ahmido
ce0615a9c1
## Summary - move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling - update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location - add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation` - integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404` ## Remaining Rollout Checks - validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout - confirm web, queue, and scheduler processes all start from the expected working directory in staging/production - verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #213
100 lines
4.4 KiB
PHP
100 lines
4.4 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Services\Evidence\Sources;
|
|
|
|
use App\Models\Finding;
|
|
use App\Models\Tenant;
|
|
use App\Services\Evidence\Contracts\EvidenceSourceProvider;
|
|
use App\Services\Findings\FindingRiskGovernanceResolver;
|
|
use App\Support\Evidence\EvidenceCompletenessState;
|
|
|
|
final class FindingsSummarySource implements EvidenceSourceProvider
|
|
{
|
|
public function __construct(
|
|
private readonly FindingRiskGovernanceResolver $governanceResolver,
|
|
) {}
|
|
|
|
public function key(): string
|
|
{
|
|
return 'findings_summary';
|
|
}
|
|
|
|
public function collect(Tenant $tenant): array
|
|
{
|
|
$findings = Finding::query()
|
|
->where('tenant_id', (int) $tenant->getKey())
|
|
->with('findingException.currentDecision')
|
|
->orderByDesc('updated_at')
|
|
->get();
|
|
|
|
$latest = $findings->max('updated_at') ?? $findings->max('created_at');
|
|
$entries = $findings->map(function (Finding $finding): array {
|
|
$governanceState = $this->governanceResolver->resolveFindingState($finding, $finding->findingException);
|
|
$governanceWarning = $this->governanceResolver->resolveWarningMessage($finding, $finding->findingException);
|
|
|
|
return [
|
|
'id' => (int) $finding->getKey(),
|
|
'finding_type' => (string) $finding->finding_type,
|
|
'severity' => (string) $finding->severity,
|
|
'status' => (string) $finding->status,
|
|
'title' => $finding->title,
|
|
'description' => $finding->description,
|
|
'created_at' => $finding->created_at?->toIso8601String(),
|
|
'updated_at' => $finding->updated_at?->toIso8601String(),
|
|
'governance_state' => $governanceState,
|
|
'governance_warning' => $governanceWarning,
|
|
];
|
|
});
|
|
$riskAcceptedEntries = $entries->filter(
|
|
static fn (array $entry): bool => ($entry['status'] ?? null) === Finding::STATUS_RISK_ACCEPTED,
|
|
);
|
|
$warningStates = [
|
|
'expired_exception',
|
|
'revoked_exception',
|
|
'rejected_exception',
|
|
'risk_accepted_without_valid_exception',
|
|
];
|
|
|
|
$summary = [
|
|
'count' => $findings->count(),
|
|
'open_count' => $findings->filter(fn (Finding $finding): bool => $finding->hasOpenStatus())->count(),
|
|
'severity_counts' => [
|
|
'critical' => $findings->where('severity', Finding::SEVERITY_CRITICAL)->count(),
|
|
'high' => $findings->where('severity', Finding::SEVERITY_HIGH)->count(),
|
|
'medium' => $findings->where('severity', Finding::SEVERITY_MEDIUM)->count(),
|
|
'low' => $findings->where('severity', Finding::SEVERITY_LOW)->count(),
|
|
],
|
|
'risk_acceptance' => [
|
|
'status_marked_count' => $riskAcceptedEntries->count(),
|
|
'valid_governed_count' => $riskAcceptedEntries->filter(
|
|
static fn (array $entry): bool => in_array($entry['governance_state'] ?? null, ['valid_exception', 'expiring_exception'], true),
|
|
)->count(),
|
|
'warning_count' => $riskAcceptedEntries->filter(
|
|
static fn (array $entry): bool => in_array($entry['governance_state'] ?? null, $warningStates, true),
|
|
)->count(),
|
|
'expired_count' => $riskAcceptedEntries->where('governance_state', 'expired_exception')->count(),
|
|
'revoked_count' => $riskAcceptedEntries->where('governance_state', 'revoked_exception')->count(),
|
|
'missing_exception_count' => $riskAcceptedEntries->where('governance_state', 'risk_accepted_without_valid_exception')->count(),
|
|
],
|
|
'entries' => $entries->all(),
|
|
];
|
|
|
|
return [
|
|
'dimension_key' => $this->key(),
|
|
'state' => $findings->isEmpty() ? EvidenceCompletenessState::Missing->value : EvidenceCompletenessState::Complete->value,
|
|
'required' => true,
|
|
'source_kind' => 'model_summary',
|
|
'source_record_type' => 'finding',
|
|
'source_record_id' => null,
|
|
'source_fingerprint' => $findings->max('fingerprint'),
|
|
'measured_at' => $latest,
|
|
'freshness_at' => $latest,
|
|
'summary_payload' => $summary,
|
|
'fingerprint_payload' => $summary + ['latest' => $latest?->format(DATE_ATOM)],
|
|
'sort_order' => 10,
|
|
];
|
|
}
|
|
}
|