ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
8f3777c063
TenantAtlas/app/Services/Intune/TenantConfigService.php
ahmido 1acbf8cc54 feat(spec-088): remove tenant graphOptions legacy path (#105) 
## Summary
- remove tenant-based Graph options access from runtime service paths and enforce provider-only resolution
- add `MicrosoftGraphOptionsResolver` and `ProviderConfigurationRequiredException` for centralized, actionable provider-config errors
- turn `Tenant::graphOptions()` into a fail-fast kill switch to prevent legacy runtime usage
- add and update tests (including guardrail) to enforce no reintroduction in `app/`
- update Spec 088 artifacts (`spec`, `plan`, `research`, `tasks`, checklist)

## Validation
- `vendor/bin/sail bin pint --dirty`
- `vendor/bin/sail artisan test --compact --filter=NoLegacyTenantGraphOptions`
- `vendor/bin/sail artisan test --compact tests/Feature/Filament`
- `CI=1 vendor/bin/sail artisan test --compact`

## Notes
- Branch includes the guardrail test for legacy callsite detection in `app/`.
- Full suite currently green: 1227 passed, 5 skipped.

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #105
2026-02-12 10:14:44 +00:00

81 lines
2.5 KiB
PHP
Raw Blame History

<?php
namespace App\Services\Intune;
use App\Models\Tenant;
use App\Services\Graph\GraphClientInterface;
use App\Services\Graph\GraphErrorMapper;
use App\Services\Providers\MicrosoftGraphOptionsResolver;
use App\Services\Providers\ProviderConfigurationRequiredException;
use App\Support\Providers\ProviderReasonCodes;
use Throwable;
class TenantConfigService
{
public function __construct(
private readonly GraphClientInterface $graphClient,
private readonly MicrosoftGraphOptionsResolver $graphOptionsResolver,
) {}
/**
* @return array{success:bool,error_message:?string,requires_consent:bool}
*/
public function testConnectivity(Tenant $tenant): array
{
try {
$options = $this->graphOptions($tenant);
} catch (ProviderConfigurationRequiredException $exception) {
return [
'success' => false,
'error_message' => $exception->getMessage(),
'requires_consent' => $exception->reasonCode === ProviderReasonCodes::ProviderConsentMissing,
];
}
if ($options['tenant'] === null) {
return [
'success' => false,
'error_message' => 'Tenant ID is missing',
'requires_consent' => false,
];
}
try {
$response = $this->graphClient->getOrganization($options);
} catch (Throwable $throwable) {
$mapped = GraphErrorMapper::fromThrowable($throwable, ['tenant' => $options['tenant']]);
return [
'success' => false,
'error_message' => $mapped->getMessage(),
'requires_consent' => $this->requiresConsent($mapped->getMessage()),
];
}
if ($response->failed()) {
$message = $response->errors[0]['message'] ?? $response->errors[0] ?? 'Graph connectivity failed';
return [
'success' => false,
'error_message' => is_string($message) ? $message : json_encode($message),
'requires_consent' => $this->requiresConsent((string) $message),
];
}
return ['success' => true, 'error_message' => null, 'requires_consent' => false];
}
/**
* @return array<string, mixed>
*/
public function graphOptions(Tenant $tenant): array
{
return $this->graphOptionsResolver->resolveForTenant($tenant);
}
private function requiresConsent(string $message): bool
{
return str_contains(strtolower($message), 'consent');
}
}
Reference in New Issue View Git Blame Copy Permalink