ahmido
412dd7ad66
Hydrate configurationPolicies/{id}/settings for endpoint security/baseline policies so snapshots include real rule data.
Treat those types like Settings Catalog policies in the normalizer so they show the searchable settings table, recognizable categories, and readable choice values (firewall-specific formatting + interface badge parsing).
Improve “General” tab cards: badge lists for platforms/technologies, template reference summary (name/family/version/ID), and ISO timestamps rendered as YYYY‑MM‑DD HH:MM:SS; added regression test for the view.
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #23
296 lines
9.5 KiB
PHP
296 lines
9.5 KiB
PHP
<?php
|
|
|
|
use App\Filament\Resources\RestoreRunResource\Pages\CreateRestoreRun;
|
|
use App\Models\BackupItem;
|
|
use App\Models\BackupSet;
|
|
use App\Models\Policy;
|
|
use App\Models\RestoreRun;
|
|
use App\Models\Tenant;
|
|
use App\Models\User;
|
|
use App\Services\Graph\GroupResolver;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Livewire\Livewire;
|
|
use Mockery\MockInterface;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
beforeEach(function () {
|
|
putenv('INTUNE_TENANT_ID');
|
|
unset($_ENV['INTUNE_TENANT_ID'], $_SERVER['INTUNE_TENANT_ID']);
|
|
});
|
|
|
|
test('restore wizard can run safety checks and persists results on the restore run', function () {
|
|
$tenant = Tenant::create([
|
|
'tenant_id' => 'tenant-1',
|
|
'name' => 'Tenant One',
|
|
'metadata' => [],
|
|
]);
|
|
|
|
$tenant->makeCurrent();
|
|
|
|
$policy = Policy::create([
|
|
'tenant_id' => $tenant->id,
|
|
'external_id' => 'policy-1',
|
|
'policy_type' => 'settingsCatalogPolicy',
|
|
'display_name' => 'Settings Catalog',
|
|
'platform' => 'windows',
|
|
]);
|
|
|
|
$backupSet = BackupSet::create([
|
|
'tenant_id' => $tenant->id,
|
|
'name' => 'Backup',
|
|
'status' => 'completed',
|
|
'item_count' => 1,
|
|
]);
|
|
|
|
$backupItem = BackupItem::create([
|
|
'tenant_id' => $tenant->id,
|
|
'backup_set_id' => $backupSet->id,
|
|
'policy_id' => $policy->id,
|
|
'policy_identifier' => $policy->external_id,
|
|
'policy_type' => $policy->policy_type,
|
|
'platform' => $policy->platform,
|
|
'captured_at' => now(),
|
|
'payload' => ['id' => $policy->external_id],
|
|
'assignments' => [[
|
|
'target' => [
|
|
'@odata.type' => '#microsoft.graph.groupAssignmentTarget',
|
|
'groupId' => 'source-group-1',
|
|
'group_display_name' => 'Source Group',
|
|
],
|
|
'intent' => 'apply',
|
|
]],
|
|
]);
|
|
|
|
$this->mock(GroupResolver::class, function (MockInterface $mock) {
|
|
$mock->shouldReceive('resolveGroupIds')
|
|
->andReturnUsing(function (array $groupIds): array {
|
|
return collect($groupIds)
|
|
->mapWithKeys(fn (string $id) => [$id => [
|
|
'id' => $id,
|
|
'displayName' => null,
|
|
'orphaned' => true,
|
|
]])
|
|
->all();
|
|
});
|
|
});
|
|
|
|
$user = User::factory()->create();
|
|
$this->actingAs($user);
|
|
|
|
$component = Livewire::test(CreateRestoreRun::class)
|
|
->fillForm([
|
|
'backup_set_id' => $backupSet->id,
|
|
])
|
|
->goToNextWizardStep()
|
|
->fillForm([
|
|
'scope_mode' => 'selected',
|
|
'backup_item_ids' => [$backupItem->id],
|
|
])
|
|
->goToNextWizardStep()
|
|
->assertFormComponentActionVisible('check_results', 'run_restore_checks')
