ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

merge: agent session work

Browse Source
This commit is contained in:
Ahmed Darrazi 2026-01-03 21:03:43 +01:00
commit 823b7589f6
2 changed files with 107 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/graph_contracts.php
View File

@ -534,6 +534,11 @@
'update_method' => 'PATCH',
'id_field' => 'id',
'hydration' => 'properties',
'update_strip_keys' => [
'isAssigned',
'templateId',
'isMigratingToConfigurationPolicy',
],
],
'mobileApp' => [
'resource' => 'deviceAppManagement/mobileApps',

102
tests/Feature/EndpointSecurityIntentRestoreSanitizationTest.php Normal file
View File

@ -0,0 +1,102 @@
<?php
use App\Models\BackupItem;
use App\Models\BackupSet;
use App\Models\Tenant;
use App\Services\Graph\GraphClientInterface;
use App\Services\Graph\GraphResponse;
use App\Services\Intune\RestoreService;
use Illuminate\Foundation\Testing\RefreshDatabase;
uses(RefreshDatabase::class);
class EndpointSecurityIntentRestoreGraphClient implements GraphClientInterface
{
/** @var array<int, array{policyType:string,policyId:string,payload:array,options:array<string,mixed>}> */
public array $applyPolicyCalls = [];
public function listPolicies(string $policyType, array $options = []): GraphResponse
{
return new GraphResponse(true, []);
}
public function getPolicy(string $policyType, string $policyId, array $options = []): GraphResponse
{
return new GraphResponse(true, ['payload' => []]);
}
public function getOrganization(array $options = []): GraphResponse
{
return new GraphResponse(true, []);
}
public function applyPolicy(string $policyType, string $policyId, array $payload, array $options = []): GraphResponse
{
$this->applyPolicyCalls[] = [
'policyType' => $policyType,
'policyId' => $policyId,
'payload' => $payload,
'options' => $options,
];
return new GraphResponse(true, []);
}
public function getServicePrincipalPermissions(array $options = []): GraphResponse
{
return new GraphResponse(true, []);
}
public function request(string $method, string $path, array $options = []): GraphResponse
{
return new GraphResponse(true, []);
}
}
test('restore strips non-patchable fields from endpoint security intent updates', function () {
$client = new EndpointSecurityIntentRestoreGraphClient;
app()->instance(GraphClientInterface::class, $client);
$tenant = Tenant::factory()->create();
$backupSet = BackupSet::factory()->for($tenant)->create([
'status' => 'completed',
'item_count' => 1,
]);
$backupItem = BackupItem::factory()->for($tenant)->for($backupSet)->create([
'policy_id' => null,
'policy_identifier' => 'intent-1',
'policy_type' => 'endpointSecurityIntent',
'platform' => 'windows',
'payload' => [
'id' => 'intent-1',
'@odata.type' => '#microsoft.graph.deviceManagementIntent',
'displayName' => 'SPO Account Protection',
'description' => 'Demo',
'isAssigned' => false,
'templateId' => '0f2b5d70-d4e9-4156-8c16-1397eb6c54a5',
'isMigratingToConfigurationPolicy' => false,
],
'assignments' => null,
]);
$service = app(RestoreService::class);
$run = $service->execute(
tenant: $tenant,
backupSet: $backupSet,
selectedItemIds: [$backupItem->id],
dryRun: false,
);
expect($run->status)->toBe('completed');
expect($client->applyPolicyCalls)->toHaveCount(1);
$payload = $client->applyPolicyCalls[0]['payload'] ?? [];
expect($payload)->toBeArray();
expect($payload)->toHaveKey('displayName');
expect($payload)->toHaveKey('description');
expect($payload)->not->toHaveKey('id');
expect($payload)->not->toHaveKey('isAssigned');
expect($payload)->not->toHaveKey('templateId');
expect($payload)->not->toHaveKey('isMigratingToConfigurationPolicy');
});