ahmido
ce0615a9c1
## Summary - move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling - update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location - add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation` - integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404` ## Remaining Rollout Checks - validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout - confirm web, queue, and scheduler processes all start from the expected working directory in staging/production - verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #213
57 lines
1.9 KiB
PHP
57 lines
1.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Resources\BaselineSnapshotResource;
|
|
use App\Models\BaselineProfile;
|
|
use App\Models\BaselineSnapshot;
|
|
use App\Models\BaselineSnapshotItem;
|
|
|
|
it('shows captured intune rbac role definition references on the baseline snapshot detail page', function (): void {
|
|
[$user, $tenant] = createUserWithTenant(role: 'readonly');
|
|
|
|
$profile = BaselineProfile::factory()->active()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
]);
|
|
|
|
$snapshot = BaselineSnapshot::factory()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
]);
|
|
|
|
BaselineSnapshotItem::factory()->create([
|
|
'baseline_snapshot_id' => (int) $snapshot->getKey(),
|
|
'subject_type' => 'policy',
|
|
'subject_external_id' => hash('sha256', 'role-def-1'),
|
|
'subject_key' => hash('sha256', 'intuneRoleDefinition|role-def-1'),
|
|
'policy_type' => 'intuneRoleDefinition',
|
|
'baseline_hash' => hash('sha256', 'rbac-content'),
|
|
'meta_jsonb' => [
|
|
'display_name' => 'Security Reader',
|
|
'evidence' => [
|
|
'observed_at' => '2026-03-09T10:00:00+00:00',
|
|
],
|
|
'identity' => [
|
|
'strategy' => 'external_id',
|
|
],
|
|
'version_reference' => [
|
|
'policy_version_id' => 42,
|
|
],
|
|
'rbac' => [
|
|
'is_built_in' => false,
|
|
'role_permission_count' => 2,
|
|
],
|
|
],
|
|
]);
|
|
|
|
$this->actingAs($user)
|
|
->get(BaselineSnapshotResource::getUrl('view', ['record' => $snapshot], panel: 'admin'))
|
|
->assertOk()
|
|
->assertSee('Intune RBAC Role Definition')
|
|
->assertSee('Security Reader')
|
|
->assertSee('Custom')
|
|
->assertSee('Role definition ID')
|
|
->assertSee('Policy version #42')
|
|
->assertSee('2');
|
|
});
|