ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
dev
TenantAtlas/specs/006-sot-foundations-assignments/quickstart.md
ahmido b9c47e7973 feat/006-sot-foundations-assignments (#6) 
## Summary
<!-- Kurz: Was ändert sich und warum? -->

## Spec-Driven Development (SDD)
- [ ] Es gibt eine Spec unter `specs/<NNN>-<feature>/`
- [ ] Enthaltene Dateien: `plan.md`, `tasks.md`, `spec.md`
- [ ] Spec beschreibt Verhalten/Acceptance Criteria (nicht nur Implementation)
- [ ] Wenn sich Anforderungen während der Umsetzung geändert haben: Spec/Plan/Tasks wurden aktualisiert

## Implementation
- [ ] Implementierung entspricht der Spec
- [ ] Edge cases / Fehlerfälle berücksichtigt
- [ ] Keine unbeabsichtigten Änderungen außerhalb des Scopes

## Tests
- [ ] Tests ergänzt/aktualisiert (Pest/PHPUnit)
- [ ] Relevante Tests lokal ausgeführt (`./vendor/bin/sail artisan test` oder `php artisan test`)

## Migration / Config / Ops (falls relevant)
- [ ] Migration(en) enthalten und getestet
- [ ] Rollback bedacht (rückwärts kompatibel, sichere Migration)
- [ ] Neue Env Vars dokumentiert (`.env.example` / Doku)
- [ ] Queue/cron/storage Auswirkungen geprüft

## UI (Filament/Livewire) (falls relevant)
- [ ] UI-Flows geprüft
- [ ] Screenshots/Notizen hinzugefügt

## Notes
<!-- Links, Screenshots, Follow-ups, offene Punkte -->

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #6
2025-12-25 14:25:16 +00:00

56 lines
2.1 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Quickstart: SoT Foundations & Assignments (006)
This is a developer/operator checklist to validate foundations-first restore and assignment-aware restore.
## Prerequisites
- Local dev via Sail.
- A tenant configured for Graph access with sufficient permissions for:
- Assignment filters: `DeviceManagementConfiguration.ReadWrite.All`
- Scope tags: `DeviceManagementRBAC.ReadWrite.All`
- Notification templates: `DeviceManagementServiceConfig.ReadWrite.All`
## Scenario A: Foundations backup + restore
1. In a test tenant, create:
- 12 assignment filters
- 12 scope tags (non-built-in)
- 1 notification message template
2. Run a sync + backup via the apps existing workflow.
3. In the target tenant, ensure those objects do not exist.
4. Run restore in **preview**:
- Verify preview includes a “Foundations” section.
- Verify it reports old→new mapping decisions.
5. Run restore in **execute**:
- Verify missing foundations are created.
- Verify collisions result in “created_copy” behavior (if you intentionally create same-named items beforehand).
## Scenario B: Assignment-aware restore
1. Create a policy that has assignments:
- Group targeting
- Assignment filters (include/exclude)
- Scope tags where applicable
2. Back up the tenant.
3. Restore into a target tenant where:
- some foundations exist
- some foundations are missing
4. Run restore preview:
- Verify assignments are marked “applied” only when mappings exist.
- Verify unsafe assignments are “skipped” with explicit reasons (no broad targeting).
5. Run restore execute:
- Verify the policy is restored.
- Verify assignment application uses the mapping.
## Scenario C: Conditional Access preview-only
1. Ensure the backup contains at least one Conditional Access policy.
2. Run restore preview:
- Verify CA items appear with a clear preview-only marker.
3. Run restore execute:
- Verify CA changes are not applied and are recorded as skipped/preview-only.
## Notes
- If UI changes dont appear, run the projects dev/build pipeline (`composer run dev` / `pnpm dev`) according to existing repo conventions.
Reference in New Issue View Git Blame Copy Permalink