TenantAtlas/app/Filament/Resources/PolicyResource/Pages/ViewPolicy.php

<?php

namespace App\Filament\Resources\PolicyResource\Pages;

use App\Filament\Resources\PolicyResource;
use App\Jobs\CapturePolicySnapshotJob;
use App\Services\OperationRunService;
use App\Services\Operations\BulkSelectionIdentity;
use App\Support\OperationRunLinks;
use App\Support\OpsUx\OperationUxPresenter;
use Filament\Actions\Action;
use Filament\Forms;
use Filament\Notifications\Notification;
use Filament\Resources\Pages\ViewRecord;
use Filament\Support\Enums\Width;
use Illuminate\Support\Str;

class ViewPolicy extends ViewRecord
{
    protected static string $resource = PolicyResource::class;

    protected Width|string|null $maxContentWidth = Width::Full;

    protected function getActions(): array
    {
        return [
            Action::make('capture_snapshot')
                ->label('Capture snapshot')
                ->requiresConfirmation()
                ->modalHeading('Capture snapshot now')
                ->modalSubheading('This queues a background job that fetches the latest configuration from Microsoft Graph and stores a new policy version.')
                ->form([
                    Forms\Components\Checkbox::make('include_assignments')
                        ->label('Include assignments')
                        ->default(true)
                        ->helperText('Captures assignment include/exclude targeting and filters.'),
                    Forms\Components\Checkbox::make('include_scope_tags')
                        ->label('Include scope tags')
                        ->default(true)
                        ->helperText('Captures policy scope tag IDs.'),
                ])
                ->action(function (array $data) {
                    $policy = $this->record;

                    $tenant = $policy->tenant;
                    $user = auth()->user();

                    if (! $tenant || ! $user) {
                        Notification::make()
                            ->title('Missing tenant or user context.')
                            ->danger()
                            ->send();

                        return;
                    }

                    /** @var BulkSelectionIdentity $selection */
                    $selection = app(BulkSelectionIdentity::class);
                    $selectionIdentity = $selection->fromIds([(string) $policy->getKey()]);

                    /** @var OperationRunService $runs */
                    $runs = app(OperationRunService::class);

                    $opRun = $runs->enqueueBulkOperation(
                        tenant: $tenant,
                        type: 'policy.capture_snapshot',
                        targetScope: [
                            'entra_tenant_id' => (string) ($tenant->tenant_id ?? $tenant->external_id),
                        ],
                        selectionIdentity: $selectionIdentity,
                        dispatcher: function ($operationRun) use ($tenant, $policy, $user, $data): void {
                            CapturePolicySnapshotJob::dispatch(
                                tenantId: (int) $tenant->getKey(),
                                userId: (int) $user->getKey(),
                                policyId: (int) $policy->getKey(),
                                includeAssignments: (bool) ($data['include_assignments'] ?? false),
                                includeScopeTags: (bool) ($data['include_scope_tags'] ?? false),
                                createdBy: $user->email ? Str::limit($user->email, 255, '') : null,
                                operationRun: $operationRun,
                                context: [],
                            );
                        },
                        initiator: $user,
                        extraContext: [
                            'policy_id' => (int) $policy->getKey(),
                            'include_assignments' => (bool) ($data['include_assignments'] ?? false),
                            'include_scope_tags' => (bool) ($data['include_scope_tags'] ?? false),
                        ],
                        emitQueuedNotification: false,
                    );

                    if (! $opRun->wasRecentlyCreated) {
                        Notification::make()
                            ->title('Snapshot already in progress')
                            ->body('An active run already exists for this policy. Opening run details.')
                            ->actions([
                                \Filament\Actions\Action::make('view_run')
                                    ->label('View run')
                                    ->url(OperationRunLinks::view($opRun, $tenant)),
                            ])
                            ->info()
                            ->send();

                        $this->redirect(OperationRunLinks::view($opRun, $tenant));

                        return;
                    }
                    OperationUxPresenter::queuedToast('policy.capture_snapshot')
                        ->actions([
                            \Filament\Actions\Action::make('view_run')
                                ->label('View run')
                                ->url(OperationRunLinks::view($opRun, $tenant)),
                        ])
                        ->send();

                    $this->redirect(OperationRunLinks::view($opRun, $tenant));
                })
                ->color('primary'),
        ];
    }
}