TenantAtlas/tests/Feature/Models/FindingResolvedTest.php

<?php

declare(strict_types=1);

use App\Models\Finding;
use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;

uses(RefreshDatabase::class);

it('resolves a finding with reason', function (): void {
    $finding = Finding::factory()->permissionPosture()->create();

    $finding->resolve('permission_granted');

    expect($finding->status)->toBe(Finding::STATUS_RESOLVED)
        ->and($finding->resolved_at)->not->toBeNull()
        ->and($finding->resolved_reason)->toBe('permission_granted');

    $fresh = Finding::query()->find($finding->getKey());
    expect($fresh->status)->toBe(Finding::STATUS_RESOLVED)
        ->and($fresh->resolved_at)->not->toBeNull();
});

it('reopens a resolved finding', function (): void {
    $finding = Finding::factory()->permissionPosture()->resolved()->create();

    $newEvidence = [
        'permission_key' => 'DeviceManagementConfiguration.ReadWrite.All',
        'permission_type' => 'application',
        'expected_status' => 'granted',
        'actual_status' => 'missing',
        'blocked_features' => ['policy-sync'],
        'checked_at' => now()->toIso8601String(),
    ];

    $finding->reopen($newEvidence);

    expect($finding->status)->toBe(Finding::STATUS_NEW)
        ->and($finding->resolved_at)->toBeNull()
        ->and($finding->resolved_reason)->toBeNull()
        ->and($finding->evidence_jsonb)->toBe($newEvidence);
});

it('preserves acknowledged metadata when resolving an acknowledged finding', function (): void {
    $user = User::factory()->create();
    $finding = Finding::factory()->permissionPosture()->create();

    $finding->acknowledge($user);
    expect($finding->status)->toBe(Finding::STATUS_ACKNOWLEDGED);

    $finding->resolve('permission_granted');

    expect($finding->status)->toBe(Finding::STATUS_RESOLVED)
        ->and($finding->acknowledged_at)->not->toBeNull()
        ->and($finding->acknowledged_by_user_id)->toBe($user->getKey())
        ->and($finding->resolved_at)->not->toBeNull();
});

it('has STATUS_RESOLVED constant', function (): void {
    expect(Finding::STATUS_RESOLVED)->toBe('resolved');
});

it('has FINDING_TYPE_PERMISSION_POSTURE constant', function (): void {
    expect(Finding::FINDING_TYPE_PERMISSION_POSTURE)->toBe('permission_posture');
});

it('casts resolved_at as datetime', function (): void {
    $finding = Finding::factory()->permissionPosture()->resolved()->create();
    $fresh = Finding::query()->find($finding->getKey());

    expect($fresh->resolved_at)->toBeInstanceOf(\Illuminate\Support\Carbon::class);
});

it('creates permission posture findings via factory state', function (): void {
    $finding = Finding::factory()->permissionPosture()->create();

    expect($finding->finding_type)->toBe(Finding::FINDING_TYPE_PERMISSION_POSTURE)
        ->and($finding->source)->toBe('permission_check')
        ->and($finding->subject_type)->toBe('permission')
        ->and($finding->severity)->toBe(Finding::SEVERITY_MEDIUM)
        ->and($finding->evidence_jsonb)->toHaveKey('permission_key');
});

it('creates resolved findings via factory state', function (): void {
    $finding = Finding::factory()->resolved()->create();

    expect($finding->status)->toBe(Finding::STATUS_RESOLVED)
        ->and($finding->resolved_at)->not->toBeNull()
        ->and($finding->resolved_reason)->toBe('permission_granted');
});