ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

feat: Phase 1+2 - Assignments & Scope Tags foundation

Browse Source 
Phase 1: Setup & Database (13 tasks completed)
- Add assignments JSONB column to backup_items table
- Add group_mapping JSONB column to restore_runs table
- Extend BackupItem model with 7 assignment accessor methods
- Extend RestoreRun model with 8 group mapping helper methods
- Add scopeWithAssignments() query scope to BackupItem
- Update graph_contracts.php with assignments endpoints
- Create 5 factories: BackupItem, RestoreRun, Tenant, BackupSet, Policy
- Add 30 unit tests (15 BackupItem, 15 RestoreRun) - all passing

Phase 2: Graph API Integration (16 tasks completed)
- Create AssignmentFetcher service with fallback strategy
- Create GroupResolver service with orphaned ID handling
- Create ScopeTagResolver service with 1-hour caching
- Implement fail-soft error handling for all services
- Add 17 unit tests (5 AssignmentFetcher, 6 GroupResolver, 6 ScopeTagResolver) - all passing
- Total: 71 assertions across all Phase 2 tests

Test Results:
- Phase 1: 30/30 tests passing (45 assertions)
- Phase 2: 17/17 tests passing (71 assertions)
- Total: 47/47 tests passing (116 assertions)
- Code formatted with Pint (PSR-12 compliant)

Next: Phase 3 - US1 Backup with Assignments (12 tasks)
This commit is contained in:
Ahmed Darrazi 2025-12-22 02:10:35 +01:00
parent bd4608551b
commit 86bb4cdbd6
19 changed files with 1466 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
app/Models/BackupItem.php
View File

@ -19,6 +19,7 @@ class BackupItem extends Model
protected $casts = [ protected $casts = [
'payload' => 'array', 'payload' => 'array',
'metadata' => 'array', 'metadata' => 'array',
'assignments' => 'array',
'captured_at' => 'datetime', 'captured_at' => 'datetime',
]; ];
@ -36,4 +37,52 @@ public function policy(): BelongsTo
{ {
return $this->belongsTo(Policy::class); return $this->belongsTo(Policy::class);
} }
// Assignment helpers
public function getAssignmentCountAttribute(): int
{
return count($this->assignments ?? []);
}
public function hasAssignments(): bool
{
return ! empty($this->assignments);
}
public function getGroupIdsAttribute(): array
{
return collect($this->assignments ?? [])
->pluck('target.groupId')
->filter()
->unique()
->values()
->toArray();
}
public function getScopeTagIdsAttribute(): array
{
return $this->metadata['scope_tag_ids'] ?? ['0'];
}
public function getScopeTagNamesAttribute(): array
{
return $this->metadata['scope_tag_names'] ?? ['Default'];
}
public function hasOrphanedAssignments(): bool
{
return $this->metadata['has_orphaned_assignments'] ?? false;
}
public function assignmentsFetchFailed(): bool
{
return $this->metadata['assignments_fetch_failed'] ?? false;
}
// Scopes
public function scopeWithAssignments($query)
{
return $query->whereNotNull('assignments')
->whereRaw('json_array_length(assignments) > 0');
}
} }

59
app/Models/RestoreRun.php
View File

@ -20,6 +20,7 @@ class RestoreRun extends Model
'preview' => 'array', 'preview' => 'array',
'results' => 'array', 'results' => 'array',
'metadata' => 'array', 'metadata' => 'array',
'group_mapping' => 'array',
'started_at' => 'datetime', 'started_at' => 'datetime',
'completed_at' => 'datetime', 'completed_at' => 'datetime',
]; ];
@ -33,4 +34,62 @@ public function backupSet(): BelongsTo
{ {
return $this->belongsTo(BackupSet::class); return $this->belongsTo(BackupSet::class);
} }
// Group mapping helpers
public function hasGroupMapping(): bool
{
return ! empty($this->group_mapping);
}
public function getMappedGroupId(string $sourceGroupId): ?string
{
return $this->group_mapping[$sourceGroupId] ?? null;
}
public function isGroupSkipped(string $sourceGroupId): bool
{
return $this->group_mapping[$sourceGroupId] === 'SKIP';
}
public function getUnmappedGroupIds(array $sourceGroupIds): array
{
return array_diff($sourceGroupIds, array_keys($this->group_mapping ?? []));
}
public function addGroupMapping(string $sourceGroupId, string $targetGroupId): void
{
$mapping = $this->group_mapping ?? [];
$mapping[$sourceGroupId] = $targetGroupId;
$this->group_mapping = $mapping;
}
// Assignment restore outcome helpers
public function getAssignmentRestoreOutcomes(): array
{
return $this->results['assignment_outcomes'] ?? [];
}
public function getSuccessfulAssignmentsCount(): int
{
return count(array_filter(
$this->getAssignmentRestoreOutcomes(),
fn ($outcome) => $outcome['status'] === 'success'
));
}
public function getFailedAssignmentsCount(): int
{
return count(array_filter(
$this->getAssignmentRestoreOutcomes(),
fn ($outcome) => $outcome['status'] === 'failed'
));
}
public function getSkippedAssignmentsCount(): int
{
return count(array_filter(
$this->getAssignmentRestoreOutcomes(),
fn ($outcome) => $outcome['status'] === 'skipped'
));
}
} }

106
app/Services/Graph/AssignmentFetcher.php Normal file
View File

@ -0,0 +1,106 @@
<?php
namespace App\Services\Graph;
class AssignmentFetcher
{
public function __construct(
private readonly MicrosoftGraphClient $graphClient,
private readonly GraphLogger $logger,
) {}
/**
* Fetch policy assignments with fallback strategy.
*
* Primary: GET /deviceManagement/configurationPolicies/{id}/assignments
* Fallback: GET /deviceManagement/configurationPolicies?$expand=assignments&$filter=id eq '{id}'
*
* @return array Returns assignment array or empty array on failure
*/
public function fetch(string $tenantId, string $policyId): array
{
try {
// Try primary endpoint
$assignments = $this->fetchPrimary($tenantId, $policyId);
if (! empty($assignments)) {
$this->logger->logDebug('Fetched assignments via primary endpoint', [
'tenant_id' => $tenantId,
'policy_id' => $policyId,
'count' => count($assignments),
]);
return $assignments;
}
// Try fallback with $expand
$this->logger->logDebug('Primary endpoint returned empty, trying fallback', [
'tenant_id' => $tenantId,
'policy_id' => $policyId,
]);
$assignments = $this->fetchWithExpand($tenantId, $policyId);
if (! empty($assignments)) {
$this->logger->logDebug('Fetched assignments via fallback endpoint', [
'tenant_id' => $tenantId,
'policy_id' => $policyId,
'count' => count($assignments),
]);
return $assignments;
}
// Both methods returned empty
$this->logger->logDebug('No assignments found for policy', [
'tenant_id' => $tenantId,
'policy_id' => $policyId,
]);
return [];
} catch (GraphException $e) {
$this->logger->logWarning('Failed to fetch assignments', [
'tenant_id' => $tenantId,
'policy_id' => $policyId,
'error' => $e->getMessage(),
'context' => $e->context,
]);
return [];
}
}
/**
* Fetch assignments using primary endpoint.
*/
private function fetchPrimary(string $tenantId, string $policyId): array
{
$path = "/deviceManagement/configurationPolicies/{$policyId}/assignments";
$response = $this->graphClient->get($path, $tenantId);
return $response['value'] ?? [];
}
/**
* Fetch assignments using $expand fallback.
*/
private function fetchWithExpand(string $tenantId, string $policyId): array
{
$path = '/deviceManagement/configurationPolicies';
$params = [
'$expand' => 'assignments',
'$filter' => "id eq '{$policyId}'",
];
$response = $this->graphClient->get($path, $tenantId, $params);
$policies = $response['value'] ?? [];
if (empty($policies)) {
return [];
}
return $policies[0]['assignments'] ?? [];
}
}

