ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
7d4d607475
TenantAtlas/tests/Feature/Filament/OperationRunEnterpriseDetailPageTest.php
ahmido 7d4d607475 feat: add baseline gap details surfaces (#192) 
## Summary
- add baseline compare evidence gap detail modeling and a dedicated Livewire table surface
- extend baseline compare landing and operation run detail surfaces to expose evidence gap details and stats
- add spec artifacts for feature 162 and expand feature coverage with focused Filament and baseline tests

## Notes
- branch: `162-baseline-gap-details`
- commit: `a92dd812`
- working tree was clean after push

## Validation
- tests were not run in this step

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #192
2026-03-24 19:05:23 +00:00

421 lines
16 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Models\BackupSet;
use App\Models\OperationRun;
use App\Models\Tenant;
use App\Models\User;
use App\Models\Workspace;
use App\Models\WorkspaceMembership;
use App\Support\OperationRunOutcome;
use App\Support\OperationRunStatus;
use App\Support\Workspaces\WorkspaceContext;
use Filament\Facades\Filament;
use Illuminate\Testing\TestResponse;
function visiblePageText(TestResponse $response): string
{
$html = (string) $response->getContent();
$html = preg_replace('/<script\b[^>]*>.*?<\/script>/is', '', $html) ?? $html;
$html = preg_replace('/<style\b[^>]*>.*?<\/style>/is', '', $html) ?? $html;
$html = preg_replace('/\s+wire:snapshot="[^"]*"/', '', $html) ?? $html;
$html = preg_replace('/\s+wire:effects="[^"]*"/', '', $html) ?? $html;
return trim((string) preg_replace('/\s+/', ' ', strip_tags($html)));
}
/**
* @param array<string, mixed> $overrides
* @return array<string, mixed>
*/
function baselineCompareGapContext(array $overrides = []): array
{
return array_replace_recursive([
'baseline_compare' => [
'subjects_total' => 50,
'reason_code' => 'evidence_capture_incomplete',
'fidelity' => 'meta',
'coverage' => [
'proof' => true,
'covered_types' => ['deviceConfiguration'],
'uncovered_types' => [],
'effective_types' => ['deviceConfiguration'],
],
'evidence_capture' => [
'requested' => 50,
'succeeded' => 47,
'skipped' => 0,
'failed' => 3,
'throttled' => 0,
],
'evidence_gaps' => [
'count' => 5,
'by_reason' => [
'ambiguous_match' => 3,
'policy_not_found' => 2,
],
'ambiguous_match' => 3,
'policy_not_found' => 2,
'subjects' => [
'ambiguous_match' => [
'deviceConfiguration|WiFi-Corp-Profile',
'deviceConfiguration|VPN-Always-On',
'deviceConfiguration|Email-Exchange-Config',
],
'policy_not_found' => [
'deviceConfiguration|Deleted-Policy-ABC',
'deviceConfiguration|Removed-Config-XYZ',
],
],
],
],
], $overrides);
}
it('renders operation runs with summary content before counts and technical context', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant(null, true);
$run = OperationRun::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'type' => 'policy.sync',
'status' => OperationRunStatus::Completed->value,
'outcome' => OperationRunOutcome::Succeeded->value,
'initiator_name' => 'Alice Example',
'summary_counts' => [
'total' => 10,
'processed' => 10,
'succeeded' => 10,
],
'context' => [
'target_scope' => [
'entra_tenant_name' => 'Contoso',
'entra_tenant_id' => '11111111-1111-1111-1111-111111111111',
],
],
]);
$response = $this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertOk()
->assertSee('Current state')
->assertSee('Timing')
->assertSee('Contoso');
$pageText = visiblePageText($response);
$policySyncPosition = mb_strpos($pageText, 'Policy sync');
$runSummaryPosition = mb_strpos($pageText, 'Run summary');
$relatedContextPosition = mb_strpos($pageText, 'Related context');
$countsPosition = mb_strpos($pageText, 'Counts');
$identityHashPosition = mb_strpos($pageText, 'Identity hash');
