ahmido
ce0615a9c1
## Summary - move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling - update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location - add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation` - integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404` ## Remaining Rollout Checks - validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout - confirm web, queue, and scheduler processes all start from the expected working directory in staging/production - verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #213
188 lines
6.3 KiB
PHP
188 lines
6.3 KiB
PHP
<?php
|
|
|
|
use App\Models\BackupItem;
|
|
use App\Models\BackupSet;
|
|
use App\Models\Policy;
|
|
use App\Models\Tenant;
|
|
use App\Models\User;
|
|
use App\Services\Graph\GraphClientInterface;
|
|
use App\Services\Graph\GraphResponse;
|
|
use App\Services\Intune\RestoreService;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
class GroupPolicyRestoreGraphClient implements GraphClientInterface
|
|
{
|
|
/**
|
|
* @var array<int, array{policy_type:string,policy_id:string,payload:array}>
|
|
*/
|
|
public array $applyPolicyCalls = [];
|
|
|
|
/**
|
|
* @var array<int, array{method:string,path:string,payload:array|null}>
|
|
*/
|
|
public array $requestCalls = [];
|
|
|
|
/**
|
|
* @param array<int, GraphResponse> $requestResponses
|
|
*/
|
|
public function __construct(
|
|
private readonly GraphResponse $applyPolicyResponse,
|
|
private array $requestResponses = [],
|
|
) {}
|
|
|
|
public function listPolicies(string $policyType, array $options = []): GraphResponse
|
|
{
|
|
return new GraphResponse(true, []);
|
|
}
|
|
|
|
public function getPolicy(string $policyType, string $policyId, array $options = []): GraphResponse
|
|
{
|
|
return new GraphResponse(true, ['payload' => []]);
|
|
}
|
|
|
|
public function getOrganization(array $options = []): GraphResponse
|
|
{
|
|
return new GraphResponse(true, []);
|
|
}
|
|
|
|
public function applyPolicy(string $policyType, string $policyId, array $payload, array $options = []): GraphResponse
|
|
{
|
|
$this->applyPolicyCalls[] = [
|
|
'policy_type' => $policyType,
|
|
'policy_id' => $policyId,
|
|
'payload' => $payload,
|
|
];
|
|
|
|
return $this->applyPolicyResponse;
|
|
}
|
|
|
|
public function getServicePrincipalPermissions(array $options = []): GraphResponse
|
|
{
|
|
return new GraphResponse(true, []);
|
|
}
|
|
|
|
public function request(string $method, string $path, array $options = []): GraphResponse
|
|
{
|
|
$this->requestCalls[] = [
|
|
'method' => strtoupper($method),
|
|
'path' => $path,
|
|
'payload' => $options['json'] ?? null,
|
|
];
|
|
|
|
$response = array_shift($this->requestResponses);
|
|
|
|
return $response ?? new GraphResponse(true, []);
|
|
}
|
|
}
|
|
|
|
test('restore applies administrative template definition values', function () {
|
|
$policyResponse = new GraphResponse(true, [], 200, [], [], ['request_id' => 'req-policy', 'client_request_id' => 'client-policy']);
|
|
|
|
$listExisting = new GraphResponse(true, [
|
|
'value' => [
|
|
['id' => 'existing-dv-1'],
|
|
],
|
|
]);
|
|
|
|
$deleteExisting = new GraphResponse(true, []);
|
|
$createDefinitionValue = new GraphResponse(true, []);
|
|
|
|
$client = new GroupPolicyRestoreGraphClient($policyResponse, [
|
|
$listExisting,
|
|
$deleteExisting,
|
|
