ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
ad16eee591
TenantAtlas/apps/platform/tests/Architecture/ReasonTranslationPrimarySurfaceGuardTest.php
ahmido ad16eee591 Spec 204: harden platform core vocabulary (#234) 
## Summary
- add the Spec 204 platform vocabulary foundation, including canonical glossary terms, registry ownership descriptors, canonical operation type and alias resolution, and explicit reason ownership and platform reason-family metadata
- harden platform-facing compare, snapshot, evidence, monitoring, review, and reporting surfaces so they prefer governed-subject and canonical operation semantics while preserving intentional Intune-owned terminology
- extend Spec 204 unit, feature, Filament, and architecture coverage and add the full spec artifacts, checklist, and completed task ledger

## Verification
- ran the focused recent-change Sail verification pack for the new glossary and reason-semantics work
- ran the full Spec 204 quickstart verification pack under Sail
- ran `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- ran an integrated-browser smoke pass covering tenant dashboard, operations, operation detail, baseline compare, evidence, reviews, review packs, provider connections, inventory items, backup schedules, onboarding, and the system dashboard/operations/failures/run-detail surfaces

## Notes
- provider registration is unchanged and remains in `bootstrap/providers.php`
- no new destructive actions or asset-registration changes are introduced by this branch

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #234
2026-04-14 06:09:42 +00:00

58 lines
2.9 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use App\Support\Baselines\BaselineCompareReasonCode;
use App\Support\Governance\PlatformVocabularyGlossary;
use App\Support\Operations\ExecutionDenialReasonCode;
use App\Support\Providers\ProviderReasonCodes;
use App\Support\RbacReason;
use App\Support\ReasonTranslation\ReasonTranslator;
use App\Support\Tenants\TenantOperabilityReasonCode;
it('keeps adopted operator labels free from raw internal reason codes', function (): void {
$translator = app(ReasonTranslator::class);
$reasonCodes = [
ExecutionDenialReasonCode::MissingCapability->value,
ProviderReasonCodes::ProviderConsentMissing,
TenantOperabilityReasonCode::RememberedContextStale->value,
RbacReason::ManualAssignmentRequired->value,
];
foreach ($reasonCodes as $reasonCode) {
$envelope = $translator->translate($reasonCode);
expect($envelope)->not->toBeNull()
->and($envelope?->operatorLabel)->not->toBe($reasonCode)
->and($envelope?->operatorLabel)->not->toContain('_');
}
});
it('uses the canonical operator vocabulary for adopted reason families', function (): void {
expect(ExecutionDenialReasonCode::MissingCapability->toReasonResolutionEnvelope()->operatorLabel)->toBe('Permission required')
->and(app(ReasonTranslator::class)->translate(ProviderReasonCodes::ProviderPermissionDenied)?->operatorLabel)->toBe('Permission denied')
->and(TenantOperabilityReasonCode::TenantAlreadyArchived->toReasonResolutionEnvelope()->guidanceText())->toBe('No action needed.')
->and(RbacReason::ManualAssignmentRequired->toReasonResolutionEnvelope()->operatorLabel)->toBe('Manual role assignment required');
});
it('keeps primary-surface reason ownership inside the allowed three-way boundary classification', function (): void {
$translator = app(ReasonTranslator::class);
$classifications = collect([
$translator->boundaryClassification(ExecutionDenialReasonCode::MissingCapability->value, ReasonTranslator::EXECUTION_DENIAL_ARTIFACT),
$translator->boundaryClassification(ProviderReasonCodes::ProviderConsentMissing),
$translator->boundaryClassification(TenantOperabilityReasonCode::RememberedContextStale->value, ReasonTranslator::TENANT_OPERABILITY_ARTIFACT),
$translator->boundaryClassification(RbacReason::ManualAssignmentRequired->value, ReasonTranslator::RBAC_ARTIFACT),
$translator->boundaryClassification(BaselineCompareReasonCode::CoverageUnproven->value, ReasonTranslator::GOVERNANCE_ARTIFACT_TRUTH_ARTIFACT),
])
->filter()
->unique()
->values()
->all();
expect($classifications)->toEqualCanonicalizing([
PlatformVocabularyGlossary::BOUNDARY_PLATFORM_CORE,
PlatformVocabularyGlossary::BOUNDARY_CROSS_DOMAIN_GOVERNANCE,
PlatformVocabularyGlossary::BOUNDARY_INTUNE_SPECIFIC,
]);
});
Reference in New Issue View Git Blame Copy Permalink