120
app/Services/Graph/GroupResolver.php Normal file
View File

@ -0,0 +1,120 @@
<?php
namespace App\Services\Graph;
use Illuminate\Support\Facades\Cache;
class GroupResolver
{
public function __construct(
private readonly MicrosoftGraphClient $graphClient,
private readonly GraphLogger $logger,
) {}
/**
* Resolve group IDs to group objects with display names.
*
* Uses POST /directoryObjects/getByIds endpoint.
* Missing IDs are marked as orphaned.
*
* @param array $groupIds Array of group IDs to resolve
* @param string $tenantId Target tenant ID
* @return array Keyed array: ['group-id' => ['id' => ..., 'displayName' => ..., 'orphaned' => bool]]
*/
public function resolveGroupIds(array $groupIds, string $tenantId): array
{
if (empty($groupIds)) {
return [];
}
// Create cache key
$cacheKey = $this->getCacheKey($groupIds, $tenantId);
return Cache::remember($cacheKey, 300, function () use ($groupIds, $tenantId) {
return $this->fetchAndResolveGroups($groupIds, $tenantId);
});
}
/**
* Fetch groups from Graph API and resolve orphaned IDs.
*/
private function fetchAndResolveGroups(array $groupIds, string $tenantId): array
{
try {
$response = $this->graphClient->post(
'/directoryObjects/getByIds',
[
'ids' => array_values($groupIds),
'types' => ['group'],
],
$tenantId
);
$resolvedGroups = $response['value'] ?? [];
// Create result map
$result = [];
$resolvedIds = [];
// Add resolved groups
foreach ($resolvedGroups as $group) {
$groupId = $group['id'];
$resolvedIds[] = $groupId;
$result[$groupId] = [
'id' => $groupId,
'displayName' => $group['displayName'] ?? null,
'orphaned' => false,
];
}
// Add orphaned groups (not in response)
foreach ($groupIds as $groupId) {
if (! in_array($groupId, $resolvedIds)) {
$result[$groupId] = [
'id' => $groupId,
'displayName' => null,
'orphaned' => true,
];
}
}
$this->logger->logDebug('Resolved group IDs', [
'tenant_id' => $tenantId,
'requested' => count($groupIds),
'resolved' => count($resolvedIds),
'orphaned' => count($groupIds) - count($resolvedIds),
]);
return $result;
} catch (GraphException $e) {
$this->logger->logWarning('Failed to resolve group IDs', [
'tenant_id' => $tenantId,
'group_ids' => $groupIds,
'error' => $e->getMessage(),
'context' => $e->context,
]);
// Return all as orphaned on failure
$result = [];
foreach ($groupIds as $groupId) {
$result[$groupId] = [
'id' => $groupId,
'displayName' => null,
'orphaned' => true,
];
}
return $result;
}
}
/**
* Generate cache key for group resolution.
*/
private function getCacheKey(array $groupIds, string $tenantId): string
{
sort($groupIds);
return "groups:{$tenantId}:".md5(implode(',', $groupIds));
}
}

68
app/Services/Graph/ScopeTagResolver.php Normal file
View File

@ -0,0 +1,68 @@
<?php
namespace App\Services\Graph;
use Illuminate\Support\Facades\Cache;
class ScopeTagResolver
{
public function __construct(
private readonly MicrosoftGraphClient $graphClient,
private readonly GraphLogger $logger,
) {}
/**
* Resolve scope tag IDs to scope tag objects.
*
* Fetches all scope tags from tenant and caches for 1 hour.
* Filters to requested IDs in memory.
*
* @param array $scopeTagIds Array of scope tag IDs to resolve
* @return array Array of scope tag objects with id and displayName
*/
public function resolve(array $scopeTagIds): array
{
if (empty($scopeTagIds)) {
return [];
}
// Fetch all scope tags (cached)
$allScopeTags = $this->fetchAllScopeTags();
// Filter to requested IDs
return array_filter($allScopeTags, function ($scopeTag) use ($scopeTagIds) {
return in_array($scopeTag['id'], $scopeTagIds);
});
}
/**
* Fetch all scope tags from Graph API (cached for 1 hour).
*/
private function fetchAllScopeTags(): array
{
return Cache::remember('scope_tags:all', 3600, function () {
try {
$response = $this->graphClient->get(
'/deviceManagement/roleScopeTags',
null,
['$select' => 'id,displayName']
);
$scopeTags = $response['value'] ?? [];
$this->logger->logDebug('Fetched scope tags', [
'count' => count($scopeTags),
]);
return $scopeTags;
} catch (GraphException $e) {
$this->logger->logWarning('Failed to fetch scope tags', [
'error' => $e->getMessage(),
'context' => $e->context,
]);
return [];
}
});
}
}

13
config/graph_contracts.php
View File

@ -70,6 +70,19 @@
'fallback_body_shape' => 'wrapped', 'fallback_body_shape' => 'wrapped',
], ],
'update_strategy' => 'settings_catalog_policy_with_settings', 'update_strategy' => 'settings_catalog_policy_with_settings',
// Assignments CRUD (standard Graph pattern)
'assignments_list_path' => '/deviceManagement/configurationPolicies/{id}/assignments',
'assignments_create_path' => '/deviceManagement/configurationPolicies/{id}/assignments',
'assignments_create_method' => 'POST',
'assignments_update_path' => '/deviceManagement/configurationPolicies/{id}/assignments/{assignmentId}',
'assignments_update_method' => 'PATCH',
'assignments_delete_path' => '/deviceManagement/configurationPolicies/{id}/assignments/{assignmentId}',
'assignments_delete_method' => 'DELETE',
// Scope Tags
'supports_scope_tags' => true,
'scope_tag_field' => 'roleScopeTagIds',
], ],
'deviceCompliancePolicy' => [ 'deviceCompliancePolicy' => [
'resource' => 'deviceManagement/deviceCompliancePolicies', 'resource' => 'deviceManagement/deviceCompliancePolicies',

