Merge remote-tracking branch 'origin/dev' into 097-settings-foundation
This commit is contained in:
commit
b15357516e
@ -142,8 +142,9 @@ public function compare(
|
||||
$hasMissing = false;
|
||||
$hasErrors = false;
|
||||
$checkedAt = now();
|
||||
$tenantWorkspaceId = $this->resolveTenantWorkspaceId($tenant);
|
||||
|
||||
$canPersist = $persist && $tenant->workspace_id !== null;
|
||||
$canPersist = $persist && $tenantWorkspaceId !== null;
|
||||
|
||||
if ($canPersist && $liveCheckMeta['attempted'] === true && $liveCheckMeta['succeeded'] === false) {
|
||||
// Enterprise-safe: never overwrite stored inventory when we could not refresh it.
|
||||
@ -189,9 +190,9 @@ public function compare(
|
||||
[
|
||||
'tenant_id' => $tenant->id,
|
||||
'permission_key' => $key,
|
||||
'workspace_id' => $tenantWorkspaceId,
|
||||
],
|
||||
[
|
||||
'workspace_id' => $tenant->workspace_id,
|
||||
'status' => $status,
|
||||
'details' => $details,
|
||||
'last_checked_at' => $checkedAt,
|
||||
@ -328,6 +329,29 @@ private function configuredGrantedKeys(): array
|
||||
return config('intune_permissions.granted_stub', []);
|
||||
}
|
||||
|
||||
private function resolveTenantWorkspaceId(Tenant $tenant): ?int
|
||||
{
|
||||
$workspaceId = $tenant->getAttribute('workspace_id');
|
||||
|
||||
if (is_numeric($workspaceId)) {
|
||||
return (int) $workspaceId;
|
||||
}
|
||||
|
||||
if (! $tenant->exists) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$workspaceId = Tenant::query()
|
||||
->whereKey($tenant->getKey())
|
||||
->value('workspace_id');
|
||||
|
||||
if (! is_numeric($workspaceId)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return (int) $workspaceId;
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetch actual granted permissions from Graph API.
|
||||
*
|
||||
|
||||
@ -175,6 +175,25 @@ function requiredPermissions(): array
|
||||
]);
|
||||
});
|
||||
|
||||
it('persists permissions when the tenant instance does not have workspace_id loaded', function () {
|
||||
$tenant = Tenant::factory()->create();
|
||||
|
||||
ensureDefaultProviderConnection($tenant, 'microsoft');
|
||||
|
||||
$tenantWithoutWorkspaceId = Tenant::query()
|
||||
->select(['id', 'tenant_id', 'external_id', 'name', 'status', 'environment'])
|
||||
->findOrFail((int) $tenant->getKey());
|
||||
|
||||
expect($tenantWithoutWorkspaceId->getAttribute('workspace_id'))->toBeNull();
|
||||
|
||||
app(TenantPermissionService::class)->compare($tenantWithoutWorkspaceId);
|
||||
|
||||
$this->assertDatabaseHas('tenant_permissions', [
|
||||
'tenant_id' => (int) $tenant->getKey(),
|
||||
'workspace_id' => (int) $tenant->workspace_id,
|
||||
]);
|
||||
});
|
||||
|
||||
it('does not persist when tenant workspace_id is missing', function () {
|
||||
$tenant = Tenant::withoutEvents(function (): Tenant {
|
||||
return Tenant::create([
|
||||
@ -187,8 +206,6 @@ function requiredPermissions(): array
|
||||
]);
|
||||
});
|
||||
|
||||
ensureDefaultProviderConnection($tenant, 'microsoft');
|
||||
|
||||
app(TenantPermissionService::class)->compare($tenant, persist: true);
|
||||
|
||||
expect(TenantPermission::query()->where('tenant_id', (int) $tenant->getKey())->count())->toBe(0);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user