04d61cbad0
- Implement Spec 116 baseline capture/compare + coverage guard\n- Add UI surfaces and widgets for baseline compare\n- Add tests and research report
103 lines
3.6 KiB
PHP
103 lines
3.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Jobs\CompareBaselineToTenantJob;
|
|
use App\Models\BaselineProfile;
|
|
use App\Models\BaselineSnapshot;
|
|
use App\Models\BaselineSnapshotItem;
|
|
use App\Models\InventoryItem;
|
|
use App\Services\Baselines\BaselineSnapshotIdentity;
|
|
use App\Services\Baselines\InventoryMetaContract;
|
|
use App\Services\Drift\DriftHasher;
|
|
use App\Services\Intune\AuditLogger;
|
|
use App\Services\OperationRunService;
|
|
use App\Support\OperationRunOutcome;
|
|
use App\Support\OperationRunType;
|
|
|
|
it('runs baseline compare without outbound HTTP and uses chunking', function (): void {
|
|
bindFailHardGraphClient();
|
|
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$profile = BaselineProfile::factory()->active()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'scope_jsonb' => [
|
|
'policy_types' => ['deviceConfiguration'],
|
|
'foundation_types' => [],
|
|
],
|
|
]);
|
|
|
|
$snapshot = BaselineSnapshot::factory()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
]);
|
|
|
|
$profile->update(['active_snapshot_id' => (int) $snapshot->getKey()]);
|
|
|
|
$builder = app(InventoryMetaContract::class);
|
|
$hasher = app(DriftHasher::class);
|
|
|
|
$baselineContract = $builder->build(
|
|
policyType: 'deviceConfiguration',
|
|
subjectExternalId: 'policy-uuid',
|
|
metaJsonb: ['odata_type' => '#microsoft.graph.deviceConfiguration', 'etag' => 'E_BASELINE'],
|
|
);
|
|
|
|
BaselineSnapshotItem::factory()->create([
|
|
'baseline_snapshot_id' => (int) $snapshot->getKey(),
|
|
'subject_type' => 'policy',
|
|
'subject_external_id' => 'policy-uuid',
|
|
'policy_type' => 'deviceConfiguration',
|
|
'baseline_hash' => $hasher->hashNormalized($baselineContract),
|
|
'meta_jsonb' => ['display_name' => 'Policy'],
|
|
]);
|
|
|
|
$inventorySyncRun = createInventorySyncOperationRunWithCoverage(
|
|
tenant: $tenant,
|
|
statusByType: ['deviceConfiguration' => 'succeeded'],
|
|
);
|
|
|
|
InventoryItem::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'external_id' => 'policy-uuid',
|
|
'policy_type' => 'deviceConfiguration',
|
|
'meta_jsonb' => ['odata_type' => '#microsoft.graph.deviceConfiguration', 'etag' => 'E_CURRENT'],
|
|
'display_name' => 'Policy Changed',
|
|
'last_seen_operation_run_id' => (int) $inventorySyncRun->getKey(),
|
|
'last_seen_at' => now(),
|
|
]);
|
|
|
|
$operationRuns = app(OperationRunService::class);
|
|
$compareRun = $operationRuns->ensureRunWithIdentity(
|
|
tenant: $tenant,
|
|
type: OperationRunType::BaselineCompare->value,
|
|
identityInputs: ['baseline_profile_id' => (int) $profile->getKey()],
|
|
context: [
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
'baseline_snapshot_id' => (int) $snapshot->getKey(),
|
|
'effective_scope' => [
|
|
'policy_types' => ['deviceConfiguration'],
|
|
'foundation_types' => [],
|
|
],
|
|
],
|
|
initiator: $user,
|
|
);
|
|
|
|
assertNoOutboundHttp(function () use ($compareRun, $operationRuns): void {
|
|
(new CompareBaselineToTenantJob($compareRun))->handle(
|
|
app(BaselineSnapshotIdentity::class),
|
|
app(AuditLogger::class),
|
|
$operationRuns,
|
|
);
|
|
});
|
|
|
|
$compareRun->refresh();
|
|
expect($compareRun->outcome)->toBe(OperationRunOutcome::Succeeded->value);
|
|
|
|
$code = file_get_contents(base_path('app/Jobs/CompareBaselineToTenantJob.php'));
|
|
expect($code)->toBeString();
|
|
expect($code)->toContain('->chunk(');
|
|
});
|