TenantAtlas/app/Filament/Resources/PolicyResource/RelationManagers/VersionsRelationManager.php

<?php

namespace App\Filament\Resources\PolicyResource\RelationManagers;

use App\Filament\Resources\RestoreRunResource;
use App\Models\PolicyVersion;
use App\Models\Tenant;
use App\Services\Intune\RestoreService;
use App\Support\Badges\TagBadgeDomain;
use App\Support\Badges\TagBadgeRenderer;
use Filament\Actions;
use Filament\Forms;
use Filament\Notifications\Notification;
use Filament\Resources\RelationManagers\RelationManager;
use Filament\Tables;
use Filament\Tables\Table;

class VersionsRelationManager extends RelationManager
{
    protected static string $relationship = 'versions';

    public function table(Table $table): Table
    {
        return $table
            ->columns([
                Tables\Columns\TextColumn::make('version_number')->sortable(),
                Tables\Columns\TextColumn::make('captured_at')->dateTime()->sortable(),
                Tables\Columns\TextColumn::make('created_by')->label('Actor'),
                Tables\Columns\TextColumn::make('policy_type')
                    ->badge()
                    ->formatStateUsing(TagBadgeRenderer::label(TagBadgeDomain::PolicyType))
                    ->color(TagBadgeRenderer::color(TagBadgeDomain::PolicyType))
                    ->toggleable(isToggledHiddenByDefault: true),
            ])
            ->defaultSort('version_number', 'desc')
            ->filters([])
            ->headerActions([])
            ->actions([
                Actions\Action::make('restore_to_intune')
                    ->label('Restore to Intune')
                    ->icon('heroicon-o-arrow-path-rounded-square')
                    ->color('danger')
                    ->disabled(fn (PolicyVersion $record): bool => ($record->metadata['source'] ?? null) === 'metadata_only')
                    ->tooltip('Disabled for metadata-only snapshots (Graph did not provide policy settings).')
                    ->requiresConfirmation()
                    ->modalHeading(fn (PolicyVersion $record): string => "Restore version {$record->version_number} to Intune?")
                    ->modalSubheading('Creates a restore run using this policy version snapshot.')
                    ->form([
                        Forms\Components\Toggle::make('is_dry_run')
                            ->label('Preview only (dry-run)')
                            ->default(true),
                    ])
                    ->action(function (PolicyVersion $record, array $data, RestoreService $restoreService) {
                        $tenant = Tenant::current();

                        if ($record->tenant_id !== $tenant->id) {
                            Notification::make()
                                ->title('Policy version belongs to a different tenant')
                                ->danger()
                                ->send();

                            return;
                        }

                        try {
                            $run = $restoreService->executeFromPolicyVersion(
                                tenant: $tenant,
                                version: $record,
                                dryRun: (bool) ($data['is_dry_run'] ?? true),
                                actorEmail: auth()->user()?->email,
                                actorName: auth()->user()?->name,
                            );
                        } catch (\Throwable $throwable) {
                            Notification::make()
                                ->title('Restore run failed to start')
                                ->body($throwable->getMessage())
                                ->danger()
                                ->send();

                            return;
                        }

                        Notification::make()
                            ->title('Restore run started')
                            ->success()
                            ->send();

                        return redirect(RestoreRunResource::getUrl('view', ['record' => $run]));
                    }),
                Actions\ViewAction::make()
                    ->url(fn ($record) => \App\Filament\Resources\PolicyVersionResource::getUrl('view', ['record' => $record]))
                    ->openUrlInNewTab(false),
            ])
            ->bulkActions([]);
    }
}