ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
f196023d98
TenantAtlas/specs/008-apps-app-management/tasks.md
Ahmed Darrazi f196023d98 spec: add plans and tasks for 007 and 008
2025-12-27 01:16:12 +01:00

3.7 KiB
Raw Blame History

Tasks: Apps and App Management Coverage (008)

Branch: feat/008-apps-app-management | Date: 2025-12-26
Input: spec.md, plan.md

Task Format

  • Checkbox: - [ ] for incomplete, - [x] for complete
  • Task ID: Sequential T001, T002, T003...
  • [P] marker: Task can run in parallel (different files, no blocking dependencies)
  • [Story] label: User story tag (US1, US2, US3...)
  • File path: Always include exact file path in description

Phase 1: Policy Types, Contracts, Permissions

Purpose: Add app workload types and Graph contract coverage for app endpoints and assignments.

  • T001 [P] Expand app policy type registry in config/tenantpilot.php (client apps, app protection policies, app configuration policies).
  • T002 [P] Add/update Graph contracts and assignment endpoints for app workloads in config/graph_contracts.php.
  • T003 [P] Verify and extend permissions for app workloads in config/intune_permissions.php.
  • T004 Update type metadata helpers and filters in app/Filament/Resources/PolicyResource.php and app/Filament/Resources/BackupSetResource/RelationManagers/BackupItemsRelationManager.php.

Checkpoint: App workload types are discoverable and contract-backed.

Phase 2: Snapshot Capture (Metadata-Only)

Purpose: Capture app metadata without binary payloads and include assignments.

  • T005 Update app/Services/Intune/PolicySnapshotService.php to fetch app workloads and sanitize payloads.
  • T006 Add metadata-only sanitization in app/Services/Graph/GraphContractRegistry.php for app payloads (strip binary/content fields).
  • T007 Extend app/Services/Intune/PolicyCaptureOrchestrator.php to capture app assignments where supported.
  • T008 Update app/Services/Intune/BackupService.php to store app metadata-only snapshots and warnings.

Checkpoint: App backups capture metadata and assignments safely.

Phase 3: Restore Logic and Dependencies

Purpose: Restore apps in metadata-only mode with dependency ordering and safe assignment application.

  • T009 Update app/Services/Intune/RestoreService.php to restore app workloads using metadata-only payloads.
  • T010 Extend app/Services/AssignmentRestoreService.php to apply app assignments with group and filter mapping.
  • T011 Add dependency ordering for app supersedence in app/Services/Intune/AppDependencyPlanner.php.
  • T012 Add preview-only warnings for unresolved app dependencies in resources/views/filament/infolists/entries/restore-preview.blade.php.

Checkpoint: App restore handles dependencies and assignment mapping safely.

Phase 4: Admin UX

Purpose: Surface app restore constraints and metadata-only status in the UI.

  • T013 Update resources/views/filament/infolists/entries/restore-results.blade.php to show metadata-only and dependency warnings.
  • T014 Update restore item selection descriptions in app/Filament/Resources/RestoreRunResource.php for app workloads.

Checkpoint: Admins see clear metadata-only and dependency warnings.

Phase 5: Tests and Verification

Purpose: Cover app workloads with Pest tests and verify formatting.

  • T015 Add unit tests for app payload sanitization in tests/Unit/GraphContractRegistryTest.php.
  • T016 Add feature tests for app backup and restore in tests/Feature/Filament/RestorePreviewTest.php and tests/Feature/Filament/RestoreExecutionTest.php.
  • T017 Run tests: ./vendor/bin/sail artisan test tests/Unit/GraphContractRegistryTest.php tests/Feature/Filament/RestorePreviewTest.php tests/Feature/Filament/RestoreExecutionTest.php
  • T018 Run Pint: ./vendor/bin/pint --dirty

Checkpoint: Tests pass and formatting is clean.