35
database/factories/BackupItemFactory.php Normal file
View File

@ -0,0 +1,35 @@
<?php
namespace Database\Factories;
use App\Models\BackupSet;
use App\Models\Policy;
use App\Models\Tenant;
use Illuminate\Database\Eloquent\Factories\Factory;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\BackupItem>
*/
class BackupItemFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'tenant_id' => Tenant::factory(),
'backup_set_id' => BackupSet::factory(),
'policy_id' => Policy::factory(),
'policy_identifier' => fake()->uuid(),
'policy_type' => 'settingsCatalogPolicy',
'platform' => fake()->randomElement(['android', 'iOS', 'macOS', 'windows10']),
'captured_at' => now(),
'payload' => ['id' => fake()->uuid(), 'name' => fake()->words(3, true)],
'metadata' => ['policy_name' => fake()->words(3, true)],
'assignments' => null,
];
}
}

30
database/factories/BackupSetFactory.php Normal file
View File

@ -0,0 +1,30 @@
<?php
namespace Database\Factories;
use App\Models\Tenant;
use Illuminate\Database\Eloquent\Factories\Factory;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\BackupSet>
*/
class BackupSetFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'tenant_id' => Tenant::factory(),
'name' => fake()->words(3, true),
'created_by' => fake()->email(),
'status' => 'completed',
'item_count' => fake()->numberBetween(0, 100),
'completed_at' => now(),
'metadata' => [],
];
}
}

30
database/factories/PolicyFactory.php Normal file
View File

@ -0,0 +1,30 @@
<?php
namespace Database\Factories;
use App\Models\Tenant;
use Illuminate\Database\Eloquent\Factories\Factory;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\Policy>
*/
class PolicyFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'tenant_id' => Tenant::factory(),
'external_id' => fake()->uuid(),
'policy_type' => 'settingsCatalogPolicy',
'platform' => fake()->randomElement(['android', 'iOS', 'macOS', 'windows10']),
'display_name' => fake()->words(3, true),
'last_synced_at' => now(),
'metadata' => [],
];
}
}

35
database/factories/RestoreRunFactory.php Normal file
View File

@ -0,0 +1,35 @@
<?php
namespace Database\Factories;
use App\Models\BackupSet;
use App\Models\Tenant;
use Illuminate\Database\Eloquent\Factories\Factory;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\RestoreRun>
*/
class RestoreRunFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'tenant_id' => Tenant::factory(),
'backup_set_id' => BackupSet::factory(),
'status' => 'completed',
'is_dry_run' => false,
'requested_items' => [],
'preview' => [],
'results' => [],
'metadata' => [],
'group_mapping' => null,
'started_at' => now()->subHour(),
'completed_at' => now(),
];
}
}

27
database/factories/TenantFactory.php Normal file
View File

@ -0,0 +1,27 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\Tenant>
*/
class TenantFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'name' => fake()->company(),
'tenant_id' => fake()->uuid(),
'app_client_id' => fake()->uuid(),
'app_client_secret' => null, // Skip encryption in tests
'metadata' => [],
];
}
}

28
database/migrations/2025_12_22_004948_add_assignments_to_backup_items.php Normal file
View File

@ -0,0 +1,28 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::table('backup_items', function (Blueprint $table) {
$table->json('assignments')->nullable()->after('metadata');
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::table('backup_items', function (Blueprint $table) {
$table->dropColumn('assignments');
});
}
};

28
database/migrations/2025_12_22_004957_add_group_mapping_to_restore_runs.php Normal file
View File

@ -0,0 +1,28 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::table('restore_runs', function (Blueprint $table) {
$table->json('group_mapping')->nullable()->after('results');
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::table('restore_runs', function (Blueprint $table) {
$table->dropColumn('group_mapping');
});
}
};

