ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
39fd8ca1ea
TenantAtlas/tests/Feature/Drift/DriftFindingDiffUnavailableTest.php
Ahmed Darrazi 39fd8ca1ea feat(spec-119): baseline compare drift cutover 
- Enrich drift findings evidence_jsonb for diff UX (summary.kind, refs, fidelity, provenance)

- Add baseline policy version resolver and contract asserts

- Remove legacy drift generator + DriftLanding surfaces

- Add one-time cleanup migration for legacy drift findings

- Scope baseline capture/landing warnings to latest inventory sync

- Canonicalize compliance scheduledActionsForRule drift signal
2026-03-06 15:22:42 +01:00

179 lines
6.2 KiB
PHP
Raw Blame History

<?php
use App\Models\Finding;
use App\Models\Policy;
use App\Models\PolicyVersion;
it('shows an explicit diff unavailable message when policy version references are missing', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$finding = Finding::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'finding_type' => Finding::FINDING_TYPE_DRIFT,
'source' => 'baseline.compare',
'subject_type' => 'policy',
'subject_external_id' => 'policy-alpha-uuid',
'evidence_fidelity' => 'meta',
'evidence_jsonb' => [
'change_type' => 'different_version',
'policy_type' => 'deviceConfiguration',
'subject_key' => 'policy alpha',
'summary' => [
'kind' => 'policy_snapshot',
],
'baseline' => [
'policy_version_id' => null,
],
'current' => [
'policy_version_id' => null,
],
'fidelity' => 'meta',
'provenance' => [
'baseline_profile_id' => 1,
'baseline_snapshot_id' => 1,
'compare_operation_run_id' => 1,
'inventory_sync_run_id' => null,
],
],
]);
$this->actingAs($user)
->get(route('filament.tenant.resources.findings.view', array_merge(
filamentTenantRouteParams($tenant),
['record' => $finding],
)))
->assertOk()
->assertSee('Diff unavailable')
->assertDontSee('No normalized changes were found');
});
it('renders a diff against an empty baseline for unexpected_policy findings with a current policy version reference', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$policy = Policy::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'external_id' => 'policy-unexpected-uuid',
'policy_type' => 'deviceCompliancePolicy',
'platform' => 'windows',
'display_name' => 'Bitlocker Require',
]);
$currentVersion = PolicyVersion::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'policy_id' => (int) $policy->getKey(),
'policy_type' => 'deviceCompliancePolicy',
'platform' => 'windows',
'snapshot' => [
'@odata.type' => '#microsoft.graph.windows10CompliancePolicy',
'passwordRequired' => true,
],
'assignments' => [],
'scope_tags' => [],
]);
$finding = Finding::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'finding_type' => Finding::FINDING_TYPE_DRIFT,
'source' => 'baseline.compare',
'subject_type' => 'policy',
'subject_external_id' => 'policy-unexpected-uuid',
'evidence_fidelity' => 'mixed',
'evidence_jsonb' => [
'change_type' => 'unexpected_policy',
'policy_type' => 'deviceCompliancePolicy',
'subject_key' => 'bitlocker require',
'summary' => [
'kind' => 'policy_snapshot',
],
'baseline' => [
'policy_version_id' => null,
],
'current' => [
'policy_version_id' => (int) $currentVersion->getKey(),
],
'fidelity' => 'mixed',
'provenance' => [
'baseline_profile_id' => 1,
'baseline_snapshot_id' => 1,
'compare_operation_run_id' => 1,
'inventory_sync_run_id' => null,
],
],
]);
$this->actingAs($user)
->get(route('filament.tenant.resources.findings.view', array_merge(
filamentTenantRouteParams($tenant),
['record' => $finding],
)))
->assertOk()
->assertDontSee('Diff unavailable')
->assertSee('1 added')
->assertSee('Password required');
});
it('renders a diff against an empty current side for missing_policy findings with a baseline policy version reference', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
$policy = Policy::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'external_id' => 'policy-missing-uuid',
'policy_type' => 'deviceCompliancePolicy',
'platform' => 'windows',
'display_name' => 'Bitlocker Require',
]);
$baselineVersion = PolicyVersion::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'policy_id' => (int) $policy->getKey(),
'policy_type' => 'deviceCompliancePolicy',
'platform' => 'windows',
'snapshot' => [
'@odata.type' => '#microsoft.graph.windows10CompliancePolicy',
'passwordRequired' => true,
],
'assignments' => [],
'scope_tags' => [],
]);
$finding = Finding::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'finding_type' => Finding::FINDING_TYPE_DRIFT,
'source' => 'baseline.compare',
'subject_type' => 'policy',
'subject_external_id' => 'policy-missing-uuid',
'evidence_fidelity' => 'mixed',
'evidence_jsonb' => [
'change_type' => 'missing_policy',
'policy_type' => 'deviceCompliancePolicy',
'subject_key' => 'bitlocker require',
'summary' => [
'kind' => 'policy_snapshot',
],
'baseline' => [
'policy_version_id' => (int) $baselineVersion->getKey(),
],
'current' => [
'policy_version_id' => null,
],
'fidelity' => 'mixed',
'provenance' => [
'baseline_profile_id' => 1,
'baseline_snapshot_id' => 1,
'compare_operation_run_id' => 1,
'inventory_sync_run_id' => null,
],
],
]);
$this->actingAs($user)
->get(route('filament.tenant.resources.findings.view', array_merge(
filamentTenantRouteParams($tenant),
['record' => $finding],
)))
->assertOk()
->assertDontSee('Diff unavailable')
->assertSee('1 removed')
->assertSee('Password required');
});
Reference in New Issue View Git Blame Copy Permalink