ahmido
c86b399b43
Some checks failed
Main Confidence / confidence (push) Failing after 53s
## Summary This PR delivers three related improvements: ### 1. Finding Ownership Semantics (Spec 219) - Add responsibility/accountability labels to findings and finding exceptions - `owner_user_id` = accountable party (governance owner) - `assignee_user_id` = responsible party (technical implementer) - Expose Assign/Reassign actions in FindingResource with audit logging - Add ownership columns and filters to finding list - Propagate owner from finding to exception on creation - Tests: ownership semantics, assignment audit, workflow actions ### 2. Constitution v2.7.0 — LEAN-001 Pre-Production Lean Doctrine - New principle forbidding legacy aliases, migration shims, dual-write logic, and compatibility fixtures in a pre-production codebase - AI-agent 4-question verification gate before adding any compatibility path - Review rule: compatibility shims without answering the gate questions = merge blocker - Exit condition: LEAN-001 expires at first production deployment - Spec template: added default "Compatibility posture" block - Agent instructions: added "Pre-production compatibility check" section ### 3. Backup Set Operation Type Unification - Unified `backup_set.add_policies` and `backup_set.remove_policies` into single canonical `backup_set.update` - Removed all legacy aliases, constants, and test fixtures - Added lifecycle coverage for `backup_set.update` in config - Updated all 14+ test files referencing legacy types ### Spec Artifacts - `specs/219-finding-ownership-semantics/` — full spec, plan, tasks, research, data model, contracts, checklist ### Tests - All affected tests pass (OperationCatalog, backup set, finding workflow, ownership semantics) Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #256
65 lines
2.0 KiB
PHP
65 lines
2.0 KiB
PHP
<?php
|
|
|
|
use App\Jobs\RemovePoliciesFromBackupSetJob;
|
|
use App\Models\BackupItem;
|
|
use App\Models\BackupSet;
|
|
use App\Models\OperationRun;
|
|
use App\Notifications\OperationRunCompleted;
|
|
use App\Services\Intune\AuditLogger;
|
|
use App\Support\OperationRunLinks;
|
|
|
|
it('remove policies job sends canonical terminal notification with view link', function () {
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$backupSet = BackupSet::factory()->create([
|
|
'tenant_id' => $tenant->getKey(),
|
|
'name' => 'Test backup',
|
|
'item_count' => 0,
|
|
]);
|
|
|
|
$item = BackupItem::factory()->create([
|
|
'tenant_id' => $tenant->getKey(),
|
|
'backup_set_id' => $backupSet->getKey(),
|
|
]);
|
|
|
|
$backupSet->update(['item_count' => $backupSet->items()->count()]);
|
|
|
|
$opRun = OperationRun::create([
|
|
'tenant_id' => $tenant->getKey(),
|
|
'user_id' => $user->getKey(),
|
|
'initiator_name' => $user->name,
|
|
'type' => 'backup_set.update',
|
|
'status' => 'queued',
|
|
'outcome' => 'pending',
|
|
'run_identity_hash' => 'remove-hash-1',
|
|
'context' => [
|
|
'backup_set_id' => (int) $backupSet->getKey(),
|
|
'backup_item_ids' => [(int) $item->getKey()],
|
|
],
|
|
]);
|
|
|
|
$this->mock(AuditLogger::class, function ($mock): void {
|
|
$mock->shouldReceive('log')->zeroOrMoreTimes();
|
|
});
|
|
|
|
$job = new RemovePoliciesFromBackupSetJob(
|
|
backupSetId: (int) $backupSet->getKey(),
|
|
backupItemIds: [(int) $item->getKey()],
|
|
initiatorUserId: (int) $user->getKey(),
|
|
operationRun: $opRun,
|
|
);
|
|
|
|
$job->handle(app(AuditLogger::class));
|
|
|
|
$this->assertDatabaseHas('notifications', [
|
|
'notifiable_id' => $user->getKey(),
|
|
'notifiable_type' => $user->getMorphClass(),
|
|
'type' => OperationRunCompleted::class,
|
|
]);
|
|
|
|
$notification = $user->notifications()->latest('id')->first();
|
|
expect($notification)->not->toBeNull();
|
|
expect($notification->data['actions'][0]['url'] ?? null)
|
|
->toBe(OperationRunLinks::view($opRun, $tenant));
|
|
});
|