58
specs/004-assignments-scope-tags/tasks.md
View File

@ -17,26 +17,26 @@ ## Phase 1: Setup & Database (Foundation)
### Tasks ### Tasks
**1.1** ⭐ Create migration: `add_assignments_to_backup_items` **1.1** [X] ⭐ Create migration: `add_assignments_to_backup_items`
- File: `database/migrations/xxxx_add_assignments_to_backup_items.php` - File: `database/migrations/xxxx_add_assignments_to_backup_items.php`
- Add `assignments` JSONB column after `metadata` - Add `assignments` JSONB column after `metadata`
- Make nullable - Make nullable
- Write reversible `down()` method - Write reversible `down()` method
- Test: `php artisan migrate` and `migrate:rollback` - Test: `php artisan migrate` and `migrate:rollback`
**1.2** ⭐ Create migration: `add_group_mapping_to_restore_runs` **1.2** [X] ⭐ Create migration: `add_group_mapping_to_restore_runs`
- File: `database/migrations/xxxx_add_group_mapping_to_restore_runs.php` - File: `database/migrations/xxxx_add_group_mapping_to_restore_runs.php`
- Add `group_mapping` JSONB column after `results` - Add `group_mapping` JSONB column after `results`
- Make nullable - Make nullable
- Write reversible `down()` method - Write reversible `down()` method
- Test: `php artisan migrate` and `migrate:rollback` - Test: `php artisan migrate` and `migrate:rollback`
**1.3** ⭐ Update `BackupItem` model with assignments cast **1.3** [X] ⭐ Update `BackupItem` model with assignments cast
- Add `'assignments' => 'array'` to `$casts` - Add `'assignments' => 'array'` to `$casts`
- Add `assignments` to `$fillable` - Add `assignments` to `$fillable`
- Test: Create BackupItem with assignments, verify cast works - Test: Create BackupItem with assignments, verify cast works
**1.4** ⭐ Add `BackupItem` assignment accessor methods **1.4** [X] ⭐ Add `BackupItem` assignment accessor methods
- `getAssignmentCountAttribute(): int` - `getAssignmentCountAttribute(): int`
- `hasAssignments(): bool` - `hasAssignments(): bool`
- `getGroupIdsAttribute(): array` - `getGroupIdsAttribute(): array`
@ -45,53 +45,53 @@ ### Tasks
- `hasOrphanedAssignments(): bool` - `hasOrphanedAssignments(): bool`
- `assignmentsFetchFailed(): bool` - `assignmentsFetchFailed(): bool`
**1.5** ⭐ Add `BackupItem` scope: `scopeWithAssignments()` **1.5** [X] ⭐ Add `BackupItem` scope: `scopeWithAssignments()`
- Filter policies with non-null assignments - Filter policies with non-null assignments
- Use `whereNotNull('assignments')` and `whereRaw('json_array_length(assignments) > 0')` - Use `whereNotNull('assignments')` and `whereRaw('json_array_length(assignments) > 0')`
**1.6** ⭐ Update `RestoreRun` model with group_mapping cast **1.6** [X] ⭐ Update `RestoreRun` model with group_mapping cast
- Add `'group_mapping' => 'array'` to `$casts` - Add `'group_mapping' => 'array'` to `$casts`
- Add `group_mapping` to `$fillable` - Add `group_mapping` to `$fillable`
- Test: Create RestoreRun with group_mapping, verify cast works - Test: Create RestoreRun with group_mapping, verify cast works
**1.7** ⭐ Add `RestoreRun` group mapping helper methods **1.7** [X] ⭐ Add `RestoreRun` group mapping helper methods
- `hasGroupMapping(): bool` - `hasGroupMapping(): bool`
- `getMappedGroupId(string $sourceGroupId): ?string` - `getMappedGroupId(string $sourceGroupId): ?string`
- `isGroupSkipped(string $sourceGroupId): bool` - `isGroupSkipped(string $sourceGroupId): bool`
- `getUnmappedGroupIds(array $sourceGroupIds): array` - `getUnmappedGroupIds(array $sourceGroupIds): array`
- `addGroupMapping(string $sourceGroupId, string $targetGroupId): void` - `addGroupMapping(string $sourceGroupId, string $targetGroupId): void`
**1.8** ⭐ Add `RestoreRun` assignment outcome methods **1.8** [X] ⭐ Add `RestoreRun` assignment outcome methods
- `getAssignmentRestoreOutcomes(): array` - `getAssignmentRestoreOutcomes(): array`
- `getSuccessfulAssignmentsCount(): int` - `getSuccessfulAssignmentsCount(): int`
- `getFailedAssignmentsCount(): int` - `getFailedAssignmentsCount(): int`
- `getSkippedAssignmentsCount(): int` - `getSkippedAssignmentsCount(): int`
**1.9** ⭐ Update `config/graph_contracts.php` with assignments endpoints **1.9** [X] ⭐ Update `config/graph_contracts.php` with assignments endpoints
- Add `assignments_list_path` (GET) - Add `assignments_list_path` (GET)
- Add `assignments_create_path` (POST) - Add `assignments_create_path` (POST)
- Add `assignments_delete_path` (DELETE) - Add `assignments_delete_path` (DELETE)
- Add `supports_scope_tags: true` - Add `supports_scope_tags: true`
- Add `scope_tag_field: 'roleScopeTagIds'` - Add `scope_tag_field: 'roleScopeTagIds'`
**1.10** ⭐ Write unit tests: `BackupItemTest` **1.10** [X] ⭐ Write unit tests: `BackupItemTest`
- Test assignment accessors - Test assignment accessors
- Test scope `withAssignments()` - Test scope `withAssignments()`
- Test metadata helpers (scope tags, orphaned flags) - Test metadata helpers (scope tags, orphaned flags)
- Expected: 100% coverage for new methods - Expected: 100% coverage for new methods
**1.11** ⭐ Write unit tests: `RestoreRunTest` **1.11** [X] ⭐ Write unit tests: `RestoreRunTest`
- Test group mapping helpers - Test group mapping helpers
- Test assignment outcome methods - Test assignment outcome methods
- Test `addGroupMapping()` persistence - Test `addGroupMapping()` persistence
- Expected: 100% coverage for new methods - Expected: 100% coverage for new methods
**1.12** Run Pint: Format all new code **1.12** [X] Run Pint: Format all new code
- `./vendor/bin/pint database/migrations/` - `./vendor/bin/pint database/migrations/`
- `./vendor/bin/pint app/Models/BackupItem.php` - `./vendor/bin/pint app/Models/BackupItem.php`
- `./vendor/bin/pint app/Models/RestoreRun.php` - `./vendor/bin/pint app/Models/RestoreRun.php`
**1.13** Verify tests pass **1.13** [X] Verify tests pass
- Run: `php artisan test --filter=BackupItem` - Run: `php artisan test --filter=BackupItem`
- Run: `php artisan test --filter=RestoreRun` - Run: `php artisan test --filter=RestoreRun`
- Expected: All green - Expected: All green
@ -106,7 +106,7 @@ ## Phase 2: Graph API Integration (Core Services)
