illuminate\Database\Eloquent\Builder|ServiceRequestHistory newQuery()

app-modules/application/database/factories/ApplicationAuthenticationFactory.php

@@ -0,0 +1,74 @@
+<?php
+
+/*
+<COPYRIGHT>
+
+    Copyright © 2022-2023, Canyon GBS LLC. All rights reserved.
+
+    Advising App™ is licensed under the Elastic License 2.0. For more details,
+    see https://github.com/canyongbs/advisingapp/blob/main/LICENSE.
+
+    Notice:
+
+    - You may not provide the software to third parties as a hosted or managed
+      service, where the service provides users with access to any substantial set of
+      the features or functionality of the software.
+    - You may not move, change, disable, or circumvent the license key functionality
+      in the software, and you may not remove or obscure any functionality in the
+      software that is protected by the license key.
+    - You may not alter, remove, or obscure any licensing, copyright, or other notices
+      of the licensor in the software. Any use of the licensor’s trademarks is subject
+      to applicable law.
+    - Canyon GBS LLC respects the intellectual property rights of others and expects the
+      same in return. Canyon GBS™ and Advising App™ are registered trademarks of
+      Canyon GBS LLC, and we are committed to enforcing and protecting our trademarks
+      vigorously.
+    - The software solution, including services, infrastructure, and code, is offered as a
+      Software as a Service (SaaS) by Canyon GBS LLC.
+    - Use of this software implies agreement to the license terms and conditions as stated
+      in the Elastic License 2.0.
+
+    For more information or inquiries please visit our website at
+    https://www.canyongbs.com or contact us via email at [email protected].
+
+</COPYRIGHT>
+*/
+
+namespace Assist\Application\Database\Factories;
+
+use Assist\Prospect\Models\Prospect;
+use Illuminate\Support\Facades\Hash;
+use Assist\Application\Models\Application;
+use Assist\AssistDataModel\Models\Student;
+use Illuminate\Database\Eloquent\Factories\Factory;
+use Illuminate\Database\Eloquent\Relations\Relation;
+
+/**
+ * @extends Factory<Application>
+ */
+class ApplicationAuthenticationFactory extends Factory
+{
+    public function definition(): array
+    {
+        return [
+            'author_type' => fake()->randomElement([
+                (new Student())->getMorphClass(),
+                (new Prospect())->getMorphClass(),
+            ]),
+            'author_id' => function (array $attributes) {
+                $senderClass = Relation::getMorphedModel($attributes['author_type']);
+
+                /** @var Student|Prospect $senderModel */
+                $senderModel = new $senderClass();
+
+                $sender = $senderClass === Student::class
+                    ? Student::inRandomOrder()->first() ?? Student::factory()->create()
+                    : $senderModel::factory()->create();
+
+                return $sender->getKey();
+            },
+            'code' => Hash::make(random_int(100000, 999999)),
+            'application_id' => Application::factory(),
+        ];
+    }
+}

app-modules/application/routes/api.php

@@ -36,9 +36,14 @@
 
 use Assist\Application\Http\Controllers\ApplicationWidgetController;
 use Assist\Form\Http\Middleware\EnsureSubmissibleIsEmbeddableAndAuthorized;
+use Assist\Application\Http\Middleware\EnsureOnlineAdmissionsFeatureIsActive;
 
 Route::prefix('api')
-    ->middleware(['api', EnsureSubmissibleIsEmbeddableAndAuthorized::class . ':application'])
+    ->middleware([
+        'api',
+        EnsureOnlineAdmissionsFeatureIsActive::class,
+        EnsureSubmissibleIsEmbeddableAndAuthorized::class . ':application',
+    ])
     ->group(function () {
         Route::prefix('applications')
             ->name('applications.')

app-modules/application/src/Http/Middleware/EnsureOnlineAdmissionsFeatureIsActive.php

@@ -0,0 +1,54 @@
+<?php
+
+/*
+<COPYRIGHT>
+
+    Copyright © 2022-2023, Canyon GBS LLC. All rights reserved.
+
+    Advising App™ is licensed under the Elastic License 2.0. For more details,
+    see https://github.com/canyongbs/advisingapp/blob/main/LICENSE.
+
+    Notice:
+
+    - You may not provide the software to third parties as a hosted or managed
+      service, where the service provides users with access to any substantial set of
+      the features or functionality of the software.
+    - You may not move, change, disable, or circumvent the license key functionality
+      in the software, and you may not remove or obscure any functionality in the
+      software that is protected by the license key.
+    - You may not alter, remove, or obscure any licensing, copyright, or other notices
+      of the licensor in the software. Any use of the licensor’s trademarks is subject
+      to applicable law.
+    - Canyon GBS LLC respects the intellectual property rights of others and expects the
+      same in return. Canyon GBS™ and Advising App™ are registered trademarks of
+      Canyon GBS LLC, and we are committed to enforcing and protecting our trademarks
+      vigorously.
+    - The software solution, including services, infrastructure, and code, is offered as a
+      Software as a Service (SaaS) by Canyon GBS LLC.
+    - Use of this software implies agreement to the license terms and conditions as stated
+      in the Elastic License 2.0.
+
+    For more information or inquiries please visit our website at
+    https://www.canyongbs.com or contact us via email at [email protected].
+
+</COPYRIGHT>
+*/
+
+namespace Assist\Application\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use App\Settings\LicenseSettings;
+use Symfony\Component\HttpFoundation\Response;
+
+class EnsureOnlineAdmissionsFeatureIsActive
+{
+    public function handle(Request $request, Closure $next): Response
+    {
+        if (! app(LicenseSettings::class)->data->addons->onlineAdmissions) {
+            return response()->json(['error' => 'Online Admissions is not enabled.'], 403);
+        }
+
+        return $next($request);
+    }
+}

