'#microsoft.graph.deviceManagementConfigurationPolicy', 'settings' => [ [ 'id' => 's1', 'settingInstance' => [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance', 'settingDefinitionId' => 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring', 'simpleSettingValue' => [ 'value' => 1, ], ], ], ], ]; $normalized = $normalizer->normalize($snapshot, 'settingsCatalogPolicy', 'windows'); $rows = $normalized['settings_table']['rows'] ?? []; expect($rows)->toHaveCount(1); expect($rows[0]['definition_id'] ?? null)->toBe('device_vendor_msft_policy_config_defender_allowrealtimemonitoring'); }); it('builds a settings table for endpoint security configuration policies', function (string $policyType) { $normalizer = app(SettingsCatalogPolicyNormalizer::class); $snapshot = [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationPolicy', 'settings' => [ [ 'id' => 's1', 'settingInstance' => [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance', 'settingDefinitionId' => 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring', 'simpleSettingValue' => [ 'value' => 1, ], ], ], ], ]; $normalized = $normalizer->normalize($snapshot, $policyType, 'windows'); $rows = $normalized['settings_table']['rows'] ?? []; expect($rows)->toHaveCount(1); expect($rows[0]['definition_id'] ?? null)->toBe('device_vendor_msft_policy_config_defender_allowrealtimemonitoring'); })->with([ 'endpointSecurityPolicy', 'securityBaselinePolicy', ]); it('prettifies endpoint security firewall rules settings for display', function () { $normalizer = app(SettingsCatalogPolicyNormalizer::class); $groupDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}'; $nameDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_displayname'; $directionDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_direction'; $actionDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_action'; $interfaceTypesDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_interfacetypes'; $snapshot = [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationPolicy', 'templateReference' => [ 'templateFamily' => 'endpointSecurityFirewall', 'templateDisplayName' => 'Windows Firewall Rules', 'templateDisplayVersion' => 'Version 1', ], 'settings' => [ [ 'id' => 'rule-1', 'settingInstance' => [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance', 'settingDefinitionId' => $groupDefinitionId, 'groupSettingCollectionValue' => [ [ 'children' => [ [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance', 'settingDefinitionId' => $nameDefinitionId, 'simpleSettingValue' => [ 'value' => 'Test0', ], ], [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance', 'settingDefinitionId' => $directionDefinitionId, 'choiceSettingValue' => [ 'value' => "{$directionDefinitionId}_in", ], ], [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance', 'settingDefinitionId' => $actionDefinitionId, 'choiceSettingValue' => [ 'value' => "{$actionDefinitionId}_allow", ], ], [ '@odata.type' => '#microsoft.graph.deviceManagementConfigurationChoiceSettingCollectionInstance', 'settingDefinitionId' => $interfaceTypesDefinitionId, 'choiceSettingCollectionValue' => [ [ 'value' => "{$interfaceTypesDefinitionId}_lan", 'children' => [], ], [ 'value' => "{$interfaceTypesDefinitionId}_remoteaccess", 'children' => [], ], ], ], ], ], ], ], ], ], ]; $normalized = $normalizer->normalize($snapshot, 'endpointSecurityPolicy', 'windows'); $rows = collect($normalized['settings_table']['rows'] ?? []); $groupRow = $rows->firstWhere('definition_id', $groupDefinitionId); expect($groupRow)->not->toBeNull(); expect($groupRow['category'] ?? null)->toBe('Windows Firewall Rules'); expect($groupRow['definition'] ?? null)->toBe('Firewall rule'); expect($groupRow['data_type'] ?? null)->toBe('Group'); expect($groupRow['value'] ?? null)->toBe('(group)'); $nameRow = $rows->firstWhere('definition_id', $nameDefinitionId); expect($nameRow)->not->toBeNull(); expect($nameRow['category'] ?? null)->toBe('Windows Firewall Rules'); expect($nameRow['definition'] ?? null)->toBe('Name'); expect($nameRow['value'] ?? null)->toBe('Test0'); $directionRow = $rows->firstWhere('definition_id', $directionDefinitionId); expect($directionRow)->not->toBeNull(); expect($directionRow['category'] ?? null)->toBe('Windows Firewall Rules'); expect($directionRow['definition'] ?? null)->toBe('Direction'); expect($directionRow['data_type'] ?? null)->toBe('Choice'); expect($directionRow['value'] ?? null)->toBe('Inbound'); $actionRow = $rows->firstWhere('definition_id', $actionDefinitionId); expect($actionRow)->not->toBeNull(); expect($actionRow['category'] ?? null)->toBe('Windows Firewall Rules'); expect($actionRow['definition'] ?? null)->toBe('Action'); expect($actionRow['data_type'] ?? null)->toBe('Choice'); expect($actionRow['value'] ?? null)->toBe('Allow'); $interfaceTypesRow = $rows->firstWhere('definition_id', $interfaceTypesDefinitionId); expect($interfaceTypesRow)->not->toBeNull(); expect($interfaceTypesRow['category'] ?? null)->toBe('Windows Firewall Rules'); expect($interfaceTypesRow['definition'] ?? null)->toBe('Interface types'); expect($interfaceTypesRow['data_type'] ?? null)->toBe('Choice'); expect($interfaceTypesRow['value'] ?? null)->toBe('LAN, Remote access'); });