ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
074a65669b
TenantAtlas/tests/Feature/Filament/GroupPolicyConfigurationNormalizedDiffTest.php
ahmido 61b0b1bc23 feat(010): Administrative Templates – restore from PolicyVersion + version visibility (#13) 
Problem: Restore nutzt bisher den Snapshot aus dem BackupSet (BackupItem). Wenn der Snapshot “unvollständig”/nicht der gewünschte Stand ist, landen nach Restore nur wenige Admin-Template-Settings in Intune.
Lösung:
Neue Action “Restore to Intune” direkt an einer konkreten PolicyVersion (inkl. Dry-Run Toggle) → reproduzierbarer Rollback auf exakt diese Version.
Restore-UI zeigt jetzt PolicyVersion-Nummer (version: X) in der Item-Auswahl + BackupSet Items Tabelle hat eine Version-Spalte.
Implementierung:
RestoreService::executeFromPolicyVersion() erzeugt dafür einen kleinen, temporären BackupSet+BackupItem aus der Version und startet einen normalen RestoreRun.
Pest-Test: PolicyVersionRestoreToIntuneTest.php
Specs/TODO:
Offene Follow-ups sind dokumentiert in tasks.md unter “Open TODOs (Follow-up)”.
QA (GUI):
Inventory → Policies → <Policy> → Versions → Restore to Intune (erst Dry-Run, dann Execute)
Backups & Restore → Restore Runs → Create (bei Items steht version: X)
Backups & Restore → Backup Sets → <Set> (Version-Spalte)
Tests: PolicyVersionRestoreToIntuneTest.php

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #13
2025-12-30 01:50:05 +00:00

30 lines
1.2 KiB
PHP
Raw Blame History

<?php
use App\Services\Intune\PolicyNormalizer;
test('group policy configuration normalized diff keys use definition display names', function () {
$flat = app(PolicyNormalizer::class)->flattenForDiff(
snapshot: [
'id' => 'gpo-1',
'displayName' => 'Admin Templates Alpha',
'@odata.type' => '#microsoft.graph.groupPolicyConfiguration',
'definitionValues' => [
[
'enabled' => true,
'definition@odata.bind' => 'https://graph.microsoft.com/beta/deviceManagement/groupPolicyDefinitions(\'def-1\')',
'#Definition_Id' => 'def-1',
'#Definition_displayName' => 'Block legacy auth',
'#Definition_categoryPath' => 'Windows Components\\Security Options',
],
],
],
policyType: 'groupPolicyConfiguration',
platform: 'windows',
);
$keys = array_keys($flat);
expect($keys)->toContain('Administrative Template settings > Windows Components\\Security Options > Block legacy auth (def-1)');
expect(implode("\n", $keys))->not->toContain('graph.microsoft.com');
});
Reference in New Issue View Git Blame Copy Permalink