57 lines
1.9 KiB
PHP
57 lines
1.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
it('prevents legacy fingerprinting/compare helpers from re-entering baseline orchestration (Spec 118)', function (): void {
|
|
$compareForbiddenTokens = [
|
|
'PolicyNormalizer',
|
|
'VersionDiff',
|
|
'flattenForDiff',
|
|
'computeDrift(',
|
|
'effectiveBaselineHash(',
|
|
'resolveBaselinePolicyVersionId(',
|
|
'selectSummaryKind(',
|
|
'buildDriftEvidenceContract(',
|
|
'buildRoleDefinitionEvidencePayload(',
|
|
'resolveRoleDefinitionVersion(',
|
|
'fallbackRoleDefinitionNormalized(',
|
|
'roleDefinitionChangedKeys(',
|
|
'roleDefinitionPermissionKeys(',
|
|
'resolveRoleDefinitionDiff(',
|
|
'severityForRoleDefinitionDiff(',
|
|
'BaselinePolicyVersionResolver',
|
|
'DriftHasher',
|
|
'SettingsNormalizer',
|
|
'AssignmentsNormalizer',
|
|
'ScopeTagsNormalizer',
|
|
'IntuneRoleDefinitionNormalizer',
|
|
];
|
|
|
|
$captureForbiddenTokens = [
|
|
...$compareForbiddenTokens,
|
|
'SettingsNormalizer',
|
|
'ScopeTagsNormalizer',
|
|
'->hashNormalized(',
|
|
'::hashNormalized(',
|
|
];
|
|
|
|
$compareJob = file_get_contents(base_path('app/Jobs/CompareBaselineToTenantJob.php'));
|
|
expect($compareJob)->toBeString();
|
|
expect($compareJob)->toContain('CurrentStateHashResolver');
|
|
expect($compareJob)->toContain('compareStrategyRegistry->select(');
|
|
expect($compareJob)->toContain('compareStrategyRegistry->resolve(');
|
|
expect($compareJob)->toContain('$strategy->compare(');
|
|
|
|
foreach ($compareForbiddenTokens as $token) {
|
|
expect($compareJob)->not->toContain($token);
|
|
}
|
|
|
|
$captureJob = file_get_contents(base_path('app/Jobs/CaptureBaselineSnapshotJob.php'));
|
|
expect($captureJob)->toBeString();
|
|
expect($captureJob)->toContain('CurrentStateHashResolver');
|
|
|
|
foreach ($captureForbiddenTokens as $token) {
|
|
expect($captureJob)->not->toContain($token);
|
|
}
|
|
});
|