### Tasks ### Tasks
**2.1** ⭐ Create service: `AssignmentFetcher` **2.1** [X] ⭐ Create service: `AssignmentFetcher`
- File: `app/Services/Graph/AssignmentFetcher.php` - File: `app/Services/Graph/AssignmentFetcher.php`
- Method: `fetch(string $tenantId, string $policyId): array` - Method: `fetch(string $tenantId, string $policyId): array`
- Implement primary endpoint: GET `/assignments` - Implement primary endpoint: GET `/assignments`
@ -114,81 +114,81 @@ ### Tasks
- Return empty array on failure (fail-soft) - Return empty array on failure (fail-soft)
- Log warnings with request IDs - Log warnings with request IDs
**2.2** ⭐ Add error handling to `AssignmentFetcher` **2.2** [X] ⭐ Add error handling to `AssignmentFetcher`
- Catch `GraphException` - Catch `GraphException`
- Log: tenant_id, policy_id, error message, request_id - Log: tenant_id, policy_id, error message, request_id
- Return empty array (don't throw) - Return empty array (don't throw)
- Set flag for caller: `assignments_fetch_failed` - Set flag for caller: `assignments_fetch_failed`
**2.3** ⭐ Write unit test: `AssignmentFetcherTest::primary_endpoint_success` **2.3** [X] ⭐ Write unit test: `AssignmentFetcherTest::primary_endpoint_success`
- Mock Graph response with assignments - Mock Graph response with assignments
- Assert returned array matches response - Assert returned array matches response
- Assert no fallback called - Assert no fallback called
**2.4** ⭐ Write unit test: `AssignmentFetcherTest::fallback_on_empty_response` **2.4** [X] ⭐ Write unit test: `AssignmentFetcherTest::fallback_on_empty_response`
- Mock primary returning empty array - Mock primary returning empty array
- Mock fallback returning assignments - Mock fallback returning assignments
- Assert fallback called - Assert fallback called
- Assert assignments returned - Assert assignments returned
**2.5** ⭐ Write unit test: `AssignmentFetcherTest::fail_soft_on_error` **2.5** [X] ⭐ Write unit test: `AssignmentFetcherTest::fail_soft_on_error`
- Mock both endpoints throwing `GraphException` - Mock both endpoints throwing `GraphException`
- Assert empty array returned - Assert empty array returned
- Assert warning logged - Assert warning logged
**2.6** Create service: `GroupResolver` **2.6** [X] Create service: `GroupResolver`
- File: `app/Services/Graph/GroupResolver.php` - File: `app/Services/Graph/GroupResolver.php`
- Method: `resolveGroupIds(array $groupIds, string $tenantId): array` - Method: `resolveGroupIds(array $groupIds, string $tenantId): array`
- Implement: POST `/directoryObjects/getByIds` - Implement: POST `/directoryObjects/getByIds`
- Return keyed array: `['group-id' => ['id', 'displayName', 'orphaned']]` - Return keyed array: `['group-id' => ['id', 'displayName', 'orphaned']]`
- Handle orphaned IDs (not in response) - Handle orphaned IDs (not in response)
**2.7** Add caching to `GroupResolver` **2.7** [X] Add caching to `GroupResolver`
- Cache key: `"groups:{$tenantId}:" . md5(implode(',', $groupIds))` - Cache key: `"groups:{$tenantId}:" . md5(implode(',', $groupIds))`
- TTL: 5 minutes - TTL: 5 minutes
- Use `Cache::remember()` - Use `Cache::remember()`
**2.8** Write unit test: `GroupResolverTest::resolves_all_groups` **2.8** [X] Write unit test: `GroupResolverTest::resolves_all_groups`
- Mock Graph response with all group IDs - Mock Graph response with all group IDs
- Assert all resolved with names - Assert all resolved with names
- Assert `orphaned: false` - Assert `orphaned: false`
**2.9** Write unit test: `GroupResolverTest::handles_orphaned_ids` **2.9** [X] Write unit test: `GroupResolverTest::handles_orphaned_ids`
- Mock Graph response missing some IDs - Mock Graph response missing some IDs
- Assert orphaned IDs have `displayName: null` - Assert orphaned IDs have `displayName: null`
- Assert `orphaned: true` - Assert `orphaned: true`
**2.10** Write unit test: `GroupResolverTest::caches_results` **2.10** [X] Write unit test: `GroupResolverTest::caches_results`
- Call resolver twice with same IDs - Call resolver twice with same IDs
- Assert Graph API called only once - Assert Graph API called only once
- Assert cache hit on second call - Assert cache hit on second call
**2.11** Create service: `ScopeTagResolver` **2.11** [X] Create service: `ScopeTagResolver`
- File: `app/Services/Graph/ScopeTagResolver.php` - File: `app/Services/Graph/ScopeTagResolver.php`
- Method: `resolve(array $scopeTagIds): array` - Method: `resolve(array $scopeTagIds): array`
- Implement: GET `/deviceManagement/roleScopeTags?$select=id,displayName` - Implement: GET `/deviceManagement/roleScopeTags?$select=id,displayName`
- Return array of scope tag objects - Return array of scope tag objects
- Cache results (1 hour TTL) - Cache results (1 hour TTL)
**2.12** Add cache to `ScopeTagResolver` **2.12** [X] Add cache to `ScopeTagResolver`
- Cache key: `"scope_tags:all"` - Cache key: `"scope_tags:all"`
- TTL: 1 hour - TTL: 1 hour
- Fetch all scope tags once, filter in memory - Fetch all scope tags once, filter in memory
**2.13** Write unit test: `ScopeTagResolverTest::resolves_scope_tags` **2.13** [X] Write unit test: `ScopeTagResolverTest::resolves_scope_tags`
- Mock Graph response - Mock Graph response
- Assert correct scope tags returned - Assert correct scope tags returned
- Assert filtered to requested IDs only - Assert filtered to requested IDs only
**2.14** Write unit test: `ScopeTagResolverTest::caches_results` **2.14** [X] Write unit test: `ScopeTagResolverTest::caches_results`
- Call resolver twice - Call resolver twice
- Assert Graph API called only once - Assert Graph API called only once
- Assert cache hit on second call - Assert cache hit on second call
**2.15** Run Pint: Format service classes **2.15** [X] Run Pint: Format service classes
- `./vendor/bin/pint app/Services/Graph/` - `./vendor/bin/pint app/Services/Graph/`
**2.16** Verify service tests pass **2.16** [X] Verify service tests pass
- Run: `php artisan test --filter=AssignmentFetcher` - Run: `php artisan test --filter=AssignmentFetcher`
- Run: `php artisan test --filter=GroupResolver` - Run: `php artisan test --filter=GroupResolver`
- Run: `php artisan test --filter=ScopeTagResolver` - Run: `php artisan test --filter=ScopeTagResolver`

