ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
823f052c65
TenantAtlas/specs/013-scripts-management/plan.md
ahmido 4cdd092637 013-scripts-management (#19) 
Adds scripts normalizer + safe script content display (opt-in, decoded, capped)
Improves script diff UX: side-by-side + Before/After, Torchlight highlighting, fullscreen with scroll-sync
Fixes Torchlight dark mode in diff lines
Tests updated/added; ScriptPoliciesNormalizedDisplayTest.php passes

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #19
2026-01-01 22:02:30 +00:00

1.9 KiB
Raw Blame History

Plan: Scripts Management (013)

Branch: 013-scripts-management
Date: 2026-01-01
Input: spec.md

Goal

Provide end-to-end support for script policies (PowerShell scripts, macOS shell scripts, and proactive remediations) with readable normalized settings and safe restore behavior including assignments.

Scope

In scope

  • Script policy types:
    • deviceManagementScript
    • deviceShellScript
    • deviceHealthScript
  • Readable “Normalized settings” output for the above types.
  • Restore apply safety is preserved (type mismatch fails; preview vs execute follows existing system behavior).
  • Assignment restore is supported (using existing assignment restore mechanisms and contract metadata).

Out of scope

  • Adding new UI flows or pages.
  • Introducing new external services or background infrastructure.
  • Changing how authentication/authorization works.

Approach

  1. Confirm contract entries exist and are correct for the three script policy types (resource, type families, assignment paths/payload keys).
  2. Add a policy normalizer that supports the three script policy types and outputs a stable, readable structure.
  3. Register the normalizer in the application normalizer tag.
  4. Add tests:
    • Normalized output shape/stability for each type.
    • Filament “Normalized settings” tab renders without errors for a version of each type.
  5. Run targeted tests and Pint.

Risks & Mitigations

  • Scripts may contain large content blobs: normalized view must be readable and avoid overwhelming output (truncate or summarize where needed).
  • Platform-specific fields vary: normalizer must handle missing keys safely and remain stable.

Success Criteria

  • Normalized settings views are readable and stable for all three script policy types.
  • Restore execution remains safe and assignment behavior is unchanged/regression-free.
  • Tests cover the new normalizer behavior and basic UI render.