🧪 Improve unit tests for authorization roles

[tristan-orourke]

🧪 Tests

Improve the unit tests for authorization roles. This includes putting some thought into how they can be improved

🕵️ Details

One suggestion is to verify that each role is missing the expected permissions, in addition to having the expected permissions. Another suggestion: create playwright tests for the signature flows of each role.

🙋‍♀️ Proposed Solution

Not yet.

✅ Acceptance Criteria

A set of assumptions which, when tested, verify that the debt tests were properly updated and remains functional/passing.

• [ ] Criteria 1
• [ ] Criteria 2

🛑 Blockers

Issues which must be completed before this one.

### Blocked By
- [ ] #11217

[tristan-orourke]

There's probably 3 points of failure where data can unintentially be revealed to the wrong role:

1. which role has which permission (rolepermission.php, our spreadsheet)
2. Policies / authorizedToViewScopes
3. Graphql schema

On testing these:

1. tests for this seem so low level that they don't have much value. We're essentially repeating the code in two places
2. These we can and should have expansive tests for
3. These tests are valuable, and we have them, but hard to do systematically. Hard to test every version of a query, given graphql nesting. Do we want to run every query with every possible role?

Running queries with different roles is easy if you're expecting errors. It's more complicated if you're expecting different results.

Improving the organization of our unit/feature tests would help find gaps.

[tristan-orourke]

Block this on a spike to suggest improvements to PHPunit test organization

[github-actions[bot]]

Status: Blocked :x:

Issues blocking this PR:

• 11217 :x:

  ---

  This comment was automatically written by the Blocking Issues bot, and this PR will be monitored for further progress.