148
tests/Unit/AssignmentFetcherTest.php Normal file
View File

@ -0,0 +1,148 @@
<?php
use App\Services\Graph\AssignmentFetcher;
use App\Services\Graph\GraphException;
use App\Services\Graph\GraphLogger;
use App\Services\Graph\MicrosoftGraphClient;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
uses(TestCase::class, RefreshDatabase::class);
beforeEach(function () {
$this->graphClient = Mockery::mock(MicrosoftGraphClient::class);
$this->logger = Mockery::mock(GraphLogger::class);
$this->fetcher = new AssignmentFetcher($this->graphClient, $this->logger);
});
test('primary endpoint success', function () {
$tenantId = 'tenant-123';
$policyId = 'policy-456';
$assignments = [
['id' => 'assign-1', 'target' => ['@odata.type' => '#microsoft.graph.groupAssignmentTarget', 'groupId' => 'group-1']],
['id' => 'assign-2', 'target' => ['@odata.type' => '#microsoft.graph.groupAssignmentTarget', 'groupId' => 'group-2']],
];
$this->graphClient
->shouldReceive('get')
->once()
->with("/deviceManagement/configurationPolicies/{$policyId}/assignments", $tenantId)
->andReturn(['value' => $assignments]);
$this->logger
->shouldReceive('logDebug')
->once()
->with('Fetched assignments via primary endpoint', Mockery::any());
$result = $this->fetcher->fetch($tenantId, $policyId);
expect($result)->toBe($assignments);
});
test('fallback on empty response', function () {
$tenantId = 'tenant-123';
$policyId = 'policy-456';
$assignments = [
['id' => 'assign-1', 'target' => ['@odata.type' => '#microsoft.graph.groupAssignmentTarget', 'groupId' => 'group-1']],
];
// Primary returns empty
$this->graphClient
->shouldReceive('get')
->once()
->with("/deviceManagement/configurationPolicies/{$policyId}/assignments", $tenantId)
->andReturn(['value' => []]);
// Fallback returns assignments
$this->graphClient
->shouldReceive('get')
->once()
->with('/deviceManagement/configurationPolicies', $tenantId, [
'$expand' => 'assignments',
'$filter' => "id eq '{$policyId}'",
])
->andReturn(['value' => [['id' => $policyId, 'assignments' => $assignments]]]);
$this->logger
->shouldReceive('logDebug')
->twice();
$result = $this->fetcher->fetch($tenantId, $policyId);
expect($result)->toBe($assignments);
});
test('fail soft on error', function () {
$tenantId = 'tenant-123';
$policyId = 'policy-456';
$this->graphClient
->shouldReceive('get')
->once()
->andThrow(new GraphException('Graph API error', 500, ['request_id' => 'request-id-123']));
$this->logger
->shouldReceive('logWarning')
->once()
->with('Failed to fetch assignments', Mockery::on(function ($context) use ($tenantId, $policyId) {
return $context['tenant_id'] === $tenantId
&& $context['policy_id'] === $policyId
&& isset($context['context']['request_id']);
}));
$result = $this->fetcher->fetch($tenantId, $policyId);
expect($result)->toBe([]);
});
test('returns empty array when both endpoints return empty', function () {
$tenantId = 'tenant-123';
$policyId = 'policy-456';
// Primary returns empty
$this->graphClient
->shouldReceive('get')
->once()
->with("/deviceManagement/configurationPolicies/{$policyId}/assignments", $tenantId)
->andReturn(['value' => []]);
// Fallback returns empty
$this->graphClient
->shouldReceive('get')
->once()
->with('/deviceManagement/configurationPolicies', $tenantId, Mockery::any())
->andReturn(['value' => []]);
$this->logger
->shouldReceive('logDebug')
->times(2);
$result = $this->fetcher->fetch($tenantId, $policyId);
expect($result)->toBe([]);
});
test('fallback handles missing assignments key', function () {
$tenantId = 'tenant-123';
$policyId = 'policy-456';
// Primary returns empty
$this->graphClient
->shouldReceive('get')
->once()
->andReturn(['value' => []]);
// Fallback returns policy without assignments key
$this->graphClient
->shouldReceive('get')
->once()
->andReturn(['value' => [['id' => $policyId]]]);
$this->logger
->shouldReceive('logDebug')
->times(2);
$result = $this->fetcher->fetch($tenantId, $policyId);
expect($result)->toBe([]);
});

157
tests/Unit/BackupItemTest.php Normal file
View File

@ -0,0 +1,157 @@
<?php
use App\Models\BackupItem;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
uses(TestCase::class, RefreshDatabase::class);
test('assignments cast works', function () {
$backupItem = BackupItem::factory()->create([
'assignments' => [
['id' => 'abc-123', 'target' => ['groupId' => 'group-1']],
],
]);
expect($backupItem->assignments)->toBeArray()
->and($backupItem->assignments)->toHaveCount(1);
});
test('getAssignmentCountAttribute returns correct count', function () {
$backupItem = BackupItem::factory()->create([
'assignments' => [
['id' => 'abc-123', 'target' => ['groupId' => 'group-1']],
['id' => 'def-456', 'target' => ['groupId' => 'group-2']],
],
]);
expect($backupItem->assignment_count)->toBe(2);
});
test('getAssignmentCountAttribute returns zero for null assignments', function () {
$backupItem = BackupItem::factory()->create([
'assignments' => null,
]);
expect($backupItem->assignment_count)->toBe(0);
});
test('hasAssignments returns true when assignments exist', function () {
$backupItem = BackupItem::factory()->create([
'assignments' => [
['id' => 'abc-123', 'target' => ['groupId' => 'group-1']],
],
]);
expect($backupItem->hasAssignments())->toBeTrue();
});
test('hasAssignments returns false when assignments are null', function () {
$backupItem = BackupItem::factory()->create([
'assignments' => null,
]);
expect($backupItem->hasAssignments())->toBeFalse();
});
test('getGroupIdsAttribute extracts unique group IDs', function () {
$backupItem = BackupItem::factory()->create([
'assignments' => [
['id' => 'abc-123', 'target' => ['groupId' => 'group-1']],
['id' => 'def-456', 'target' => ['groupId' => 'group-2']],
['id' => 'ghi-789', 'target' => ['groupId' => 'group-1']], // duplicate
],
]);
expect($backupItem->group_ids)->toHaveCount(2)
->and($backupItem->group_ids)->toContain('group-1', 'group-2');
});
test('getScopeTagIdsAttribute returns scope tag IDs from metadata', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [
'scope_tag_ids' => ['0', 'abc-123', 'def-456'],
],
]);
expect($backupItem->scope_tag_ids)->toHaveCount(3)
->and($backupItem->scope_tag_ids)->toContain('0', 'abc-123', 'def-456');
});
test('getScopeTagIdsAttribute returns default when not in metadata', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [],
]);
expect($backupItem->scope_tag_ids)->toBe(['0']);
});
test('getScopeTagNamesAttribute returns scope tag names from metadata', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [
'scope_tag_names' => ['Default', 'HR-Admins', 'Finance'],
],
]);
expect($backupItem->scope_tag_names)->toHaveCount(3)
->and($backupItem->scope_tag_names)->toContain('Default', 'HR-Admins', 'Finance');
});
test('getScopeTagNamesAttribute returns default when not in metadata', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [],
]);
expect($backupItem->scope_tag_names)->toBe(['Default']);
});
test('hasOrphanedAssignments returns true when flag is set', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [
'has_orphaned_assignments' => true,
],
]);
expect($backupItem->hasOrphanedAssignments())->toBeTrue();
});
test('hasOrphanedAssignments returns false when flag is not set', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [],
]);
expect($backupItem->hasOrphanedAssignments())->toBeFalse();
});
test('assignmentsFetchFailed returns true when flag is set', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [
'assignments_fetch_failed' => true,
],
]);
expect($backupItem->assignmentsFetchFailed())->toBeTrue();
});
test('assignmentsFetchFailed returns false when flag is not set', function () {
$backupItem = BackupItem::factory()->create([
'metadata' => [],
]);
expect($backupItem->assignmentsFetchFailed())->toBeFalse();
});
test('scopeWithAssignments filters items with assignments', function () {
BackupItem::factory()->create(['assignments' => null]);
BackupItem::factory()->create(['assignments' => []]);
$withAssignments = BackupItem::factory()->create([
'assignments' => [
['id' => 'abc-123', 'target' => ['groupId' => 'group-1']],
],
]);
$result = BackupItem::withAssignments()->get();
expect($result)->toHaveCount(1)
->and($result->first()->id)->toBe($withAssignments->id);
});

