AuthorizationApproval
extends BaseEntity
in package
AuthorizationApproval Entity
Tracks an individual approver's response within the authorization approval workflow. Manages secure token validation, approval decisions, and complete audit trail.
Key Responsibilities:
- Store approver decision (approve/deny) for specific authorization requests
- Maintain secure tokens for email-based approval workflows
- Track timing of approval requests and responses
- Provide complete approval history for audit and compliance
Core Fields:
authorization_id: Links to Authorization entityapprover_id: Member making the approval decisionauthorization_token: Secure token for email validationrequested_on: When approval request was sentresponded_on: When approver responded (NULL if pending)approved: Final decision (true/false)approver_notes: Optional decision justification
Audit Fields (inherited from BaseEntity):
created,modified: Automatic timestampscreated_by,modified_by: User accountability
Security:
- Unique authorization_token prevents unauthorized approval manipulation
- Audit trail provides complete decision accountability
- Mass assignment protection on core fields
- Integration with RBAC for approver authority validation
Tags
Table of Contents
Properties
- $approved : bool
- $approver_id : int
- $approver_notes : string|null
- $authorization : Authorization
- $authorization_id : int
- $authorization_token : string
- $branch_id : int|null
- $created : DateTime|null
- $id : int
- $member : Member
- $modified : DateTime|null
- $requested_on : Date
- $responded_on : Date|null
- $_accessible : array<string, bool>
- Fields that can be mass assigned using newEntity() or patchEntity().
Methods
- getBranchId() : int|null
- Get the branch ID for authorization checks.
Properties
$approved
public
bool
$approved
Approval decision (true = approved, false = denied)
$approver_id
public
int
$approver_id
Foreign key to Member (approver)
$approver_notes
public
string|null
$approver_notes
Optional decision notes
$authorization
public
Authorization
$authorization
The authorization being evaluated
$authorization_id
public
int
$authorization_id
Foreign key to Authorization
$authorization_token
public
string
$authorization_token
Secure email validation token
$branch_id
public
int|null
$branch_id
Associated branch ID (when applicable)
$created
public
DateTime|null
$created
Creation timestamp
$id
public
int
$id
Primary key
$member
public
Member
$member
The approver member
$modified
public
DateTime|null
$modified
Last modification timestamp
$requested_on
public
Date
$requested_on
Request timestamp
$responded_on
public
Date|null
$responded_on
Response timestamp
$_accessible
Fields that can be mass assigned using newEntity() or patchEntity().
protected
array<string, bool>
$_accessible
= ["authorization_id" => true, "approver_id" => true, "authorization_token" => true, "requested_on" => true, "responded_on" => true, "approved" => true, "approver_notes" => true, "authorization" => true, "member" => true]
Note that when '' is set to true, this allows all unspecified fields to be mass assigned. For security purposes, it is advised to set '' to false (or remove it), and explicitly make individual fields accessible as needed.
Methods
getBranchId()
Get the branch ID for authorization checks.
public
getBranchId() : int|null
Child classes should override for complex branch relationships.
Return values
int|null —The branch ID, or null if no association