ahmido
da18d3cb14
Dieses PR liefert den Inventory Dependencies Graph end-to-end: Abhängigkeiten (Edges) werden aus Inventory-Sync-Daten extrahiert, tenant-sicher gespeichert und in der Inventory Item Detailansicht angezeigt. Ziel: Admins können Prerequisites + Blast Radius (direct) schnell erkennen, ohne Snapshot/Restore anzufassen. ⸻ Was ist drin? Dependency Graph (Edges) • inventory_links Schema + Indizes + idempotentes Upsert (Unique Key) • Relationship Types (u.a.): • assigned_to_include, assigned_to_exclude • uses_assignment_filter • scoped_by_scope_tag • UI: Inventory Item → Dependencies Section • Direction Filter: All / Inbound / Outbound • Relationship Filter: All + spezifische Relationship Types • Missing-Badge + sicheres Tooltip (safe subset) Safety / Observability • Unknown/unsupported Shapes erzeugen keine Edges, sondern: • Warning in InventorySyncRun.error_context.warnings[] • optional info-log (ohne Secrets) • Limit-only Semantik (MVP): bis zu 50 Edges pro Richtung (max 100 bei “All”) • Blast Radius in MVP = direct only (kein depth>1 traversal) Name Resolution (lokal, ohne Entra Calls) • Resolver/DTO Layer für deterministische Labels (kein “Unknown” mehr) • Auflösung aus lokaler DB nur für Foundations, wenn vorhanden: • scope_tag → roleScopeTag • assignment_filter → assignmentFilter • aad_group bleibt bewusst external ref: “Group (external): …” (keine Graph/Entra Lookups im UI) • Zentraler FoundationTypeMap als Source-of-Truth (keine Hardcodings) ⸻ Out of Scope / Follow-up • Entra Group Name Resolution (braucht eigenes “Group Inventory” Modul + Permissions) • Foundations als Inventory Items / Coverage Tab (Scope Tags / Assignment Filters sichtbar & syncbar) → folgt als separater PR (Inventory Core/UI), damit 042 sauber “Edges-only” bleibt. ⸻ Tests / Verifikation • Targeted Pest Tests (Unit + Feature + UI smoke) für: • deterministische Edge-Erzeugung + idempotent upsert • tenant isolation (UI/Query) • warnings auf Run Record • resolver/name rendering + links (wo möglich) • pint --dirty ausgeführt ⸻ Manual QA (UI) 1. Inventory Sync Run mit include_dependencies=true starten 2. Inventory Item öffnen → Dependencies prüfen: • include/exclude + filter + scoped_by sichtbar (wenn vorhanden) • Relationship/Direction Filter funktionieren • keine “Unknown” Labels mehr, sondern deterministische Labels Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local> Reviewed-on: #50
125 lines
3.9 KiB
PHP
125 lines
3.9 KiB
PHP
<?php
|
|
|
|
namespace App\Services\Inventory\DependencyTargets;
|
|
|
|
use App\Filament\Resources\InventoryItemResource;
|
|
use App\Models\Tenant;
|
|
|
|
class DependencyTargetDto
|
|
{
|
|
public function __construct(
|
|
public readonly string $targetLabel,
|
|
public readonly ?string $displayName,
|
|
public readonly ?string $maskedId,
|
|
public readonly bool $resolved,
|
|
public readonly ?string $linkUrl,
|
|
public readonly ?string $foundationType,
|
|
public readonly ?string $reasonUnresolved,
|
|
public readonly string $badgeText,
|
|
) {}
|
|
|
|
public static function missing(): self
|
|
{
|
|
return new self(
|
|
targetLabel: 'Missing target',
|
|
displayName: null,
|
|
maskedId: null,
|
|
resolved: false,
|
|
linkUrl: null,
|
|
foundationType: null,
|
|
reasonUnresolved: 'missing_target',
|
|
badgeText: 'Missing target',
|
|
);
|
|
}
|
|
|
|
public static function externalGroup(string $targetId): self
|
|
{
|
|
return static::externalGroupWithLabel($targetId, 'Group (external)');
|
|
}
|
|
|
|
public static function externalGroupWithLabel(string $targetId, string $label): self
|
|
{
|
|
$maskedId = static::mask($targetId);
|
|
|
|
return new self(
|
|
targetLabel: $label,
|
|
displayName: null,
|
|
maskedId: $maskedId,
|
|
resolved: false,
|
|
linkUrl: null,
|
|
foundationType: 'aad_group',
|
|
reasonUnresolved: 'external_reference',
|
|
badgeText: "{$label}: {$maskedId}",
|
|
);
|
|
}
|
|
|
|
public static function unresolvedFoundation(string $label, string $foundationType, string $targetId): self
|
|
{
|
|
$maskedId = static::mask($targetId);
|
|
|
|
return new self(
|
|
targetLabel: $label,
|
|
displayName: null,
|
|
maskedId: $maskedId,
|
|
resolved: false,
|
|
linkUrl: null,
|
|
foundationType: $foundationType,
|
|
reasonUnresolved: 'not_in_local_db',
|
|
badgeText: "{$label} (unresolved): {$maskedId}",
|
|
);
|
|
}
|
|
|
|
public static function resolvedFoundation(string $label, string $foundationType, string $targetId, string $displayName, ?int $inventoryItemId, Tenant $tenant): self
|
|
{
|
|
$maskedId = static::mask($targetId);
|
|
$url = $inventoryItemId ? InventoryItemResource::getUrl('view', ['record' => $inventoryItemId], tenant: $tenant) : null;
|
|
|
|
return new self(
|
|
targetLabel: $label,
|
|
displayName: $displayName,
|
|
maskedId: $maskedId,
|
|
resolved: true,
|
|
linkUrl: $url,
|
|
foundationType: $foundationType,
|
|
reasonUnresolved: null,
|
|
badgeText: "{$label}: {$displayName} ({$maskedId})",
|
|
);
|
|
}
|
|
|
|
public static function externalReference(string $targetId, ?string $foundationType = null): self
|
|
{
|
|
$maskedId = static::mask($targetId);
|
|
$label = $foundationType ? "External ref ({$foundationType})" : 'External reference';
|
|
|
|
return new self(
|
|
targetLabel: $label,
|
|
displayName: null,
|
|
maskedId: $maskedId,
|
|
resolved: false,
|
|
linkUrl: null,
|
|
foundationType: $foundationType,
|
|
reasonUnresolved: 'unsupported_foundation_type',
|
|
badgeText: "{$label}: {$maskedId}",
|
|
);
|
|
}
|
|
|
|
public function toArray(): array
|
|
{
|
|
return [
|
|
'target_label' => $this->targetLabel,
|
|
'display_name' => $this->displayName,
|
|
'masked_id' => $this->maskedId,
|
|
'resolved' => $this->resolved,
|
|
'link_url' => $this->linkUrl,
|
|
'foundation_type' => $this->foundationType,
|
|
'reason_unresolved' => $this->reasonUnresolved,
|
|
'badge_text' => $this->badgeText,
|
|
];
|
|
}
|
|
|
|
private static function mask(string $id): string
|
|
{
|
|
return substr($id, 0, 6).'…';
|
|
}
|
|
}
|