186
tests/Unit/GroupResolverTest.php Normal file
View File

@ -0,0 +1,186 @@
<?php
use App\Services\Graph\GraphException;
use App\Services\Graph\GraphLogger;
use App\Services\Graph\GroupResolver;
use App\Services\Graph\MicrosoftGraphClient;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Cache;
use Tests\TestCase;
uses(TestCase::class, RefreshDatabase::class);
beforeEach(function () {
Cache::flush();
$this->graphClient = Mockery::mock(MicrosoftGraphClient::class);
$this->logger = Mockery::mock(GraphLogger::class);
$this->resolver = new GroupResolver($this->graphClient, $this->logger);
});
test('resolves all groups', function () {
$tenantId = 'tenant-123';
$groupIds = ['group-1', 'group-2', 'group-3'];
$graphResponse = [
'value' => [
['id' => 'group-1', 'displayName' => 'All Users'],
['id' => 'group-2', 'displayName' => 'HR Team'],
['id' => 'group-3', 'displayName' => 'Contractors'],
],
];
$this->graphClient
->shouldReceive('post')
->once()
->with('/directoryObjects/getByIds', [
'ids' => $groupIds,
'types' => ['group'],
], $tenantId)
->andReturn($graphResponse);
$this->logger
->shouldReceive('logDebug')
->once();
$result = $this->resolver->resolveGroupIds($groupIds, $tenantId);
expect($result)->toHaveKey('group-1')
->and($result['group-1'])->toBe([
'id' => 'group-1',
'displayName' => 'All Users',
'orphaned' => false,
])
->and($result)->toHaveKey('group-2')
->and($result['group-2']['orphaned'])->toBeFalse()
->and($result)->toHaveKey('group-3')
->and($result['group-3']['orphaned'])->toBeFalse();
});
test('handles orphaned ids', function () {
$tenantId = 'tenant-123';
$groupIds = ['group-1', 'group-2', 'group-3'];
$graphResponse = [
'value' => [
['id' => 'group-1', 'displayName' => 'All Users'],
// group-2 and group-3 are missing (deleted)
],
];
$this->graphClient
->shouldReceive('post')
->once()
->andReturn($graphResponse);
$this->logger
->shouldReceive('logDebug')
->once()
->with('Resolved group IDs', Mockery::on(function ($context) {
return $context['requested'] === 3
&& $context['resolved'] === 1
&& $context['orphaned'] === 2;
}));
$result = $this->resolver->resolveGroupIds($groupIds, $tenantId);
expect($result)->toHaveKey('group-1')
->and($result['group-1']['orphaned'])->toBeFalse()
->and($result)->toHaveKey('group-2')
->and($result['group-2'])->toBe([
'id' => 'group-2',
'displayName' => null,
'orphaned' => true,
])
->and($result)->toHaveKey('group-3')
->and($result['group-3']['orphaned'])->toBeTrue();
});
test('caches results', function () {
$tenantId = 'tenant-123';
$groupIds = ['group-1', 'group-2'];
$graphResponse = [
'value' => [
['id' => 'group-1', 'displayName' => 'All Users'],
['id' => 'group-2', 'displayName' => 'HR Team'],
],
];
// First call - should hit Graph API
$this->graphClient
->shouldReceive('post')
->once()
->andReturn($graphResponse);
$this->logger
->shouldReceive('logDebug')
->once();
$result1 = $this->resolver->resolveGroupIds($groupIds, $tenantId);
// Second call - should use cache (no Graph API call)
$result2 = $this->resolver->resolveGroupIds($groupIds, $tenantId);
expect($result1)->toBe($result2)
->and($result1)->toHaveCount(2);
});
test('returns empty array for empty input', function () {
$result = $this->resolver->resolveGroupIds([], 'tenant-123');
expect($result)->toBe([]);
});
test('handles graph exception gracefully', function () {
$tenantId = 'tenant-123';
$groupIds = ['group-1', 'group-2'];
$this->graphClient
->shouldReceive('post')
->once()
->andThrow(new GraphException('Graph API error', 500, ['request_id' => 'request-id-123']));
$this->logger
->shouldReceive('logWarning')
->once()
->with('Failed to resolve group IDs', Mockery::on(function ($context) use ($groupIds) {
return $context['group_ids'] === $groupIds
&& isset($context['context']['request_id']);
}));
$result = $this->resolver->resolveGroupIds($groupIds, $tenantId);
// All groups should be marked as orphaned on failure
expect($result)->toHaveKey('group-1')
->and($result['group-1']['orphaned'])->toBeTrue()
->and($result['group-1']['displayName'])->toBeNull()
->and($result)->toHaveKey('group-2')
->and($result['group-2']['orphaned'])->toBeTrue();
});
test('cache key is consistent regardless of array order', function () {
$tenantId = 'tenant-123';
$groupIds1 = ['group-1', 'group-2', 'group-3'];
$groupIds2 = ['group-3', 'group-1', 'group-2']; // Different order
$graphResponse = [
'value' => [
['id' => 'group-1', 'displayName' => 'All Users'],
['id' => 'group-2', 'displayName' => 'HR Team'],
['id' => 'group-3', 'displayName' => 'Contractors'],
],
];
// First call with groupIds1
$this->graphClient
->shouldReceive('post')
->once()
->andReturn($graphResponse);
$this->logger
->shouldReceive('logDebug')
->once();
$result1 = $this->resolver->resolveGroupIds($groupIds1, $tenantId);
// Second call with groupIds2 (different order) - should use cache
$result2 = $this->resolver->resolveGroupIds($groupIds2, $tenantId);
expect($result1)->toBe($result2);
});

