TenantAtlas/tests/Feature/Filament/AppProtectionPolicySettingsDisplayTest.php

<?php

use App\Filament\Resources\PolicyResource;
use App\Models\Policy;
use App\Models\PolicyVersion;
use App\Models\Tenant;
use App\Models\User;
use Carbon\CarbonImmutable;
use Illuminate\Foundation\Testing\RefreshDatabase;

uses(RefreshDatabase::class);

test('policy detail shows app protection settings in readable sections', function () {
    $tenant = Tenant::create([
        'tenant_id' => 'local-tenant',
        'name' => 'Tenant One',
        'metadata' => [],
        'is_current' => true,
    ]);

    putenv('INTUNE_TENANT_ID='.$tenant->tenant_id);
    $tenant->makeCurrent();

    $policy = Policy::create([
        'tenant_id' => $tenant->id,
        'external_id' => 'policy-1',
        'policy_type' => 'appProtectionPolicy',
        'display_name' => 'Teams',
        'platform' => 'mobile',
    ]);

    PolicyVersion::create([
        'tenant_id' => $tenant->id,
        'policy_id' => $policy->id,
        'version_number' => 1,
        'policy_type' => $policy->policy_type,
        'platform' => $policy->platform,
        'created_by' => 'tester@example.com',
        'captured_at' => CarbonImmutable::now(),
        'snapshot' => [
            '@odata.type' => '#microsoft.graph.androidManagedAppProtection',
            'displayName' => 'Teams',
            'dataBackupBlocked' => false,
            'pinRequired' => true,
            'periodOnlineBeforeAccessCheck' => 'PT30M',
        ],
    ]);

    $user = User::factory()->create();
    $user->tenants()->syncWithoutDetaching([
        $tenant->getKey() => ['role' => 'owner'],
    ]);

    $response = $this->actingAs($user)
        ->get(PolicyResource::getUrl('view', ['record' => $policy], tenant: $tenant));

    $response->assertOk();
    $response->assertSee('Data Protection');
    $response->assertSee('Prevent backups');
    $response->assertSee('Allowed');
    $response->assertSee('Platform');
    $response->assertSee('Android');
    $response->assertSee('Access Requirements');
    $response->assertSee('PIN for access');
    $response->assertSee('Required');
    $response->assertSee('Recheck access requirements after');
    $response->assertSee('30 minutes');
});