ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
8b9ab52138
TenantAtlas/specs/009-app-protection-policy/plan.md
ahmido fbb9748725 feat/009-app-protection-policy (#11) 
Summary

add appProtectionPolicy coverage for assignments, normalize settings for UI, and skip targetedManagedAppConfiguration noise during inventory
wire up derived Graph endpoints/contracts so restores use the correct /assign paths per platform and assignments no longer rely on unsupported $expand
add normalization logic/tests plus Pact/Plan updates so capture+restore behave more like Intune’s app protection workflows and no longer expose unsupported fields

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #11
2025-12-29 16:11:50 +00:00

31 lines
1.5 KiB
Markdown
Raw Blame History

# Implementation Plan: App Protection Policy Type (009)
**Branch**: `feat/009-app-protection-policy`
**Date**: 2025-12-29
**Spec Source**: [spec.md](./spec.md)
## Summary
Make `appProtectionPolicy` reliable by:
- Filtering non-policy objects during sync (`targetedManagedAppConfiguration`).
- Adding Graph contract coverage for assignments + `@odata.type` family.
- Adding targeted Pest tests to lock in behavior.
## Execution Steps
1. Update `config/graph_contracts.php` for `appProtectionPolicy`:
- Add assignments list + assign action endpoints (and payload key if needed).
- Expand `type_family` to the common App Protection `@odata.type` values.
2. Update `app/Services/Intune/PolicySyncService.php`:
- Skip `#microsoft.graph.targetedManagedAppConfiguration` entries when syncing `appProtectionPolicy`.
3. Fix restore endpoints for assignments + policy updates:
- Use derived endpoints (e.g. `/androidManagedAppProtections/{id}` and `/androidManagedAppProtections/{id}/assign`) based on `@odata.type`.
4. Add admin-friendly normalization:
- Add `AppProtectionPolicyNormalizer` for boolean/duration formatting and Intune-like sections.
5. Add/extend tests:
- `tests/Unit/GraphContractRegistryActualDataTest.php` for `appProtectionPolicy` contract coverage.
- `tests/Feature/Jobs/*` to assert sync filtering behavior.
- `tests/Unit/*` to assert normalizer output and endpoint resolution.
6. Run formatting + tests:
- `./vendor/bin/pint --dirty`
- `./vendor/bin/sail artisan test --filter=appProtectionPolicy`
Reference in New Issue View Git Blame Copy Permalink