expect($policySyncPosition)->not->toBeFalse()
->and($runSummaryPosition)->not->toBeFalse()
->and($relatedContextPosition)->not->toBeFalse()
->and($countsPosition)->not->toBeFalse()
->and($identityHashPosition)->not->toBeFalse()
->and($policySyncPosition)->toBeLessThan($runSummaryPosition)
->and($runSummaryPosition)->toBeLessThan($relatedContextPosition)
->and($relatedContextPosition)->toBeLessThan($countsPosition)
->and($countsPosition)->toBeLessThan($identityHashPosition);
expect((string) $response->getContent())
->toMatch('/fi-section-header-heading[^>]*>\s*Current state\s*</')
->toMatch('/fi-section-header-heading[^>]*>\s*Timing\s*</');
});
it('keeps header navigation and related context visible for tenant-bound operation runs', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant(null, true);
$backupSet = BackupSet::factory()->create([
'tenant_id' => (int) $tenant->getKey(),
'name' => 'Nightly backup',
]);
$run = OperationRun::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'type' => 'backup_set.add_policies',
'status' => OperationRunStatus::Completed->value,
'outcome' => OperationRunOutcome::Succeeded->value,
'context' => [
'backup_set_id' => (int) $backupSet->getKey(),
'target_scope' => [
'entra_tenant_name' => 'Contoso',
],
],
]);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertOk()
->assertSee('Back to Operations')
->assertSee('Refresh')
->assertSee('Related context')
->assertSee('/admin/t/'.$tenant->external_id.'/backup-sets/'.$backupSet->getKey(), false);
});
it('renders mismatch context above the enterprise detail content without blocking the page', function (): void {
$runTenant = Tenant::factory()->create([
'name' => 'Run Tenant',
]);
[$user, $runTenant] = createUserWithTenant(tenant: $runTenant, role: 'owner');
$currentTenant = Tenant::factory()->create([
'name' => 'Current Tenant',
'workspace_id' => (int) $runTenant->workspace_id,
]);
createUserWithTenant(tenant: $currentTenant, user: $user, role: 'owner');
Filament::setTenant($currentTenant, true);
$run = OperationRun::factory()->create([
'workspace_id' => (int) $runTenant->workspace_id,
'tenant_id' => (int) $runTenant->getKey(),
'type' => 'policy.sync',
'status' => OperationRunStatus::Completed->value,
'outcome' => OperationRunOutcome::Succeeded->value,
]);
$response = $this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $runTenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertOk()
->assertSee('Current tenant context differs from this run')
->assertSee('Run summary')
->assertSee('Related context');
$pageText = visiblePageText($response);
$bannerPosition = mb_strpos($pageText, 'Current tenant context differs from this run');
$summaryPosition = mb_strpos($pageText, 'Run summary');
expect($bannerPosition)->not->toBeFalse()
->and($summaryPosition)->not->toBeFalse()
->and($bannerPosition)->toBeLessThan($summaryPosition);
});
it('renders explicit sparse-data fallbacks for operation runs', function (): void {
$workspace = Workspace::factory()->create();
$user = User::factory()->create();
WorkspaceMembership::factory()->create([
'workspace_id' => (int) $workspace->getKey(),
'user_id' => (int) $user->getKey(),
'role' => 'owner',
]);
Filament::setTenant(null, true);
$run = OperationRun::factory()->create([
'workspace_id' => (int) $workspace->getKey(),
'tenant_id' => null,
'type' => 'provider.connection.check',
'status' => OperationRunStatus::Completed->value,
'outcome' => OperationRunOutcome::Failed->value,
'summary_counts' => [],
'failure_summary' => [],
'context' => [],
]);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspace->getKey()])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertOk()
->assertSee('No target scope details were recorded for this run.')
