KMP PHP API Reference

AuthorizationApprovalsTablePolicy extends BasePolicy
in package

Activities

Policy

Table-level authorization policy for AuthorizationApprovals.

Implements two-tier access: personal queue (approver_id filter) and administrative access (full visibility). Approvers see their assigned items; administrators see all queues.

Methods

before() : bool|null: Check if $user is a super user and can skip auth with an auto True
canAdd() : bool: Check if $user can add RolesPermissions
canAllQueues() : bool: Check if user has administrative access to all approval queues.
canDelete() : bool: Check if $user can delete RolesPermissions
canEdit() : bool: Check if $user can edit RolesPermissions
canGridData() : bool: Check if $user can view role
canIndex() : bool: Check if $user can view role
canMyQueue() : bool: Check if user can access their personal approval queue.
canMyQueueGridData() : bool: Check if user can access their personal approval queue grid data.
canView() : bool: Check if $user can view RolesPermissions
canViewGridData() : bool: Check if user can view approval queue data for a specific approver.
canViewPrivateNotes() : bool: Check if $user can view hidden
scopeIndex() : Query: Scope index queries - admins see all, approvers see own.
scopeMobileApprove() : Query: Scope mobile approve action - admins see all, approvers see own.
scopeMobileApproveAuthorizations() : Query: Scope mobile approve authorizations to user's assigned items.
scopeMobileDeny() : Query: Scope mobile deny action - admins see all, approvers see own.
scopeMyQueue() : Query: Scope personal approval queue to user's assigned items.
scopeMyQueueGridData() : Query: Scope personal approval queue grid data to user's assigned items.
scopeView() : Query: Scope view queries - admins see all, approvers see own.
scopeViewGridData() : Query: Scope view grid data - admins see all, approvers see own.
_getBranchIdsForPolicy() : array<string|int, mixed>|null: Check if $user can view hidden
_getPermissions() : bool: Check if $user can view hidden
_getPolicies() : bool: Check if $user can view hidden
_hasPolicy() : bool: Check if $user can view hidden
_hasPolicyForUrl() : bool: Check if $user can view hidden
_isSuperUser() : bool: Check if $user is a super user

before()

Check if $user is a super user and can skip auth with an auto True


    public
                    before(KmpIdentityInterface $user, mixed $resource, string $action) : bool|null

Parameters

$user : KmpIdentityInterface: The user.
$resource : mixed: The resource.
$action : string: The action.

Return values

bool|null

canAdd()

Check if $user can add RolesPermissions


    public
                    canAdd(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The user.
$entity : BaseEntity|Table
$optionalArgs : mixed

Return values

bool

canAllQueues()

Check if user has administrative access to all approval queues.


    public
                    canAllQueues(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The requesting user
$entity : BaseEntity|Table: The table entity
$optionalArgs : mixed: Additional arguments

Return values

bool —

True if user has permission for all-queues access

canDelete()

Check if $user can delete RolesPermissions


    public
                    canDelete(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The user.
$entity : BaseEntity
$optionalArgs : mixed

Return values

bool

canEdit()

Check if $user can edit RolesPermissions


    public
                    canEdit(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The user.
$entity : BaseEntity
$optionalArgs : mixed

Return values

bool

canGridData()

Check if $user can view role


    public
                    canGridData(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The user.
$entity : BaseEntity
$optionalArgs : mixed

Return values

bool

canIndex()

Check if $user can view role


    public
                    canIndex(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The user.
$entity : BaseEntity
$optionalArgs : mixed

Return values

bool

canMyQueue()

Check if user can access their personal approval queue.


    public
                    canMyQueue(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The requesting user
$entity : BaseEntity|Table: The table entity
$optionalArgs : mixed: Additional arguments

Return values

bool —

True if user has approval authority for any activity

canMyQueueGridData()

Check if user can access their personal approval queue grid data.


    public
                    canMyQueueGridData(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The requesting user
$entity : BaseEntity|Table: The table entity
$optionalArgs : mixed: Additional arguments

Return values

bool —

True if user has approval authority for any activity

canView()

Check if $user can view RolesPermissions


    public
                    canView(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The user.
$entity : BaseEntity|Table
$optionalArgs : mixed

Return values

bool

canViewGridData()

Check if user can view approval queue data for a specific approver.


    public
                    canViewGridData(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool

Parameters

$user : KmpIdentityInterface: The requesting user
$entity : BaseEntity|Table: The table entity
$optionalArgs : mixed: Additional arguments

Return values

bool —

True if user has all queues access

canViewPrivateNotes()

Check if $user can view hidden


    public
                    canViewPrivateNotes(KmpIdentityInterface $user, BaseEntity $entity) : bool

