2026-01-04 00:38:54 +00:00
4 changed files with 132 additions and 5 deletions
--- a/specs/018-driver-updates-wufb/checklists/requirements.md
+++ b/specs/018-driver-updates-wufb/checklists/requirements.md
@ -6,9 +6,9 @@ # Requirements Checklist (018)
 - [x] `windowsDriverUpdateProfile` is added to `config/tenantpilot.php` (metadata, endpoint, backup/restore mode, risk).
 - [x] Graph contract exists in `config/graph_contracts.php` (resource, type family, create/update methods, assignments paths).
 - [x] Sync lists and stores driver update profiles in the Policies inventory.
- [ ] Snapshot capture stores a complete payload for backups and versions.
+- [x] Snapshot capture stores a complete payload for backups and versions.
- [ ] Restore preview is available and respects the configured restore mode.
+- [x] Restore preview is available and respects the configured restore mode.
 - [x] Restore execution applies only patchable properties and records audit logs.
 - [x] Normalized settings view is readable for admins (no raw-only UX).
- [ ] Pest tests cover sync + snapshot + restore + normalized display.
+- [x] Pest tests cover sync + snapshot + restore + normalized display.
 - [x] Pint run (`./vendor/bin/pint --dirty`) on touched files.
--- a/specs/018-driver-updates-wufb/tasks.md
+++ b/specs/018-driver-updates-wufb/tasks.md
@ -15,8 +15,8 @@ ## Phase 2: Research & Design
 ## Phase 3: Tests (TDD)
 - [x] T006 Add sync test ensuring `windowsDriverUpdateProfile` policies are imported and typed correctly.
- [ ] T007 Add snapshot/version capture test asserting full payload is stored.
+- [x] T007 Add snapshot/version capture test asserting full payload is stored.
- [ ] T008 Add restore preview test for this type (entries + restore_mode shown).
+- [x] T008 Add restore preview test for this type (entries + restore_mode shown).
 - [x] T009 Add restore execution test asserting only patchable properties are sent and failures are reported with Graph metadata.
 - [x] T010 Add normalized display test for key fields.
--- a/tests/Feature/Filament/RestorePreviewTest.php
+++ b/tests/Feature/Filament/RestorePreviewTest.php
@ -104,6 +104,77 @@ public function request(string $method, string $path, array $options = []): Grap
    expect($policyPreview['action'])->toBe('update');
 });
 test('restore preview shows enabled restore mode for windows driver update profiles', function () {
    app()->bind(GraphClientInterface::class, fn () => new class implements GraphClientInterface
    {
        public function listPolicies(string $policyType, array $options = []): GraphResponse
        {
            return new GraphResponse(true, []);
        }
        public function getPolicy(string $policyType, string $policyId, array $options = []): GraphResponse
        {
            return new GraphResponse(true, ['payload' => []]);
        }
        public function getOrganization(array $options = []): GraphResponse
        {
            return new GraphResponse(true, []);
        }
        public function applyPolicy(string $policyType, string $policyId, array $payload, array $options = []): GraphResponse
        {
            return new GraphResponse(true, []);
        }
        public function getServicePrincipalPermissions(array $options = []): GraphResponse
        {
            return new GraphResponse(true, []);
        }
        public function request(string $method, string $path, array $options = []): GraphResponse
        {
            return new GraphResponse(true, []);
        }
    });
    $tenant = Tenant::create([
        'tenant_id' => 'tenant-driver-preview',
        'name' => 'Tenant Preview',
        'metadata' => [],
    ]);
    $backupSet = BackupSet::create([
        'tenant_id' => $tenant->id,
        'name' => 'Backup',
        'status' => 'completed',
        'item_count' => 1,
    ]);
    $backupItem = BackupItem::create([
        'tenant_id' => $tenant->id,
        'backup_set_id' => $backupSet->id,
        'policy_id' => null,
        'policy_identifier' => 'wdp-1',
