diff --git a/tests/Feature/AdminPlatformOrderShowLeadIdFromBackHintTest.php b/tests/Feature/AdminPlatformOrderShowLeadIdFromBackHintTest.php index 1bb9ace..48a2e73 100644 --- a/tests/Feature/AdminPlatformOrderShowLeadIdFromBackHintTest.php +++ b/tests/Feature/AdminPlatformOrderShowLeadIdFromBackHintTest.php @@ -132,4 +132,60 @@ class AdminPlatformOrderShowLeadIdFromBackHintTest extends TestCase $res->assertDontSee('查看线索', false); $res->assertDontSee('/admin/platform-leads?', false); } + + public function test_show_should_not_render_lead_hint_when_back_is_unsafe_even_if_it_contains_lead_id(): void + { + $this->loginAsPlatformAdmin(); + + $merchant = Merchant::query()->firstOrFail(); + + $plan = Plan::query()->create([ + 'code' => 'show_back_lead_unsafe_plan', + 'name' => '订单详情unsafe back线索提示测试套餐', + 'billing_cycle' => 'monthly', + 'price' => 10, + 'list_price' => 10, + 'status' => 'active', + 'sort' => 10, + 'published_at' => now(), + ]); + + $order = PlatformOrder::query()->create([ + 'merchant_id' => $merchant->id, + 'plan_id' => $plan->id, + 'site_subscription_id' => null, + 'created_by_admin_id' => 1, + 'order_no' => 'PO_SHOW_BACK_LEAD_0003', + 'order_type' => 'new_purchase', + 'status' => 'pending', + 'payment_status' => 'unpaid', + 'payment_channel' => null, + 'plan_name' => $plan->name, + 'billing_cycle' => $plan->billing_cycle, + 'period_months' => 1, + 'quantity' => 1, + 'list_amount' => 10, + 'discount_amount' => 0, + 'payable_amount' => 10, + 'paid_amount' => 0, + 'placed_at' => now(), + 'plan_snapshot' => ['plan_id' => $plan->id], + 'meta' => [], + 'remark' => 'test', + ]); + + $unsafeBack = '/admin/platform-orders?' . Arr::query([ + 'lead_id' => 56, + 'back' => '/admin', + ]); + + $res = $this->get('/admin/platform-orders/' . $order->id . '?' . Arr::query([ + 'back' => $unsafeBack, + ])); + + $res->assertOk(); + $res->assertDontSee('来源线索:#56', false); + $res->assertDontSee('查看线索', false); + $res->assertDontSee('/admin/platform-leads?', false); + } }