33 lines
1.7 KiB
Markdown
33 lines
1.7 KiB
Markdown
# Tasks: Endpoint Security Policy Restore (023)
|
|
|
|
**Branch**: `feat/023-endpoint-security-restore`
|
|
**Date**: 2026-01-03
|
|
**Input**: [spec.md](./spec.md), [plan.md](./plan.md)
|
|
|
|
## Phase 1: Setup
|
|
- [x] T001 Create spec/plan/tasks and checklist.
|
|
|
|
## Phase 2: Inventory & Design
|
|
- [ ] T002 Confirm current restore mode + code paths for `endpointSecurityPolicy` (`config/tenantpilot.php`, restore services).
|
|
- [ ] T003 Decide template resolution strategy (ID vs family/display name) and required Graph calls.
|
|
- [ ] T004 Define settings instance validation rules (warning vs block) for restore preview/execution.
|
|
|
|
## Phase 3: Tests (TDD)
|
|
- [ ] T005 Add feature tests for restore execution create/update for `endpointSecurityPolicy`.
|
|
- [ ] T006 Add feature tests for preview warnings when template is missing.
|
|
- [ ] T007 Add feature tests asserting restore execution fails gracefully when template is missing.
|
|
- [ ] T008 Add tests for settings validation failure paths (invalid/unknown settings instances).
|
|
- [ ] T009 Add feature tests asserting assignments are applied for endpoint security policies.
|
|
|
|
## Phase 4: Implementation
|
|
- [ ] T010 Enable restore for `endpointSecurityPolicy` in `config/tenantpilot.php`.
|
|
- [ ] T011 Implement template existence validation in restore preview and execution gating.
|
|
- [ ] T012 Implement settings instance validation against resolved template definitions.
|
|
- [ ] T013 Implement template mapping (if required) and ensure restore payload uses mapped template reference.
|
|
- [ ] T014 Ensure restore applies assignments for endpoint security policies using existing mapping logic.
|
|
|
|
## Phase 5: Verification
|
|
- [ ] T015 Run targeted tests.
|
|
- [ ] T016 Run Pint (`./vendor/bin/pint --dirty`).
|
|
|