Add comprehensive test coverage and update notes

tests/Unit/AuditLogControllerUnitTest.php

@@ -0,0 +1,55 @@
+<?php
+
+use App\Http\Controllers\AuditLogController;
+use App\Models\AuditLog;
+use App\Models\Role;
+use App\Models\User;
+use Illuminate\Http\Request;
+
+it('returns unauthorized when no user', function (): void {
+    $controller = new AuditLogController();
+    $request = Request::create('/api/audit-logs', 'GET');
+    $request->setUserResolver(fn () => null);
+
+    $response = $controller->index($request);
+
+    expect($response->getStatusCode())->toBe(401);
+});
+
+it('returns forbidden when user is not admin', function (): void {
+    $controller = new AuditLogController();
+    $user = User::factory()->create();
+    $request = Request::create('/api/audit-logs', 'GET');
+    $request->setUserResolver(fn () => $user);
+
+    $response = $controller->index($request);
+
+    expect($response->getStatusCode())->toBe(403);
+});
+
+it('returns logs for admin', function (): void {
+    $controller = new AuditLogController();
+    $admin = User::factory()->create();
+    $role = Role::create(['name' => 'ROLE_ADMIN']);
+    $admin->roles()->attach($role);
+
+    AuditLog::create([
+        'action' => 'test.action',
+        'subject_type' => 'post',
+        'subject_id' => 1,
+        'metadata' => ['foo' => 'bar'],
+        'ip_address' => '127.0.0.1',
+        'user_agent' => 'test',
+        'user_id' => $admin->id,
+    ]);
+
+    $request = Request::create('/api/audit-logs', 'GET');
+    $request->setUserResolver(fn () => $admin);
+
+    $response = $controller->index($request);
+
+    expect($response->getStatusCode())->toBe(200);
+    $payload = $response->getData(true);
+    expect($payload)->toHaveCount(1);
+    expect($payload[0]['user']['roles'][0])->toBe('ROLE_ADMIN');
+});