->assertSee('Verification report')
->assertSee('Verification report unavailable')
->assertDontSee('Counts');
});
it('renders lifecycle reconciliation diagnostics for reconciled runs', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant(null, true);
$run = OperationRun::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'type' => 'restore.execute',
'status' => OperationRunStatus::Completed->value,
'outcome' => OperationRunOutcome::Failed->value,
'context' => [
'reason_code' => 'run.adapter_out_of_sync',
'reconciliation' => [
'reconciled_at' => now()->toIso8601String(),
'reason' => 'run.adapter_out_of_sync',
'reason_code' => 'run.adapter_out_of_sync',
'source' => 'adapter_reconciler',
],
],
'failure_summary' => [[
'code' => 'run.adapter_out_of_sync',
'reason_code' => 'run.adapter_out_of_sync',
'message' => 'A related restore record reached terminal truth before the operation run was updated.',
]],
]);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertOk()
->assertSee('Lifecycle reconciliation')
->assertSee('Automatically reconciled')
->assertSee('Reconciled by')
->assertSee('Adapter reconciler');
});
it('renders evidence gap details section for baseline compare runs with gap subjects', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant(null, true);
$run = OperationRun::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'type' => 'baseline_compare',
'status' => 'completed',
'outcome' => 'partially_succeeded',
'context' => baselineCompareGapContext(),
'completed_at' => now(),
]);
$response = $this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertOk()
->assertSee('Evidence gap details')
->assertSee('Search gap details')
->assertSee('Search by reason, policy type, or subject key')
->assertSee('Reason')
->assertSee('Ambiguous inventory match')
->assertSee('Policy not found')
->assertSee('3 affected')
->assertSee('2 affected')
->assertSee('WiFi-Corp-Profile')
->assertSee('Deleted-Policy-ABC')
->assertSee('Policy type')
->assertSee('Subject key');
});
it('renders baseline compare evidence-gap details without invoking graph during canonical run detail render', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant(null, true);
bindFailHardGraphClient();
$run = OperationRun::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'type' => 'baseline_compare',
'status' => 'completed',
'outcome' => 'partially_succeeded',
'context' => baselineCompareGapContext(),
'completed_at' => now(),
]);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertOk()
->assertSee('Evidence gap details')
->assertSee('WiFi-Corp-Profile');
});
it('distinguishes missing recorded gap detail from no-gap runs on the canonical run detail surface', function (): void {
[$user, $tenant] = createUserWithTenant(role: 'owner');
Filament::setTenant(null, true);
$legacyRun = OperationRun::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'type' => 'baseline_compare',
'status' => 'completed',
'outcome' => 'partially_succeeded',
'context' => baselineCompareGapContext([
'baseline_compare' => [
'evidence_gaps' => [
'subjects' => null,
],
],
]),
'completed_at' => now(),
]);
$cleanRun = OperationRun::factory()->create([
'workspace_id' => (int) $tenant->workspace_id,
'tenant_id' => (int) $tenant->getKey(),
'type' => 'baseline_compare',
'status' => 'completed',
'outcome' => 'succeeded',
'context' => baselineCompareGapContext([
'baseline_compare' => [
'reason_code' => 'no_drift_detected',
'evidence_gaps' => [
'count' => 0,
'by_reason' => [],
'subjects' => [],
],
],
]),
'completed_at' => now(),
]);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $legacyRun->getKey()]))
->assertOk()
->assertSee('Evidence gap details')
->assertSee('Detailed rows were not recorded for this run')
->assertSee('Baseline compare evidence');
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $tenant->workspace_id])
->get(route('admin.operations.view', ['run' => (int) $cleanRun->getKey()]))
->assertOk()
->assertDontSee('Evidence gap details')
->assertSee('Baseline compare evidence');
});
it('returns 404 for workspace members without tenant entitlement when evidence-gap details exist on the canonical surface', function (): void {
$workspace = Workspace::factory()->create();
$tenant = Tenant::factory()->create([
'workspace_id' => (int) $workspace->getKey(),
]);
$run = OperationRun::factory()->create([
'workspace_id' => (int) $workspace->getKey(),
'tenant_id' => (int) $tenant->getKey(),
'type' => 'baseline_compare',
'status' => 'completed',
'outcome' => 'partially_succeeded',
'context' => baselineCompareGapContext(),
'completed_at' => now(),
]);
$user = User::factory()->create();
WorkspaceMembership::factory()->create([
'workspace_id' => (int) $workspace->getKey(),
'user_id' => (int) $user->getKey(),
'role' => 'owner',
]);
Filament::setTenant(null, true);
$this->actingAs($user)
->withSession([WorkspaceContext::SESSION_KEY => (int) $workspace->getKey()])
->get(route('admin.operations.view', ['run' => (int) $run->getKey()]))
->assertNotFound();
});
Reference in New Issue View Git Blame Copy Permalink