ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
be314c577f
TenantAtlas/apps/platform/app/Services/Providers/ProviderConnectionMutationService.php
ahmido be314c577f Spec 400: rebuild Tenantial homepage visuals (#387) 
## Summary
- rebuild the public Tenantial homepage around an evidence-first Microsoft tenant governance narrative
- replace the old hero visual with a new static dashboard preview and add dedicated Trust Bar and Feature Pillars sections
- update the shared public shell, navigation, footer, dark design tokens, assets, and homepage content to match the new brand direction
- align website smoke coverage and Spec 400 artifacts with the rebuilt homepage

## Testing
- not run in this pass
- updated website smoke specs under apps/website/tests/smoke

## Note
- `website-dev` was pushed to `origin` so the requested PR base exists remotely
- the remote `website-dev` branch is an ancestor of `origin/dev`, so this PR may also show upstream `dev` history relative to that base

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #387
2026-05-18 14:38:11 +00:00

142 lines
5.7 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Services\Providers;
use App\Models\ProviderConnection;
use App\Models\ProviderCredential;
use App\Support\Providers\ProviderConnectionType;
use App\Support\Providers\ProviderConsentStatus;
use App\Support\Providers\ProviderReasonCodes;
use App\Support\Providers\ProviderVerificationStatus;
use Illuminate\Support\Facades\DB;
use InvalidArgumentException;
final class ProviderConnectionMutationService
{
public function __construct(private readonly CredentialManager $credentials) {}
public function enableDedicatedOverride(
ProviderConnection $connection,
string $clientId,
string $clientSecret,
): ProviderConnection {
$clientId = trim($clientId);
$clientSecret = trim($clientSecret);
if ($clientId === '' || $clientSecret === '') {
throw new InvalidArgumentException('Dedicated app (client) ID and client secret are required.');
}
return DB::transaction(function () use ($connection, $clientId, $clientSecret): ProviderConnection {
$connection->loadMissing('credential');
$credential = $connection->credential;
$payload = $credential instanceof ProviderCredential && is_array($credential->payload)
? $credential->payload
: [];
$previousClientId = trim((string) ($payload['client_id'] ?? ''));
$needsConsentReset = $connection->connection_type !== ProviderConnectionType::Dedicated
|| $previousClientId === ''
|| $previousClientId !== $clientId;
$consentStatus = $needsConsentReset
? ProviderConsentStatus::Required
: $this->normalizeConsentStatus($connection->consent_status);
$verificationStatus = ProviderVerificationStatus::Unknown;
$connection->forceFill([
'connection_type' => ProviderConnectionType::Dedicated->value,
'consent_status' => $consentStatus->value,
'verification_status' => $verificationStatus->value,
'last_health_check_at' => null,
'last_error_reason_code' => $needsConsentReset
? ProviderReasonCodes::ProviderConsentMissing
: null,
'last_error_message' => null,
'scopes_granted' => $needsConsentReset ? [] : ($connection->scopes_granted ?? []),
'consent_granted_at' => $needsConsentReset ? null : $connection->consent_granted_at,
'consent_last_checked_at' => $needsConsentReset ? null : $connection->consent_last_checked_at,
'consent_error_code' => null,
'consent_error_message' => null,
])->save();
$this->credentials->upsertClientSecretCredential(
connection: $connection->fresh(),
clientId: $clientId,
clientSecret: $clientSecret,
);
return $connection->fresh(['credential']);
});
}
public function revertToPlatform(ProviderConnection $connection): ProviderConnection
{
return DB::transaction(function () use ($connection): ProviderConnection {
$connection->loadMissing('credential');
if ($connection->credential instanceof ProviderCredential) {
$connection->credential->delete();
}
$connection->forceFill([
'connection_type' => ProviderConnectionType::Platform->value,
'consent_status' => ProviderConsentStatus::Required->value,
'consent_granted_at' => null,
'consent_last_checked_at' => null,
'consent_error_code' => null,
'consent_error_message' => null,
'verification_status' => ProviderVerificationStatus::Unknown->value,
'last_health_check_at' => null,
'last_error_reason_code' => ProviderReasonCodes::ProviderConsentMissing,
'last_error_message' => null,
'scopes_granted' => [],
])->save();
return $connection->fresh(['credential']);
});
}
public function deleteDedicatedCredential(ProviderConnection $connection): ProviderConnection
{
return DB::transaction(function () use ($connection): ProviderConnection {
$connection->loadMissing('credential');
if ($connection->credential instanceof ProviderCredential) {
$connection->credential->delete();
}
$consentStatus = $this->normalizeConsentStatus($connection->consent_status);
$verificationStatus = ProviderVerificationStatus::Blocked;
$connection->forceFill([
'connection_type' => ProviderConnectionType::Dedicated->value,
'consent_status' => $consentStatus->value,
'verification_status' => $verificationStatus->value,
'last_health_check_at' => null,
'last_error_reason_code' => ProviderReasonCodes::DedicatedCredentialMissing,
'last_error_message' => 'Dedicated credential is missing.',
])->save();
return $connection->fresh(['credential']);
});
}
private function normalizeConsentStatus(
ProviderConsentStatus|string|null $consentStatus,
): ProviderConsentStatus {
if ($consentStatus instanceof ProviderConsentStatus) {
return $consentStatus;
}
if (is_string($consentStatus)) {
return ProviderConsentStatus::tryFrom(trim($consentStatus)) ?? ProviderConsentStatus::Required;
}
return ProviderConsentStatus::Required;
}
}
Reference in New Issue View Git Blame Copy Permalink