create([ 'username' => 'risk_pool_admin', 'name' => 'Risk QA', 'email' => null, 'password' => Hash::make('secret-strong'), 'status' => 0, ]); return $admin->createToken('test', ['*'], now()->addDay())->plainTextToken; } test('admin risk pools index returns rows for draw', function (): void { $draw = Draw::query()->create([ 'draw_no' => '20260512-001', 'business_date' => '2026-05-12', 'sequence_no' => 1, 'status' => 'open', 'start_time' => now()->subHour(), 'close_time' => now()->addHour(), 'draw_time' => now()->addHours(2), 'cooling_end_time' => null, 'result_source' => null, 'current_result_version' => 0, 'settle_version' => 0, 'is_reopened' => false, ]); RiskPool::query()->create([ 'draw_id' => $draw->id, 'normalized_number' => '1234', 'total_cap_amount' => 1_000_000, 'locked_amount' => 200_000, 'remaining_amount' => 800_000, 'sold_out_status' => 0, 'version' => 1, ]); RiskPool::query()->create([ 'draw_id' => $draw->id, 'normalized_number' => '9999', 'total_cap_amount' => 100, 'locked_amount' => 100, 'remaining_amount' => 0, 'sold_out_status' => 1, 'version' => 2, ]); $token = mintRiskAdminToken(); $this->withHeader('Authorization', 'Bearer '.$token) ->getJson('/api/v1/admin/draws/'.$draw->id.'/risk-pools?per_page=10') ->assertOk() ->assertJsonPath('data.draw_no', '20260512-001') ->assertJsonPath('data.meta.total', 2); $this->withHeader('Authorization', 'Bearer '.$token) ->getJson('/api/v1/admin/draws/'.$draw->id.'/risk-pools?sold_out_only=1') ->assertOk() ->assertJsonPath('data.meta.total', 1) ->assertJsonPath('data.items.0.normalized_number', '9999') ->assertJsonPath('data.items.0.is_sold_out', true); }); test('admin risk pool lock logs include ticket_no when linked', function (): void { $draw = Draw::query()->create([ 'draw_no' => '20260512-002', 'business_date' => '2026-05-12', 'sequence_no' => 2, 'status' => 'open', 'start_time' => now()->subHour(), 'close_time' => now()->addHour(), 'draw_time' => now()->addHours(2), 'cooling_end_time' => null, 'result_source' => null, 'current_result_version' => 0, 'settle_version' => 0, 'is_reopened' => false, ]); RiskPoolLockLog::query()->create([ 'draw_id' => $draw->id, 'normalized_number' => '5678', 'ticket_item_id' => null, 'action_type' => 'lock', 'amount' => 50, 'source_reason' => 'ticket_place', 'created_at' => now(), ]); $token = mintRiskAdminToken(); $this->withHeader('Authorization', 'Bearer '.$token) ->getJson('/api/v1/admin/draws/'.$draw->id.'/risk-pool-lock-logs') ->assertOk() ->assertJsonPath('data.meta.total', 1) ->assertJsonPath('data.items.0.amount', 50); }); test('admin risk pool show 404 when pool missing', function (): void { $draw = Draw::query()->create([ 'draw_no' => '20260512-003', 'business_date' => '2026-05-12', 'sequence_no' => 3, 'status' => 'open', 'start_time' => now()->subHour(), 'close_time' => now()->addHour(), 'draw_time' => now()->addHours(2), 'cooling_end_time' => null, 'result_source' => null, 'current_result_version' => 0, 'settle_version' => 0, 'is_reopened' => false, ]); $token = mintRiskAdminToken(); $this->withHeader('Authorization', 'Bearer '.$token) ->getJson('/api/v1/admin/draws/'.$draw->id.'/risk-pools/0000') ->assertStatus(404); });