ahmido
412dd7ad66
Hydrate configurationPolicies/{id}/settings for endpoint security/baseline policies so snapshots include real rule data.
Treat those types like Settings Catalog policies in the normalizer so they show the searchable settings table, recognizable categories, and readable choice values (firewall-specific formatting + interface badge parsing).
Improve “General” tab cards: badge lists for platforms/technologies, template reference summary (name/family/version/ID), and ISO timestamps rendered as YYYY‑MM‑DD HH:MM:SS; added regression test for the view.
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #23
170 lines
8.0 KiB
PHP
170 lines
8.0 KiB
PHP
<?php
|
|
|
|
use App\Services\Intune\SettingsCatalogPolicyNormalizer;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(Tests\TestCase::class, RefreshDatabase::class);
|
|
|
|
it('builds a settings table for settings catalog policies', function () {
|
|
$normalizer = app(SettingsCatalogPolicyNormalizer::class);
|
|
|
|
$snapshot = [
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationPolicy',
|
|
'settings' => [
|
|
[
|
|
'id' => 's1',
|
|
'settingInstance' => [
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance',
|
|
'settingDefinitionId' => 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring',
|
|
'simpleSettingValue' => [
|
|
'value' => 1,
|
|
],
|
|
],
|
|
],
|
|
],
|
|
];
|
|
|
|
$normalized = $normalizer->normalize($snapshot, 'settingsCatalogPolicy', 'windows');
|
|
|
|
$rows = $normalized['settings_table']['rows'] ?? [];
|
|
|
|
expect($rows)->toHaveCount(1);
|
|
expect($rows[0]['definition_id'] ?? null)->toBe('device_vendor_msft_policy_config_defender_allowrealtimemonitoring');
|
|
});
|
|
|
|
it('builds a settings table for endpoint security configuration policies', function (string $policyType) {
|
|
$normalizer = app(SettingsCatalogPolicyNormalizer::class);
|
|
|
|
$snapshot = [
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationPolicy',
|
|
'settings' => [
|
|
[
|
|
'id' => 's1',
|
|
'settingInstance' => [
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance',
|
|
'settingDefinitionId' => 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring',
|
|
'simpleSettingValue' => [
|
|
'value' => 1,
|
|
],
|
|
],
|
|
],
|
|
],
|
|
];
|
|
|
|
$normalized = $normalizer->normalize($snapshot, $policyType, 'windows');
|
|
|
|
$rows = $normalized['settings_table']['rows'] ?? [];
|
|
|
|
expect($rows)->toHaveCount(1);
|
|
expect($rows[0]['definition_id'] ?? null)->toBe('device_vendor_msft_policy_config_defender_allowrealtimemonitoring');
|
|
})->with([
|
|
'endpointSecurityPolicy',
|
|
'securityBaselinePolicy',
|
|
]);
|
|
|
|
it('prettifies endpoint security firewall rules settings for display', function () {
|
|
$normalizer = app(SettingsCatalogPolicyNormalizer::class);
|
|
|
|
$groupDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}';
|
|
$nameDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_displayname';
|
|
$directionDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_direction';
|
|
$actionDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_action';
|
|
$interfaceTypesDefinitionId = 'vendor_msft_firewall_mdmstore_firewallrules_{FirewallRuleId}_interfacetypes';
|
|
|
|
$snapshot = [
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationPolicy',
|
|
'templateReference' => [
|
|
'templateFamily' => 'endpointSecurityFirewall',
|
|
'templateDisplayName' => 'Windows Firewall Rules',