181
tests/Unit/RestoreRunTest.php Normal file
View File

@ -0,0 +1,181 @@
<?php
use App\Models\RestoreRun;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
uses(TestCase::class, RefreshDatabase::class);
test('group_mapping cast works', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
'source-group-2' => 'target-group-2',
],
]);
expect($restoreRun->group_mapping)->toBeArray()
->and($restoreRun->group_mapping)->toHaveCount(2);
});
test('hasGroupMapping returns true when mapping exists', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
],
]);
expect($restoreRun->hasGroupMapping())->toBeTrue();
});
test('hasGroupMapping returns false when mapping is null', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => null,
]);
expect($restoreRun->hasGroupMapping())->toBeFalse();
});
test('getMappedGroupId returns mapped group ID', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
],
]);
expect($restoreRun->getMappedGroupId('source-group-1'))->toBe('target-group-1');
});
test('getMappedGroupId returns null for unmapped group', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
],
]);
expect($restoreRun->getMappedGroupId('source-group-2'))->toBeNull();
});
test('isGroupSkipped returns true for skipped group', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'SKIP',
],
]);
expect($restoreRun->isGroupSkipped('source-group-1'))->toBeTrue();
});
test('isGroupSkipped returns false for mapped group', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
],
]);
expect($restoreRun->isGroupSkipped('source-group-1'))->toBeFalse();
});
test('getUnmappedGroupIds returns groups without mapping', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
],
]);
$unmapped = $restoreRun->getUnmappedGroupIds(['source-group-1', 'source-group-2', 'source-group-3']);
expect($unmapped)->toHaveCount(2)
->and($unmapped)->toContain('source-group-2', 'source-group-3');
});
test('addGroupMapping adds new mapping', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
],
]);
$restoreRun->addGroupMapping('source-group-2', 'target-group-2');
expect($restoreRun->group_mapping)->toHaveCount(2)
->and($restoreRun->group_mapping['source-group-2'])->toBe('target-group-2');
});
test('addGroupMapping overwrites existing mapping', function () {
$restoreRun = RestoreRun::factory()->create([
'group_mapping' => [
'source-group-1' => 'target-group-1',
],
]);
$restoreRun->addGroupMapping('source-group-1', 'target-group-new');
expect($restoreRun->group_mapping)->toHaveCount(1)
->and($restoreRun->group_mapping['source-group-1'])->toBe('target-group-new');
});
test('getAssignmentRestoreOutcomes returns outcomes from results', function () {
$restoreRun = RestoreRun::factory()->create([
'results' => [
'assignment_outcomes' => [
['status' => 'success', 'assignment' => []],
['status' => 'failed', 'assignment' => []],
],
],
]);
expect($restoreRun->getAssignmentRestoreOutcomes())->toHaveCount(2);
});
test('getAssignmentRestoreOutcomes returns empty array when not set', function () {
$restoreRun = RestoreRun::factory()->create([
'results' => [],
]);
expect($restoreRun->getAssignmentRestoreOutcomes())->toBeEmpty();
});
test('getSuccessfulAssignmentsCount returns correct count', function () {
$restoreRun = RestoreRun::factory()->create([
'results' => [
'assignment_outcomes' => [
['status' => 'success', 'assignment' => []],
['status' => 'success', 'assignment' => []],
['status' => 'failed', 'assignment' => []],
['status' => 'skipped', 'assignment' => []],
],
],
]);
expect($restoreRun->getSuccessfulAssignmentsCount())->toBe(2);
});
test('getFailedAssignmentsCount returns correct count', function () {
$restoreRun = RestoreRun::factory()->create([
'results' => [
'assignment_outcomes' => [
['status' => 'success', 'assignment' => []],
['status' => 'failed', 'assignment' => []],
['status' => 'failed', 'assignment' => []],
],
],
]);
expect($restoreRun->getFailedAssignmentsCount())->toBe(2);
});
test('getSkippedAssignmentsCount returns correct count', function () {
$restoreRun = RestoreRun::factory()->create([
'results' => [
'assignment_outcomes' => [
['status' => 'success', 'assignment' => []],
['status' => 'skipped', 'assignment' => []],
['status' => 'skipped', 'assignment' => []],
['status' => 'skipped', 'assignment' => []],
],
],
]);
expect($restoreRun->getSkippedAssignmentsCount())->toBe(3);
});

137
tests/Unit/ScopeTagResolverTest.php Normal file
View File

@ -0,0 +1,137 @@
<?php
use App\Services\Graph\GraphException;
use App\Services\Graph\GraphLogger;
use App\Services\Graph\MicrosoftGraphClient;
use App\Services\Graph\ScopeTagResolver;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Cache;
use Tests\TestCase;
uses(TestCase::class, RefreshDatabase::class);
beforeEach(function () {
Cache::flush();
$this->graphClient = Mockery::mock(MicrosoftGraphClient::class);
$this->logger = Mockery::mock(GraphLogger::class);
$this->resolver = new ScopeTagResolver($this->graphClient, $this->logger);
});
test('resolves scope tags', function () {
$scopeTagIds = ['0', '123', '456'];
$allScopeTags = [
['id' => '0', 'displayName' => 'Default'],
['id' => '123', 'displayName' => 'HR-Admins'],
['id' => '456', 'displayName' => 'Finance-Admins'],
['id' => '789', 'displayName' => 'IT-Admins'],
];
$this->graphClient
->shouldReceive('get')
->once()
->with('/deviceManagement/roleScopeTags', null, ['$select' => 'id,displayName'])
->andReturn(['value' => $allScopeTags]);
$this->logger
->shouldReceive('logDebug')
->once()
->with('Fetched scope tags', ['count' => 4]);
$result = $this->resolver->resolve($scopeTagIds);
expect($result)->toHaveCount(3)
->and(array_column($result, 'id'))->toContain('0', '123', '456')
->and(array_column($result, 'id'))->not->toContain('789');
});
test('caches results', function () {
$scopeTagIds = ['0', '123'];
$allScopeTags = [
['id' => '0', 'displayName' => 'Default'],
['id' => '123', 'displayName' => 'HR-Admins'],
];
// First call - should hit Graph API
$this->graphClient
->shouldReceive('get')
->once()
->andReturn(['value' => $allScopeTags]);
$this->logger
->shouldReceive('logDebug')
->once();
$result1 = $this->resolver->resolve($scopeTagIds);
// Second call with different IDs - should use cached data (no new Graph call)
$result2 = $this->resolver->resolve(['0']);
expect($result1)->toHaveCount(2)
->and($result2)->toHaveCount(1)
->and($result2[0]['id'])->toBe('0');
});
test('returns empty array for empty input', function () {
$result = $this->resolver->resolve([]);
expect($result)->toBe([]);
});
test('handles graph exception gracefully', function () {
$scopeTagIds = ['0', '123'];
$this->graphClient
->shouldReceive('get')
->once()
->andThrow(new GraphException('Graph API error', 500, ['request_id' => 'request-id-123']));
$this->logger
->shouldReceive('logWarning')
->once()
->with('Failed to fetch scope tags', Mockery::on(function ($context) {
return isset($context['context']['request_id']);
}));
$result = $this->resolver->resolve($scopeTagIds);
expect($result)->toBe([]);
});
test('filters correctly when scope tag not in cache', function () {
$scopeTagIds = ['999']; // ID that doesn't exist
$allScopeTags = [
['id' => '0', 'displayName' => 'Default'],
['id' => '123', 'displayName' => 'HR-Admins'],
];
$this->graphClient
->shouldReceive('get')
->once()
->andReturn(['value' => $allScopeTags]);
$this->logger
->shouldReceive('logDebug')
->once();
$result = $this->resolver->resolve($scopeTagIds);
expect($result)->toBeEmpty();
});
test('handles response without value key', function () {
$scopeTagIds = ['0', '123'];
$this->graphClient
->shouldReceive('get')
->once()
->andReturn([]); // Missing 'value' key
$this->logger
->shouldReceive('logDebug')
->once()
->with('Fetched scope tags', ['count' => 0]);
$result = $this->resolver->resolve($scopeTagIds);
expect($result)->toBeEmpty();
});