ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
4db8030f2a
TenantAtlas/tests/Feature/PolicySyncServiceReportTest.php
ahmido 4db8030f2a Spec 081: Provider connection cutover (#98) 
Implements Spec 081 provider-connection cutover.

Highlights:
- Adds provider connection resolution + gating for operations/verification.
- Adds provider credential observer wiring.
- Updates Filament tenant verify flow to block with next-steps when provider connection isn’t ready.
- Adds spec docs under specs/081-provider-connection-cutover/ and extensive Spec081 test coverage.

Tests:
- vendor/bin/sail artisan test --compact tests/Feature/Filament/TenantSetupTest.php
- Focused suites for ProviderConnections/Verification ran during implementation (see local logs).

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #98
2026-02-08 11:28:51 +00:00

90 lines
3.1 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Models\Policy;
use App\Models\ProviderConnection;
use App\Models\ProviderCredential;
use App\Models\Tenant;
use App\Services\Graph\GraphClientInterface;
use App\Services\Graph\GraphLogger;
use App\Services\Graph\GraphResponse;
use App\Services\Intune\PolicySyncService;
use function Pest\Laravel\mock;
function tenantWithDefaultMicrosoftConnectionForPolicySyncReport(array $attributes = []): Tenant
{
$tenant = Tenant::factory()->create($attributes + [
'status' => 'active',
'app_client_id' => null,
'app_client_secret' => null,
]);
$connection = ProviderConnection::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'provider' => 'microsoft',
'is_default' => true,
'status' => 'connected',
'entra_tenant_id' => (string) ($tenant->tenant_id ?: 'tenant-'.$tenant->getKey()),
]);
ProviderCredential::factory()->create([
'provider_connection_id' => (int) $connection->getKey(),
'type' => 'client_secret',
'payload' => [
'client_id' => 'provider-client-'.$tenant->getKey(),
'client_secret' => 'provider-secret-'.$tenant->getKey(),
],
]);
return $tenant;
}
it('returns a report with failures when policy list calls fail', function () {
$tenant = tenantWithDefaultMicrosoftConnectionForPolicySyncReport();
$logger = mock(GraphLogger::class);
$logger->shouldReceive('logRequest')->zeroOrMoreTimes()->andReturnNull();
$logger->shouldReceive('logResponse')->zeroOrMoreTimes()->andReturnNull();
mock(GraphClientInterface::class)
->shouldReceive('listPolicies')
->andReturnUsing(function (string $policyType) {
return match ($policyType) {
'endpointSecurityPolicy' => new GraphResponse(
success: false,
data: [],
status: 403,
errors: [['message' => 'Forbidden']],
meta: ['path' => '/deviceManagement/configurationPolicies'],
),
default => new GraphResponse(
success: true,
data: [
['id' => 'scp-1', 'displayName' => 'Settings Catalog', 'technologies' => ['mdm']],
],
status: 200,
),
};
});
$service = app(PolicySyncService::class);
$result = $service->syncPoliciesWithReport($tenant, [
['type' => 'endpointSecurityPolicy', 'platform' => 'windows'],
['type' => 'settingsCatalogPolicy', 'platform' => 'windows'],
]);
expect($result)->toHaveKeys(['synced', 'failures']);
expect($result['synced'])->toBeArray();
expect($result['failures'])->toBeArray();
expect(count($result['synced']))->toBe(1);
expect(Policy::query()->where('tenant_id', $tenant->id)->count())->toBe(1);
expect(count($result['failures']))->toBe(1);
expect($result['failures'][0]['policy_type'])->toBe('endpointSecurityPolicy');
expect($result['failures'][0]['status'])->toBe(403);
});
Reference in New Issue View Git Blame Copy Permalink