$createDefinitionValue,
|
|
]);
|
|
|
|
app()->instance(GraphClientInterface::class, $client);
|
|
|
|
$tenant = Tenant::create([
|
|
'tenant_id' => 'tenant-gpo-restore',
|
|
'name' => 'Tenant One',
|
|
'metadata' => [],
|
|
]);
|
|
|
|
ensureDefaultProviderConnection($tenant);
|
|
|
|
$policy = Policy::create([
|
|
'tenant_id' => $tenant->id,
|
|
'external_id' => 'gpo-1',
|
|
'policy_type' => 'groupPolicyConfiguration',
|
|
'display_name' => 'Admin Templates Alpha',
|
|
'platform' => 'windows',
|
|
]);
|
|
|
|
$backupSet = BackupSet::create([
|
|
'tenant_id' => $tenant->id,
|
|
'name' => 'Backup',
|
|
'status' => 'completed',
|
|
'item_count' => 1,
|
|
]);
|
|
|
|
$payload = [
|
|
'id' => 'gpo-1',
|
|
'displayName' => 'Admin Templates Alpha',
|
|
'@odata.type' => '#microsoft.graph.groupPolicyConfiguration',
|
|
'definitionValues' => [
|
|
[
|
|
'enabled' => true,
|
|
'definition@odata.bind' => 'https://graph.microsoft.com/beta/deviceManagement/groupPolicyDefinitions(\'def-1\')',
|
|
'#Definition_Id' => 'def-1',
|
|
'#Definition_displayName' => 'Block legacy auth',
|
|
'presentationValues' => [
|
|
[
|
|
'presentation@odata.bind' => 'https://graph.microsoft.com/beta/deviceManagement/groupPolicyDefinitions(\'def-1\')/presentations(\'pres-1\')',
|
|
'#Presentation_Label' => 'State',
|
|
'#Presentation_Id' => 'pres-1',
|
|
'value' => 'enabled',
|
|
],
|
|
],
|
|
],
|
|
],
|
|
];
|
|
|
|
$backupItem = BackupItem::create([
|
|
'tenant_id' => $tenant->id,
|
|
'backup_set_id' => $backupSet->id,
|
|
'policy_id' => $policy->id,
|
|
'policy_identifier' => $policy->external_id,
|
|
'policy_type' => $policy->policy_type,
|
|
'platform' => $policy->platform,
|
|
'payload' => $payload,
|
|
]);
|
|
|
|
$user = User::factory()->create();
|
|
$this->actingAs($user);
|
|
|
|
$service = app(RestoreService::class);
|
|
$run = $service->execute(
|
|
tenant: $tenant,
|
|
backupSet: $backupSet,
|
|
selectedItemIds: [$backupItem->id],
|
|
dryRun: false,
|
|
actorEmail: $user->email,
|
|
actorName: $user->name,
|
|
)->refresh();
|
|
|
|
expect($run->status)->toBe('completed');
|
|
$result = $run->results['items'][$backupItem->id] ?? null;
|
|
expect($result)->not->toBeNull();
|
|
expect($result['status'] ?? null)->toBe('applied');
|
|
expect($result['definition_value_summary']['success'] ?? null)->toBe(1);
|
|
|
|
expect($client->applyPolicyCalls)->toHaveCount(1);
|
|
expect($client->applyPolicyCalls[0]['policy_type'])->toBe('groupPolicyConfiguration');
|
|
|
|
expect($client->requestCalls)->toHaveCount(3);
|
|
expect($client->requestCalls[0]['method'])->toBe('GET');
|
|
expect($client->requestCalls[0]['path'])->toContain('/deviceManagement/groupPolicyConfigurations/gpo-1/definitionValues');
|
|
expect($client->requestCalls[1]['method'])->toBe('DELETE');
|
|
expect($client->requestCalls[1]['path'])->toContain('/deviceManagement/groupPolicyConfigurations/gpo-1/definitionValues/existing-dv-1');
|
|
expect($client->requestCalls[2]['method'])->toBe('POST');
|
|
expect($client->requestCalls[2]['path'])->toContain('/deviceManagement/groupPolicyConfigurations/gpo-1/definitionValues');
|
|
expect($client->requestCalls[2]['payload'])->toBeArray();
|
|
expect($client->requestCalls[2]['payload'])->toHaveKey('definition@odata.bind');
|
|
expect($client->requestCalls[2]['payload'])->not->toHaveKey('#Definition_displayName');
|
|
});
|