|
|
'templateDisplayVersion' => 'Version 1',
|
|
],
|
|
'settings' => [
|
|
[
|
|
'id' => 'rule-1',
|
|
'settingInstance' => [
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance',
|
|
'settingDefinitionId' => $groupDefinitionId,
|
|
'groupSettingCollectionValue' => [
|
|
[
|
|
'children' => [
|
|
[
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance',
|
|
'settingDefinitionId' => $nameDefinitionId,
|
|
'simpleSettingValue' => [
|
|
'value' => 'Test0',
|
|
],
|
|
],
|
|
[
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance',
|
|
'settingDefinitionId' => $directionDefinitionId,
|
|
'choiceSettingValue' => [
|
|
'value' => "{$directionDefinitionId}_in",
|
|
],
|
|
],
|
|
[
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance',
|
|
'settingDefinitionId' => $actionDefinitionId,
|
|
'choiceSettingValue' => [
|
|
'value' => "{$actionDefinitionId}_allow",
|
|
],
|
|
],
|
|
[
|
|
'@odata.type' => '#microsoft.graph.deviceManagementConfigurationChoiceSettingCollectionInstance',
|
|
'settingDefinitionId' => $interfaceTypesDefinitionId,
|
|
'choiceSettingCollectionValue' => [
|
|
[
|
|
'value' => "{$interfaceTypesDefinitionId}_lan",
|
|
'children' => [],
|
|
],
|
|
[
|
|
'value' => "{$interfaceTypesDefinitionId}_remoteaccess",
|
|
'children' => [],
|
|
],
|
|
],
|
|
],
|
|
],
|
|
],
|
|
],
|
|
],
|
|
],
|
|
],
|
|
];
|
|
|
|
$normalized = $normalizer->normalize($snapshot, 'endpointSecurityPolicy', 'windows');
|
|
$rows = collect($normalized['settings_table']['rows'] ?? []);
|
|
|
|
$groupRow = $rows->firstWhere('definition_id', $groupDefinitionId);
|
|
expect($groupRow)->not->toBeNull();
|
|
expect($groupRow['category'] ?? null)->toBe('Windows Firewall Rules');
|
|
expect($groupRow['definition'] ?? null)->toBe('Firewall rule');
|
|
expect($groupRow['data_type'] ?? null)->toBe('Group');
|
|
expect($groupRow['value'] ?? null)->toBe('(group)');
|
|
|
|
$nameRow = $rows->firstWhere('definition_id', $nameDefinitionId);
|
|
expect($nameRow)->not->toBeNull();
|
|
expect($nameRow['category'] ?? null)->toBe('Windows Firewall Rules');
|
|
expect($nameRow['definition'] ?? null)->toBe('Name');
|
|
expect($nameRow['value'] ?? null)->toBe('Test0');
|
|
|
|
$directionRow = $rows->firstWhere('definition_id', $directionDefinitionId);
|
|
expect($directionRow)->not->toBeNull();
|
|
expect($directionRow['category'] ?? null)->toBe('Windows Firewall Rules');
|
|
expect($directionRow['definition'] ?? null)->toBe('Direction');
|
|
expect($directionRow['data_type'] ?? null)->toBe('Choice');
|
|
expect($directionRow['value'] ?? null)->toBe('Inbound');
|
|
|
|
$actionRow = $rows->firstWhere('definition_id', $actionDefinitionId);
|
|
expect($actionRow)->not->toBeNull();
|
|
expect($actionRow['category'] ?? null)->toBe('Windows Firewall Rules');
|
|
expect($actionRow['definition'] ?? null)->toBe('Action');
|
|
expect($actionRow['data_type'] ?? null)->toBe('Choice');
|
|
expect($actionRow['value'] ?? null)->toBe('Allow');
|
|
|
|
$interfaceTypesRow = $rows->firstWhere('definition_id', $interfaceTypesDefinitionId);
|
|
expect($interfaceTypesRow)->not->toBeNull();
|
|
expect($interfaceTypesRow['category'] ?? null)->toBe('Windows Firewall Rules');
|
|
expect($interfaceTypesRow['definition'] ?? null)->toBe('Interface types');
|
|
expect($interfaceTypesRow['data_type'] ?? null)->toBe('Choice');
|
|
expect($interfaceTypesRow['value'] ?? null)->toBe('LAN, Remote access');
|
|
});
|