ahmido
a770b32e87
Implements Spec 082 updates to the Filament Action Surface Contract: - New required list/table slot: InspectAffordance (clickable row via recordUrl preferred; also supports View action or primary link column) - Retrofit view-only tables to remove lone View row action buttons and use clickable rows - Update validator + guard tests, add golden regression assertions - Add docs: docs/ui/action-surface-contract.md Tests (local via Sail): - vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php - vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceValidatorTest.php - vendor/bin/sail artisan test --compact tests/Feature/Rbac/ActionSurfaceRbacSemanticsTest.php - vendor/bin/sail artisan test --compact tests/Feature/Filament/EntraGroupSyncRunResourceTest.php Notes: - Filament v5 / Livewire v4 compatible. - No destructive-action behavior changed in this PR. Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box> Reviewed-on: #100
101 lines
3.7 KiB
PHP
101 lines
3.7 KiB
PHP
<?php
|
|
|
|
namespace App\Filament\Resources\PolicyResource\Pages;
|
|
|
|
use App\Filament\Resources\PolicyResource;
|
|
use App\Jobs\SyncPoliciesJob;
|
|
use App\Models\Tenant;
|
|
use App\Models\User;
|
|
use App\Services\OperationRunService;
|
|
use App\Support\Auth\Capabilities;
|
|
use App\Support\OperationRunLinks;
|
|
use App\Support\OpsUx\OperationUxPresenter;
|
|
use App\Support\OpsUx\OpsUxBrowserEvents;
|
|
use App\Support\Rbac\UiEnforcement;
|
|
use Filament\Actions;
|
|
use Filament\Notifications\Notification;
|
|
use Filament\Resources\Pages\ListRecords;
|
|
|
|
class ListPolicies extends ListRecords
|
|
{
|
|
protected static string $resource = PolicyResource::class;
|
|
|
|
protected function getHeaderActions(): array
|
|
{
|
|
return [$this->makeSyncAction()];
|
|
}
|
|
|
|
protected function getTableEmptyStateActions(): array
|
|
{
|
|
return [$this->makeSyncAction()];
|
|
}
|
|
|
|
private function makeSyncAction(): Actions\Action
|
|
{
|
|
return UiEnforcement::forAction(
|
|
Actions\Action::make('sync')
|
|
->label('Sync from Intune')
|
|
->icon('heroicon-o-arrow-path')
|
|
->color('primary')
|
|
->action(function (self $livewire): void {
|
|
$tenant = Tenant::current();
|
|
$user = auth()->user();
|
|
|
|
if (! $user instanceof User || ! $tenant instanceof Tenant) {
|
|
abort(404);
|
|
}
|
|
|
|
$requestedTypes = array_map(
|
|
static fn (array $typeConfig): string => (string) $typeConfig['type'],
|
|
config('tenantpilot.supported_policy_types', [])
|
|
);
|
|
|
|
sort($requestedTypes);
|
|
|
|
/** @var OperationRunService $opService */
|
|
$opService = app(OperationRunService::class);
|
|
$opRun = $opService->ensureRun(
|
|
tenant: $tenant,
|
|
type: 'policy.sync',
|
|
inputs: [
|
|
'scope' => 'all',
|
|
'types' => $requestedTypes,
|
|
],
|
|
initiator: $user
|
|
);
|
|
|
|
if (! $opRun->wasRecentlyCreated && in_array($opRun->status, ['queued', 'running'], true)) {
|
|
Notification::make()
|
|
->title('Policy sync already active')
|
|
->body('This operation is already queued or running.')
|
|
->warning()
|
|
->actions([
|
|
Actions\Action::make('view_run')
|
|
->label('View run')
|
|
->url(OperationRunLinks::view($opRun, $tenant)),
|
|
])
|
|
->send();
|
|
|
|
return;
|
|
}
|
|
|
|
$opService->dispatchOrFail($opRun, function () use ($tenant, $requestedTypes, $opRun): void {
|
|
SyncPoliciesJob::dispatch((int) $tenant->getKey(), $requestedTypes, null, $opRun);
|
|
});
|
|
OpsUxBrowserEvents::dispatchRunEnqueued($livewire);
|
|
OperationUxPresenter::queuedToast((string) $opRun->type)
|
|
->actions([
|
|
Actions\Action::make('view_run')
|
|
->label('View run')
|
|
->url(OperationRunLinks::view($opRun, $tenant)),
|
|
])
|
|
->send();
|
|
})
|
|
)
|
|
->requireCapability(Capabilities::TENANT_SYNC)
|
|
->tooltip('You do not have permission to sync policies.')
|
|
->destructive()
|
|
->apply();
|
|
}
|
|
}
|