app-modules/application/src/Policies/ApplicationPolicy.php

@@ -37,11 +37,16 @@
 namespace Assist\Application\Policies;
 
 use App\Models\User;
+use App\Enums\Feature;
 use Illuminate\Auth\Access\Response;
 use Assist\Application\Models\Application;
+use App\Concerns\FeatureAccessEnforcedPolicyBefore;
+use App\Policies\Contracts\FeatureAccessEnforcedPolicy;
 
-class ApplicationPolicy
+class ApplicationPolicy implements FeatureAccessEnforcedPolicy
 {
+    use FeatureAccessEnforcedPolicyBefore;
+
     public function viewAny(User $user): Response
     {
         return $user->canOrElse(
@@ -97,4 +102,9 @@ public function forceDelete(User $user, Application $application): Response
             denyResponse: 'You do not have permission to permanently delete this application.'
         );
     }
+
+    protected function requiredFeatures(): array
+    {
+        return [Feature::OnlineAdmissions];
+    }
 }

app-modules/application/tests/Application/CreateApplicationTest.php

@@ -0,0 +1,104 @@
+<?php
+
+/*
+<COPYRIGHT>
+
+    Copyright © 2022-2023, Canyon GBS LLC. All rights reserved.
+
+    Advising App™ is licensed under the Elastic License 2.0. For more details,
+    see https://github.com/canyongbs/advisingapp/blob/main/LICENSE.
+
+    Notice:
+
+    - You may not provide the software to third parties as a hosted or managed
+      service, where the service provides users with access to any substantial set of
+      the features or functionality of the software.
+    - You may not move, change, disable, or circumvent the license key functionality
+      in the software, and you may not remove or obscure any functionality in the
+      software that is protected by the license key.
+    - You may not alter, remove, or obscure any licensing, copyright, or other notices
+      of the licensor in the software. Any use of the licensor’s trademarks is subject
+      to applicable law.
+    - Canyon GBS LLC respects the intellectual property rights of others and expects the
+      same in return. Canyon GBS™ and Advising App™ are registered trademarks of
+      Canyon GBS LLC, and we are committed to enforcing and protecting our trademarks
+      vigorously.
+    - The software solution, including services, infrastructure, and code, is offered as a
+      Software as a Service (SaaS) by Canyon GBS LLC.
+    - Use of this software implies agreement to the license terms and conditions as stated
+      in the Elastic License 2.0.
+
+    For more information or inquiries please visit our website at
+    https://www.canyongbs.com or contact us via email at [email protected].
+
+</COPYRIGHT>
+*/
+
+use App\Models\User;
+use App\Settings\LicenseSettings;
+
+use function Pest\Laravel\actingAs;
+use function Pest\Livewire\livewire;
+
+use Assist\Application\Filament\Resources\ApplicationResource;
+
+// TODO: Write CreateApplication tests
+//test('A successful action on the CreateApplication page', function () {});
+//
+//test('CreateApplication requires valid data', function ($data, $errors) {})->with([]);
+
+// Permission Tests
+
+test('CreateApplication is gated with proper access control', function () {
+    $user = User::factory()->create();
+
+    actingAs($user)
+        ->get(
+            ApplicationResource::getUrl('create')
+        )->assertForbidden();
+
+    livewire(ApplicationResource\Pages\CreateApplication::class)
+        ->assertForbidden();
+
+    $user->givePermissionTo('application.view-any');
+    $user->givePermissionTo('application.create');
+
+    actingAs($user)
+        ->get(
+            ApplicationResource::getUrl('create')
+        )->assertSuccessful();
+
+    // TODO: Finish the test by adding the request factory CreateApplicationRequestFactory
+});
+
+test('CreateApplication is gated with proper feature access control', function () {
+    $settings = app(LicenseSettings::class);
+
+    $settings->data->addons->onlineAdmissions = false;
+
+    $settings->save();
+
+    $user = User::factory()->create();
+
+    actingAs($user)
+        ->get(
+            ApplicationResource::getUrl('create')
+        )->assertForbidden();
+
+    $user->givePermissionTo('application.view-any');
+    $user->givePermissionTo('application.create');
+
+    livewire(ApplicationResource\Pages\CreateApplication::class)
+        ->assertForbidden();
+
+    $settings->data->addons->onlineAdmissions = true;
+
+    $settings->save();
+
+    actingAs($user)
+        ->get(
+            ApplicationResource::getUrl('create')
+        )->assertSuccessful();
+
+    // TODO: Finish the test by adding the request factory CreateApplicationRequestFactory
+});