ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
9405058433
TenantAtlas/apps/platform/tests/Unit/Support/TenantConfiguration/Spec420M365CaptureClaimGuardTest.php
Ahmed Darrazi 9405058433
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 5m46s
Details
feat: complete m365 generic evidence coverage pack
2026-06-27 13:00:22 +02:00

43 lines
1.6 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Services\TenantConfiguration\ClaimGuard;
use App\Support\TenantConfiguration\ClaimState;
use App\Support\TenantConfiguration\CoverageLevel;
use App\Support\TenantConfiguration\IdentityState;
use App\Support\TenantConfiguration\RestoreTier;
use App\Support\TenantConfiguration\SourceClass;
it('Spec420 blocks broad Microsoft 365 customer-facing claims', function (string $claim): void {
expect(app(ClaimGuard::class)->evaluateStatement($claim))->toBe(ClaimState::ClaimBlocked);
})->with([
'M365 coverage is certified',
'Microsoft 365 restore-ready coverage',
'Complete tenant coverage',
'All M365 resources are supported',
'100 percent coverage',
]);
it('Spec420 blocks unsafe Conditional Access customer claims when identity is not stable', function (IdentityState $identityState): void {
$state = app(ClaimGuard::class)->evaluate(
scopeKey: 'm365_tcm_registry_detected',
requestedLevel: CoverageLevel::ContentBacked,
actualLevel: CoverageLevel::ContentBacked,
scopeComplete: false,
customerFacing: true,
customerClaimsAllowed: false,
sourceClass: SourceClass::Tcm,
restoreTier: RestoreTier::NotRestorable,
identityState: $identityState,
allowsDerivedIdentityClaims: false,
);
expect($state)->toBe(ClaimState::ClaimBlocked);
})->with([
'missing external id' => [IdentityState::MissingExternalId],
'unsupported identity' => [IdentityState::UnsupportedIdentity],
'identity conflict' => [IdentityState::IdentityConflict],
'derived identity' => [IdentityState::Derived],
]);
Reference in New Issue View Git Blame Copy Permalink