ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
feeaadd5ad
TenantAtlas/specs/261-provider-missing-policy-visibility/quickstart.md
ahmido feeaadd5ad feat: add provider-missing policy visibility and restore continuity (#316) 
## Summary
- separate provider-missing policy presence from local ignore semantics by introducing `missing_from_provider_at`
- update policy, backup, and restore surfaces so current-state capture stays honest while historical restore continuity remains available
- add focused sync, Filament, backup, restore, localization, and badge coverage for the new provider-missing behavior

## Scope
- policy sync and model truth
- policy resource visibility, badges, labels, and action gating
- backup/export eligibility and restore continuity messaging
- spec 261 artifacts and focused tests

## Validation
- feature-specific Pest coverage is included in the branch
- validation was not re-run as part of this commit/push/PR handoff

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #316
2026-05-01 20:18:27 +00:00

70 lines
3.9 KiB
Markdown
Raw Blame History

# Quickstart: Provider-Missing Policy Visibility & Restore Continuity v1
## Preconditions
1. Start the platform runtime if it is not already running:
```bash
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH"
cd apps/platform && ./vendor/bin/sail up -d
```
2. Keep verification inside the existing policy, backup, and restore seams. No browser smoke or heavy-governance lane is required for this slice.
## Scenario 1: Provider-missing is distinct from local ignore
1. Create or reuse a tenant policy fixture that sync normally into the local `policies` table.
2. Mark a second policy as locally ignored through the existing ignore flow.
3. Run sync with a provider payload that omits the first policy but still returns the second policy.
4. Verify:
- the omitted policy receives `missing_from_provider_at` and remains visible as provider-missing
- the locally ignored policy keeps `ignored_at`
- sync does not clear `ignored_at` for the ignored policy
## Scenario 2: Current backup/export blocks provider-missing policies
1. Reuse a policy marked provider-missing from Scenario 1 and apply the existing local ignore flow so the policy reaches the combined ignored-plus-missing state.
2. Attempt the current backup/export path from the existing policy or backup selection surface.
3. Verify:
- the combined-state policy remains visible but blocked from fresh capture
- the combined ignored-plus-missing policy is discoverable from both the `ignored` and `provider_missing` filter views
- the primary blocked reason is provider-missing
- local ignore remains visible only as secondary context, not the dominant blocker
- no new backup/export run is created for a blocked policy
## Scenario 3: Historical restore continuity remains available
1. Create or reuse a `BackupItem` for a policy that is now provider-missing.
2. Open the existing restore-run creation flow for the owning backup set.
3. Verify:
- the historical item remains selectable when otherwise eligible
- the selection UI shows a provider-missing continuity note rather than filtering the item out
## Scenario 4: Reappearance clears only provider-missing state
1. Re-run sync with the previously missing policy present again.
2. Verify:
- `missing_from_provider_at` clears
- `ignored_at` remains unchanged if the policy is locally ignored
- an audit event records the reappearance transition
## Focused Validation Commands
```bash
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Jobs/PolicySyncProviderMissingSemanticsTest.php tests/Feature/Jobs/PolicySyncIgnoredRevivalTest.php tests/Feature/Jobs/AppProtectionPolicySyncFilteringTest.php tests/Feature/PolicySyncServiceTest.php tests/Feature/PolicySyncEnrollmentConfigurationTypeCollisionTest.php tests/Feature/PolicySyncStartSurfaceTest.php
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/PolicyProviderMissingUiTest.php tests/Feature/PolicyGeneralViewTest.php tests/Feature/BulkDeletePoliciesTest.php tests/Feature/BulkUnignorePoliciesTest.php tests/Unit/Badges/PolicyBadgesTest.php
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/BulkExportToBackupTest.php tests/Feature/Filament/BackupCreationTest.php tests/Feature/Filament/BackupSetPolicyPickerTableTest.php tests/Feature/Filament/RestoreItemSelectionTest.php tests/Feature/RestoreUnknownPolicyTypeSafetyTest.php
```
## Finish
1. Run Pint on touched PHP files:
```bash
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent
```
2. Confirm there are no remaining sync-driven `ignored_at` writes in policy-sync code paths and that the slice did not introduce `SoftDeletes`, a purge path, or a new lifecycle framework before closing the feature.
Reference in New Issue View Git Blame Copy Permalink