|
|
->callFormComponentAction('check_results', 'run_restore_checks');
|
|
|
|
$summary = $component->get('data.check_summary');
|
|
$results = $component->get('data.check_results');
|
|
|
|
expect($summary)->toBeArray();
|
|
expect($summary['blocking'] ?? null)->toBe(1);
|
|
expect($summary['has_blockers'] ?? null)->toBeTrue();
|
|
|
|
expect($results)->toBeArray();
|
|
expect($results)->not->toBeEmpty();
|
|
|
|
$assignmentCheck = collect($results)->firstWhere('code', 'assignment_groups');
|
|
expect($assignmentCheck)->toBeArray();
|
|
expect($assignmentCheck['severity'] ?? null)->toBe('blocking');
|
|
|
|
$unmappedGroups = $assignmentCheck['meta']['unmapped'] ?? [];
|
|
expect($unmappedGroups)->toBeArray();
|
|
expect($unmappedGroups[0]['id'] ?? null)->toBe('source-group-1');
|
|
|
|
$checksRanAt = $component->get('data.checks_ran_at');
|
|
expect($checksRanAt)->toBeString();
|
|
|
|
$component
|
|
->goToNextWizardStep()
|
|
->callFormComponentAction('preview_diffs', 'run_restore_preview')
|
|
->goToNextWizardStep()
|
|
->call('create')
|
|
->assertHasNoFormErrors();
|
|
|
|
$run = RestoreRun::query()->latest('id')->first();
|
|
|
|
expect($run)->not->toBeNull();
|
|
expect($run->metadata)->toHaveKeys([
|
|
'check_summary',
|
|
'check_results',
|
|
'checks_ran_at',
|
|
]);
|
|
expect($run->metadata['check_summary']['blocking'] ?? null)->toBe(1);
|
|
});
|
|
|
|
test('restore wizard treats skipped orphaned groups as a warning instead of a blocker', function () {
|
|
$tenant = Tenant::create([
|
|
'tenant_id' => 'tenant-1',
|
|
'name' => 'Tenant One',
|
|
'metadata' => [],
|
|
]);
|
|
|
|
$tenant->makeCurrent();
|
|
|
|
$policy = Policy::create([
|
|
'tenant_id' => $tenant->id,
|
|
'external_id' => 'policy-1',
|
|
'policy_type' => 'settingsCatalogPolicy',
|
|
'display_name' => 'Settings Catalog',
|
|
'platform' => 'windows',
|
|
]);
|
|
|
|
$backupSet = BackupSet::create([
|
|
'tenant_id' => $tenant->id,
|
|
'name' => 'Backup',
|
|
'status' => 'completed',
|
|
'item_count' => 1,
|
|
]);
|
|
|
|
$backupItem = BackupItem::create([
|
|
'tenant_id' => $tenant->id,
|
|
'backup_set_id' => $backupSet->id,
|
|
'policy_id' => $policy->id,
|
|
'policy_identifier' => $policy->external_id,
|
|
'policy_type' => $policy->policy_type,
|
|
'platform' => $policy->platform,
|
|
'captured_at' => now(),
|
|
'payload' => ['id' => $policy->external_id],
|
|
'assignments' => [[
|
|
'target' => [
|
|
'@odata.type' => '#microsoft.graph.groupAssignmentTarget',
|
|
'groupId' => 'source-group-1',
|
|
'group_display_name' => 'Source Group',
|
|
],
|
|
'intent' => 'apply',
|
|
]],
|
|
]);
|
|
|
|
$this->mock(GroupResolver::class, function (MockInterface $mock) {
|
|
$mock->shouldReceive('resolveGroupIds')
|
|
->andReturnUsing(function (array $groupIds): array {
|
|
return collect($groupIds)
|
|
->mapWithKeys(fn (string $id) => [$id => [
|
|
'id' => $id,
|
|
'displayName' => null,
|
|
'orphaned' => true,
|
|
]])
|
|
->all();
|
|
});
|
|
});
|
|
|
|
$user = User::factory()->create();
|
|
$this->actingAs($user);
|
|
|
|
$component = Livewire::test(CreateRestoreRun::class)
|
|
->fillForm([
|
|
'backup_set_id' => $backupSet->id,
|
|
])
|
|
->goToNextWizardStep()
|
|
->fillForm([
|