        'policy_type' => 'windowsDriverUpdateProfile',
        'platform' => 'windows',
        'payload' => [
            '@odata.type' => '#microsoft.graph.windowsDriverUpdateProfile',
            'displayName' => 'Driver Updates A',
        ],
    ]);
    $service = app(RestoreService::class);
    $preview = $service->preview($tenant, $backupSet, [$backupItem->id]);
    expect($preview)->toHaveCount(1);
    $policyPreview = $preview[0] ?? [];
    expect($policyPreview['policy_type'] ?? null)->toBe('windowsDriverUpdateProfile');
    expect($policyPreview['action'] ?? null)->toBe('create');
    expect($policyPreview['restore_mode'] ?? null)->toBe('enabled');
 });
 test('restore preview warns about missing compliance notification templates', function () {
    app()->bind(GraphClientInterface::class, fn () => new class implements GraphClientInterface
    {
--- a/tests/Unit/PolicySnapshotServiceTest.php
+++ b/tests/Unit/PolicySnapshotServiceTest.php
@ -41,6 +41,27 @@ public function getPolicy(string $policyType, string $policyId, array $options =
            ]);
        }
        if ($policyType === 'windowsDriverUpdateProfile') {
            return new GraphResponse(success: true, data: [
                'payload' => [
                    'id' => $policyId,
                    'displayName' => 'Driver Updates A',
                    'description' => 'Drivers rollout policy',
                    '@odata.type' => '#microsoft.graph.windowsDriverUpdateProfile',
                    'approvalType' => 'automatic',
                    'deploymentDeferralInDays' => 7,
                    'deviceReporting' => 12,
                    'newUpdates' => 3,
                    'roleScopeTagIds' => ['0'],
                    'inventorySyncStatus' => [
                        '@odata.type' => '#microsoft.graph.windowsDriverUpdateProfileInventorySyncStatus',
                        'driverInventorySyncState' => 'success',
                        'lastSuccessfulSyncDateTime' => '2026-01-01T00:00:00Z',
                    ],
                ],
            ]);
        }
        return new GraphResponse(success: true, data: [
            'payload' => [
                'id' => $policyId,
@ -271,6 +292,41 @@ public function request(string $method, string $path, array $options = []): Grap
    expect($client->requests[0][3]['select'])->not->toContain('@odata.type');
 });
 it('captures windows driver update profile snapshots with full payload', function () {
    $client = new PolicySnapshotGraphClient;
    app()->instance(GraphClientInterface::class, $client);
    $tenant = Tenant::factory()->create([
        'tenant_id' => 'tenant-driver',
        'app_client_id' => 'client-123',
        'app_client_secret' => 'secret-123',
        'is_current' => true,
    ]);
    $tenant->makeCurrent();
    $policy = Policy::factory()->create([
        'tenant_id' => $tenant->id,
        'external_id' => 'wdp-123',
        'policy_type' => 'windowsDriverUpdateProfile',
        'display_name' => 'Driver Updates A',
        'platform' => 'windows',
    ]);
    $service = app(PolicySnapshotService::class);
    $result = $service->fetch($tenant, $policy);
    expect($result)->toHaveKey('payload');
    expect($result['payload']['approvalType'] ?? null)->toBe('automatic');
    expect($result['payload']['deploymentDeferralInDays'] ?? null)->toBe(7);
    expect($result['payload']['deviceReporting'] ?? null)->toBe(12);
    expect($result['payload']['newUpdates'] ?? null)->toBe(3);
    expect($result['payload']['inventorySyncStatus']['driverInventorySyncState'] ?? null)->toBe('success');
    expect($client->requests[0][0])->toBe('getPolicy');
    expect($client->requests[0][1])->toBe('windowsDriverUpdateProfile');
    expect($client->requests[0][2])->toBe('wdp-123');
 });
 test('falls back to metadata-only snapshot when mamAppConfiguration returns 500', function () {
    $client = Mockery::mock(\App\Services\Graph\GraphClientInterface::class);
    $client->shouldReceive('getPolicy')