# Feature Specification: Policy Sets (Intune native bundling) (025)

**Feature Branch**: `feat/025-policy-sets`  
**Created**: 2026-01-04  
**Status**: Draft  
**Priority**: P1

## Context
Policy Sets are an Intune-native way to bundle multiple policies/apps into a deployable set. For tenants that rely on Policy Sets, “Tenant-as-Code” is incomplete without at least inventory + backup and a restore preview that highlights missing links.

## User Scenarios & Testing

### User Story 1 — Inventory + view Policy Sets (Priority: P1)
As an admin, I can see Policy Sets and inspect their composition (items) and assignments.

**Acceptance Scenarios**
1. Given a tenant uses Policy Sets, when I sync policies, then Policy Sets appear as type `policySet`.
2. Given a Policy Set, when I view details, then I see a readable list of included items and assignments.

### User Story 2 — Backup + version history (Priority: P1)
As an admin, I can capture immutable snapshots of Policy Sets (including items) and diff versions.

**Acceptance Scenarios**
1. Given a Policy Set, when I add it to a backup set, then the snapshot includes items and assignments (as supported by Graph).
2. Given two versions, diffs highlight changed items and assignment targets.

### User Story 3 — Restore preview (linking) (Priority: P1)
As an admin, I can run a restore preview that explains which Policy Set items can be linked in the target tenant and which are missing.

**Acceptance Scenarios**
1. Given a Policy Set snapshot referencing policies/apps by ID, when I run preview, then TenantPilot reports missing vs resolvable items.
2. Given missing referenced objects, preview warns and blocks execution unless resolved.

## Requirements

### Functional Requirements
- **FR-001**: Add policy type `policySet` backed by Graph `deviceAppManagement/policySets`.
- **FR-002**: Capture Policy Set payload + `items` subresource (and assignments if applicable).
- **FR-003**: Restore preview MUST validate referenced IDs and provide a linking report.
- **FR-004**: Restore execution is allowed only when all referenced items can be mapped safely (or stays preview-only initially).
- **FR-005**: Add Pest tests for sync + snapshot + preview linking report.

### Non-Functional Requirements
- **NFR-001**: No destructive writes without explicit confirmation and audit logs.
- **NFR-002**: Linking errors must be actionable (show which item is missing and why).

## Success Criteria
- **SC-001**: Policy Sets are visible and backed up.
- **SC-002**: Preview makes missing dependencies obvious.
- **SC-003**: If enabled, execution links only safe, mapped items.