ahmido
7541b1eb41
## Summary - introduce the governance subject taxonomy registry and canonical Baseline Scope V2 normalization and persistence - update baseline profile Filament surfaces, validation, capture/compare gating, and add the optional scope backfill command with audit logging - add focused unit, feature, Filament, and browser smoke coverage for save-forward behavior, operation truth, authorization continuity, and invalid-scope rendering - remove the duplicate legacy spec plan under `specs/001-governance-subject-taxonomy/plan.md` ## Verification - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec202GovernanceSubjectTaxonomySmokeTest.php` - focused Spec 202 regression pack: `56 passed (300 assertions)` - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` ## Notes - no schema migration required - no new Filament asset registration required - branch includes the final browser smoke test coverage for the current feature Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #232
45 lines
2.3 KiB
PHP
45 lines
2.3 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Support\Governance\GovernanceDomainKey;
|
|
use App\Support\Governance\GovernanceSubjectClass;
|
|
use App\Support\Governance\GovernanceSubjectTaxonomyRegistry;
|
|
|
|
it('composes active governance subject types from current policy and foundation metadata', function (): void {
|
|
$registry = app(GovernanceSubjectTaxonomyRegistry::class);
|
|
|
|
$subjectTypes = collect($registry->active())
|
|
->keyBy(static fn ($subjectType): string => $subjectType->subjectTypeKey)
|
|
->all();
|
|
|
|
expect($subjectTypes['deviceConfiguration']->domainKey)->toBe(GovernanceDomainKey::Intune)
|
|
->and($subjectTypes['deviceConfiguration']->subjectClass)->toBe(GovernanceSubjectClass::Policy)
|
|
->and($subjectTypes['deviceConfiguration']->captureSupported)->toBeTrue()
|
|
->and($subjectTypes['deviceConfiguration']->compareSupported)->toBeTrue()
|
|
->and($subjectTypes['deviceConfiguration']->legacyBucket)->toBe('policy_types')
|
|
->and($subjectTypes['assignmentFilter']->domainKey)->toBe(GovernanceDomainKey::PlatformFoundation)
|
|
->and($subjectTypes['assignmentFilter']->subjectClass)->toBe(GovernanceSubjectClass::ConfigurationResource)
|
|
->and($subjectTypes['assignmentFilter']->legacyBucket)->toBe('foundation_types')
|
|
->and(array_key_exists('intuneRoleAssignment', $subjectTypes))->toBeFalse();
|
|
});
|
|
|
|
it('keeps unsupported foundation mappings addressable but inactive in the complete registry', function (): void {
|
|
$registry = app(GovernanceSubjectTaxonomyRegistry::class);
|
|
$subjectType = $registry->find('platform_foundation', 'intuneRoleAssignment');
|
|
|
|
expect($subjectType)->not->toBeNull()
|
|
->and($subjectType?->active)->toBeFalse()
|
|
->and($subjectType?->captureSupported)->toBeFalse()
|
|
->and($subjectType?->compareSupported)->toBeFalse();
|
|
});
|
|
|
|
it('reserves future-domain vocabulary without exposing future domains as active operator selections', function (): void {
|
|
$registry = app(GovernanceSubjectTaxonomyRegistry::class);
|
|
|
|
expect($registry->isKnownDomain('entra'))->toBeTrue()
|
|
->and($registry->allowsSubjectClass('entra', 'control'))->toBeTrue()
|
|
->and(collect($registry->active())->contains(
|
|
static fn ($subjectType): bool => $subjectType->domainKey === GovernanceDomainKey::Entra,
|
|
))->toBeFalse();
|
|
}); |