|
'scope_mode' => 'selected',
|
|
'backup_item_ids' => [$backupItem->id],
|
|
])
|
|
->goToNextWizardStep()
|
|
->set('data.group_mapping', (object) [
|
|
'source-group-1' => 'SKIP',
|
|
])
|
|
->callFormComponentAction('check_results', 'run_restore_checks');
|
|
|
|
$summary = $component->get('data.check_summary');
|
|
$results = $component->get('data.check_results');
|
|
|
|
expect($summary)->toBeArray();
|
|
expect($summary['blocking'] ?? null)->toBe(0);
|
|
expect($summary['has_blockers'] ?? null)->toBeFalse();
|
|
expect($summary['warning'] ?? null)->toBe(1);
|
|
|
|
$assignmentCheck = collect($results)->firstWhere('code', 'assignment_groups');
|
|
expect($assignmentCheck)->toBeArray();
|
|
expect($assignmentCheck['severity'] ?? null)->toBe('warning');
|
|
|
|
$skippedGroups = $assignmentCheck['meta']['skipped'] ?? [];
|
|
expect($skippedGroups)->toBeArray();
|
|
expect($skippedGroups[0]['id'] ?? null)->toBe('source-group-1');
|
|
});
|
|
|
|
test('restore wizard flags metadata-only snapshots as blocking for restore-enabled types', function () {
|
|
$tenant = Tenant::create([
|
|
'tenant_id' => 'tenant-1',
|
|
'name' => 'Tenant One',
|
|
'metadata' => [],
|
|
]);
|
|
|
|
$tenant->makeCurrent();
|
|
|
|
$policy = Policy::create([
|
|
'tenant_id' => $tenant->id,
|
|
'external_id' => 'policy-1',
|
|
'policy_type' => 'mamAppConfiguration',
|
|
'display_name' => 'MAM App Config',
|
|
'platform' => 'mobile',
|
|
]);
|
|
|
|
$backupSet = BackupSet::create([
|
|
'tenant_id' => $tenant->id,
|
|
'name' => 'Backup',
|
|
'status' => 'completed',
|
|
'item_count' => 1,
|
|
]);
|
|
|
|
$backupItem = BackupItem::create([
|
|
'tenant_id' => $tenant->id,
|
|
'backup_set_id' => $backupSet->id,
|
|
'policy_id' => $policy->id,
|
|
'policy_identifier' => $policy->external_id,
|
|
'policy_type' => $policy->policy_type,
|
|
'platform' => $policy->platform,
|
|
'captured_at' => now(),
|
|
'payload' => ['id' => $policy->external_id, 'displayName' => $policy->display_name],
|
|
'assignments' => [],
|
|
'metadata' => [
|
|
'source' => 'metadata_only',
|
|
'warnings' => [
|
|
'Graph returned 500 for this policy type. Only local metadata was saved; settings and restore are unavailable until Graph works again.',
|
|
],
|
|
],
|
|
]);
|
|
|
|
$this->mock(GroupResolver::class, function (MockInterface $mock) {
|
|
$mock->shouldReceive('resolveGroupIds')
|
|
->andReturn([]);
|
|
});
|
|
|
|
$user = User::factory()->create();
|
|
$this->actingAs($user);
|
|
|
|
$component = Livewire::test(CreateRestoreRun::class)
|
|
->fillForm([
|
|
'backup_set_id' => $backupSet->id,
|
|
])
|
|
->goToNextWizardStep()
|
|
->fillForm([
|
|
'scope_mode' => 'selected',
|
|
'backup_item_ids' => [$backupItem->id],
|
|
])
|
|
->goToNextWizardStep()
|
|
->callFormComponentAction('check_results', 'run_restore_checks');
|
|
|
|
$summary = $component->get('data.check_summary');
|
|
$results = $component->get('data.check_results');
|
|
|
|
expect($summary['blocking'] ?? null)->toBe(1);
|
|
expect($summary['has_blockers'] ?? null)->toBeTrue();
|
|
|
|
$metadataOnly = collect($results)->firstWhere('code', 'metadata_only');
|
|
expect($metadataOnly)->toBeArray();
|
|
expect($metadataOnly['severity'] ?? null)->toBe('blocking');
|
|
});
|