Implements Spec 104: Provider Permission Posture. What changed - Generates permission posture findings after each tenant permission compare (queued) - Stores immutable posture snapshots as StoredReports (JSONB payload) - Adds global Finding resolved lifecycle (`resolved_at`, `resolved_reason`) with `resolve()` / `reopen()` - Adds alert pipeline event type `permission_missing` (Alerts v1) and Filament option for Alert Rules - Adds retention pruning command + daily schedule for StoredReports - Adds badge mappings for `resolved` finding status and `permission_posture` finding type UX fixes discovered during manual verification - Hide “Diff” section for non-drift findings (only drift findings show diff) - Required Permissions page: “Re-run verification” now links to Tenant view (not onboarding) - Preserve Technical Details `<details>` open state across Livewire re-renders (Alpine state) Verification - Ran `vendor/bin/sail artisan test --compact --filter=PermissionPosture` (50 tests) - Ran `vendor/bin/sail artisan test --compact --filter="FindingResolved|FindingBadge|PermissionMissingAlert"` (20 tests) - Ran `vendor/bin/sail bin pint --dirty` Filament v5 / Livewire v4 compliance - Filament v5 + Livewire v4: no Livewire v3 usage. Panel provider registration (Laravel 11+) - No new panels added. Existing panel providers remain registered via `bootstrap/providers.php`. Global search rule - No changes to global-searchable resources. Destructive actions - No new destructive Filament actions were added in this PR. Assets / deploy notes - No new Filament assets registered. Existing deploy step `php artisan filament:assets` remains unchanged. Test coverage - New/updated Pest feature tests cover generator behavior, job integration, alerting, retention pruning, and resolved lifecycle. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #127
43 lines
994 B
PHP
43 lines
994 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Console\Commands;
|
|
|
|
use App\Models\StoredReport;
|
|
use Illuminate\Console\Command;
|
|
|
|
class PruneStoredReportsCommand extends Command
|
|
{
|
|
/**
|
|
* @var string
|
|
*/
|
|
protected $signature = 'stored-reports:prune {--days= : Number of days to retain reports}';
|
|
|
|
/**
|
|
* @var string
|
|
*/
|
|
protected $description = 'Delete stored reports older than the retention period';
|
|
|
|
public function handle(): int
|
|
{
|
|
$days = (int) ($this->option('days') ?: config('tenantpilot.stored_reports.retention_days', 90));
|
|
|
|
if ($days < 1) {
|
|
$this->error('Retention days must be at least 1.');
|
|
|
|
return self::FAILURE;
|
|
}
|
|
|
|
$cutoff = now()->subDays($days);
|
|
|
|
$deleted = StoredReport::query()
|
|
->where('created_at', '<', $cutoff)
|
|
->delete();
|
|
|
|
$this->info("Deleted {$deleted} stored report(s) older than {$days} days.");
|
|
|
|
return self::SUCCESS;
|
|
}
|
|
}
|