ahmido
788efee1c2
Replaced legacy tenant and environment bindings in the BaselineDriftEngine with the new ProviderResourceIdentity framework as defined in Spec 382. This ensures cross-environment compatibility and deterministic baseline matching. Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #453
62 lines
3.1 KiB
PHP
62 lines
3.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Support\Baselines\BaselineSubjectKey;
|
|
use App\Support\Baselines\SubjectClass;
|
|
use App\Support\Resources\ResourceIdentity;
|
|
|
|
it('does not collapse same-label provider resources with different stable IDs', function (): void {
|
|
$left = BaselineSubjectKey::forProviderResourceIdentity(
|
|
subjectDomain: 'baseline',
|
|
subjectClass: SubjectClass::PolicyBacked,
|
|
subjectTypeKey: 'deviceConfiguration',
|
|
identity: ResourceIdentity::providerResource('fake-provider', 'policy', 'provider-resource-1'),
|
|
);
|
|
|
|
$right = BaselineSubjectKey::forProviderResourceIdentity(
|
|
subjectDomain: 'baseline',
|
|
subjectClass: SubjectClass::PolicyBacked,
|
|
subjectTypeKey: 'deviceConfiguration',
|
|
identity: ResourceIdentity::providerResource('fake-provider', 'policy', 'provider-resource-2'),
|
|
);
|
|
|
|
expect($left)->toStartWith('provider-resource:v1:baseline:policy_backed:deviceconfiguration:fake-provider:policy:provider_resource:')
|
|
->and($right)->toStartWith('provider-resource:v1:baseline:policy_backed:deviceconfiguration:fake-provider:policy:provider_resource:')
|
|
->and($left)->not->toBe($right);
|
|
});
|
|
|
|
it('creates canonical keys for built-in and virtual targets without provider object IDs', function (): void {
|
|
$builtin = BaselineSubjectKey::forProviderResourceIdentity(
|
|
subjectDomain: 'baseline',
|
|
subjectClass: SubjectClass::FoundationBacked,
|
|
subjectTypeKey: 'assignmentTarget',
|
|
identity: ResourceIdentity::canonicalBuiltin('fake-provider', 'target', 'all-principals'),
|
|
);
|
|
|
|
$virtual = BaselineSubjectKey::forProviderResourceIdentity(
|
|
subjectDomain: 'baseline',
|
|
subjectClass: SubjectClass::FoundationBacked,
|
|
subjectTypeKey: 'assignmentTarget',
|
|
identity: ResourceIdentity::virtualTarget('fake-provider', 'target', 'dynamic-group-all-devices'),
|
|
);
|
|
|
|
expect($builtin)->toStartWith('provider-resource:v1:baseline:foundation_backed:assignmenttarget:fake-provider:target:canonical_builtin:')
|
|
->and($virtual)->toStartWith('provider-resource:v1:baseline:foundation_backed:assignmenttarget:fake-provider:target:canonical_virtual_target:')
|
|
->and($builtin)->not->toBe($virtual);
|
|
});
|
|
|
|
it('validates only provider-resource canonical keys as canonical provider subject keys', function (): void {
|
|
$key = BaselineSubjectKey::forProviderResourceIdentity(
|
|
subjectDomain: 'baseline',
|
|
subjectClass: SubjectClass::PolicyBacked,
|
|
subjectTypeKey: 'deviceConfiguration',
|
|
identity: ResourceIdentity::providerResource('fake-provider', 'policy', 'provider-resource-1'),
|
|
);
|
|
|
|
expect(BaselineSubjectKey::isProviderResourceCanonicalKey($key))->toBeTrue()
|
|
->and(BaselineSubjectKey::isProviderResourceCanonicalKey('duplicate policy'))->toBeFalse()
|
|
->and(BaselineSubjectKey::isProviderResourceCanonicalKey('provider-resource:v1:baseline:policy_backed:deviceconfiguration:fake-provider:policy:provider_resource:not-a-sha'))->toBeFalse()
|
|
->and(BaselineSubjectKey::isProviderResourceCanonicalKey(null))->toBeFalse();
|
|
});
|