ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

fix: Improve tenant permission error handling

Browse Source 
- Return error details when Graph API calls fail instead of empty array
- Mark permissions as 'error' status when live check fails
- Include error source and details in database records
- Fix TenantSetupTest to clear granted_stub config
This commit is contained in:
Ahmed Darrazi 2025-12-21 01:21:52 +01:00
parent f9f53b1bde
commit 09eced8940
2 changed files with 35 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
app/Services/Intune/TenantPermissionService.php
View File

@ -44,10 +44,18 @@ public function getGrantedPermissions(Tenant $tenant): array
public function compare(Tenant $tenant, ?array $grantedStatuses = null, bool $persist = true, bool $liveCheck = false): array public function compare(Tenant $tenant, ?array $grantedStatuses = null, bool $persist = true, bool $liveCheck = false): array
{ {
$required = $this->getRequiredPermissions(); $required = $this->getRequiredPermissions();
$liveCheckFailed = false;
$liveCheckDetails = null;
// If liveCheck is requested, fetch actual permissions from Graph // If liveCheck is requested, fetch actual permissions from Graph
if ($liveCheck && $grantedStatuses === null) { if ($liveCheck && $grantedStatuses === null) {
$grantedStatuses = $this->fetchLivePermissions($tenant); $grantedStatuses = $this->fetchLivePermissions($tenant);
if (isset($grantedStatuses['__error'])) {
$liveCheckFailed = true;
$liveCheckDetails = $grantedStatuses['__error']['details'] ?? null;
unset($grantedStatuses['__error']);
}
} }
$granted = $this->normalizeGrantedStatuses( $granted = $this->normalizeGrantedStatuses(
@ -60,8 +68,12 @@ public function compare(Tenant $tenant, ?array $grantedStatuses = null, bool $pe
foreach ($required as $permission) { foreach ($required as $permission) {
$key = $permission['key']; $key = $permission['key'];
$status = $granted[$key]['status'] ?? 'missing'; $status = $liveCheckFailed
$details = $granted[$key]['details'] ?? null; ? 'error'
: ($granted[$key]['status'] ?? 'missing');
$details = $liveCheckFailed
? ($liveCheckDetails ?? ['source' => 'graph_api'])
: ($granted[$key]['details'] ?? null);
if ($persist) { if ($persist) {
TenantPermission::updateOrCreate( TenantPermission::updateOrCreate(
@ -175,7 +187,16 @@ private function fetchLivePermissions(Tenant $tenant): array
); );
if (! $response->success) { if (! $response->success) {
return []; return [
'__error' => [
'status' => 'error',
'details' => [
'source' => 'graph_api',
'status' => $response->status,
'errors' => $response->errors,
],
],
];
} }
$grantedPermissions = $response->data['permissions'] ?? []; $grantedPermissions = $response->data['permissions'] ?? [];
@ -196,7 +217,15 @@ private function fetchLivePermissions(Tenant $tenant): array
'error' => $e->getMessage(), 'error' => $e->getMessage(),
]); ]);
return []; return [
'__error' => [
'status' => 'error',
'details' => [
'source' => 'graph_api',
'message' => $e->getMessage(),
],
],
];
} }
} }
} }

2
tests/Feature/Filament/TenantSetupTest.php
View File

@ -158,6 +158,8 @@ public function request(string $method, string $path, array $options = []): Grap
'name' => 'UI Tenant', 'name' => 'UI Tenant',
]); ]);
config(['intune_permissions.granted_stub' => []]);
$permissions = config('intune_permissions.permissions', []); $permissions = config('intune_permissions.permissions', []);
$firstKey = $permissions[0]['key'] ?? 'DeviceManagementConfiguration.ReadWrite.All'; $firstKey = $permissions[0]['key'] ?? 'DeviceManagementConfiguration.ReadWrite.All';