TenantAtlas/apps/platform/tests/Feature/Filament/PolicyVersionQualityTruthSurfaceTest.php

<?php

declare(strict_types=1);

use App\Filament\Resources\PolicyVersionResource;
use App\Models\Policy;
use App\Models\PolicyVersion;
use Filament\Facades\Filament;
use Illuminate\Foundation\Testing\RefreshDatabase;

uses(RefreshDatabase::class);

it('shows snapshot mode and backup quality on the policy-version list', function (): void {
    [$user, $tenant] = createUserWithTenant(role: 'owner');

    $this->actingAs($user);
    Filament::setTenant($tenant, true);

    $policy = Policy::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'display_name' => 'Windows Policy',
        'policy_type' => 'settingsCatalogPolicy',
        'platform' => 'windows',
    ]);

    PolicyVersion::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'policy_id' => (int) $policy->getKey(),
        'version_number' => 1,
        'snapshot' => ['id' => 'policy-1'],
        'metadata' => [],
    ]);

    PolicyVersion::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'policy_id' => (int) $policy->getKey(),
        'version_number' => 2,
        'snapshot' => [],
        'metadata' => [
            'source' => 'metadata_only',
            'assignments_fetch_failed' => true,
        ],
    ]);

    $this->get(PolicyVersionResource::getUrl('index', tenant: $tenant))
        ->assertOk()
        ->assertSee('Snapshot')
        ->assertSee('Backup quality')
        ->assertSee('Full payload')
        ->assertSee('Metadata only')
        ->assertSee('Assignment fetch failed');
});

it('shows explicit backup quality on the policy-version detail page', function (): void {
    [$user, $tenant] = createUserWithTenant(role: 'owner');

    $this->actingAs($user);
    Filament::setTenant($tenant, true);

    $policy = Policy::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'display_name' => 'Versioned policy',
        'policy_type' => 'settingsCatalogPolicy',
        'platform' => 'windows',
    ]);

    $version = PolicyVersion::factory()->create([
        'tenant_id' => (int) $tenant->getKey(),
        'policy_id' => (int) $policy->getKey(),
        'snapshot' => ['id' => 'policy-1'],
        'metadata' => [
            'has_orphaned_assignments' => true,
        ],
        'secret_fingerprints' => [
            'snapshot' => ['/clientSecret' => 'abc123'],
            'assignments' => [],
            'scope_tags' => [],
        ],
    ]);

    $this->get(PolicyVersionResource::getUrl('view', ['record' => $version], tenant: $tenant))
        ->assertOk()
        ->assertSee('Backup quality')
        ->assertSee('Orphaned assignments')
        ->assertSee('Integrity note')
        ->assertSee('Boundary')
        ->assertSee('Input quality signals do not prove safe restore');
});