Parameters

$user : KmpIdentityInterface: The user.
$entity : BaseEntity

Return values

bool

scopeIndex()

Scope index queries - admins see all, approvers see own.


    public
                    scopeIndex(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query to scope

Return values

Query —

Scoped query

scopeMobileApprove()

Scope mobile approve action - admins see all, approvers see own.


    public
                    scopeMobileApprove(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query

Return values

Query —

Scoped query

scopeMobileApproveAuthorizations()

Scope mobile approve authorizations to user's assigned items.


    public
                    scopeMobileApproveAuthorizations(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query

Return values

Query —

Query filtered to user's approver_id

scopeMobileDeny()

Scope mobile deny action - admins see all, approvers see own.


    public
                    scopeMobileDeny(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query

Return values

Query —

Scoped query

scopeMyQueue()

Scope personal approval queue to user's assigned items.


    public
                    scopeMyQueue(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query

Return values

Query —

Query filtered to user's approver_id

scopeMyQueueGridData()

Scope personal approval queue grid data to user's assigned items.


    public
                    scopeMyQueueGridData(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query

Return values

Query —

Query filtered to user's approver_id

scopeView()

Scope view queries - admins see all, approvers see own.


    public
                    scopeView(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query

Return values

Query —

Scoped query

scopeViewGridData()

Scope view grid data - admins see all, approvers see own.


    public
                    scopeViewGridData(KmpIdentityInterface $user, Query $query) : Query

Parameters

$user : KmpIdentityInterface: The requesting user
$query : Query: The base query

Return values

Query —

Scoped query

_getBranchIdsForPolicy()

Check if $user can view hidden


    protected
                    _getBranchIdsForPolicy(KmpIdentityInterface $user, string $policyMethod) : array<string|int, mixed>|null

Parameters

$user : KmpIdentityInterface: The user.
$policyMethod : string

Return values

array<string|int, mixed>|null

_getPermissions()

Check if $user can view hidden


    protected
                    _getPermissions(KmpIdentityInterface $user) : bool

Parameters

$user : KmpIdentityInterface: The user.

Return values

bool

_getPolicies()

Check if $user can view hidden


    protected
                    _getPolicies(KmpIdentityInterface $user) : bool

Parameters

$user : KmpIdentityInterface: The user.

Return values

bool

_hasPolicy()

Check if $user can view hidden


    protected
                    _hasPolicy(KmpIdentityInterface $user, string $policyMethod, BaseEntity|Table $entity[, int|null $branchId = null ][, mixed $grantSource = null ]) : bool

Parameters

$user : KmpIdentityInterface: The user.
$policyMethod : string
$entity : BaseEntity|Table
$branchId : int|null = null
$grantSource : mixed = null

Return values

bool

_hasPolicyForUrl()

Check if $user can view hidden


    protected
                    _hasPolicyForUrl(KmpIdentityInterface $user, string $policyMethod, array<string|int, mixed> $urlProps[, int|null $branchId = null ][, mixed $grantSource = null ]) : bool

Parameters

$user : KmpIdentityInterface: The user.
$policyMethod : string
$urlProps : array<string|int, mixed>
$branchId : int|null = null
$grantSource : mixed = null

Return values

bool

_isSuperUser()

Check if $user is a super user


    protected
                    _isSuperUser(KmpIdentityInterface $user) : bool

Parameters

$user : KmpIdentityInterface: The user.

Return values

bool

AuthorizationApprovalsTablePolicy extends BasePolicy in package Activities Policy

Tags

Table of Contents

Methods

Methods

before()

Parameters

Return values

canAdd()

Parameters

Return values

canAllQueues()

Parameters

Return values

canDelete()

Parameters

Return values

canEdit()

Parameters

Return values

canGridData()

Parameters

Return values

canIndex()

Parameters

Return values

canMyQueue()

Parameters

Return values

canMyQueueGridData()

Parameters

Return values

canView()

Parameters

Return values

canViewGridData()

Parameters

Return values

canViewPrivateNotes()

Parameters

Return values

scopeIndex()

Parameters

Return values

scopeMobileApprove()

Parameters

Return values

scopeMobileApproveAuthorizations()

Parameters

Return values

scopeMobileDeny()

Parameters

Return values

scopeMyQueue()

Parameters

Return values

scopeMyQueueGridData()

Parameters

Return values

scopeView()

Parameters

Return values

scopeViewGridData()

Parameters

Return values

_getBranchIdsForPolicy()

Parameters

Return values

_getPermissions()

Parameters

Return values

_getPolicies()

Parameters

Return values

_hasPolicy()

Parameters

Return values

_hasPolicyForUrl()

Parameters

Return values

AuthorizationApprovalsTablePolicy extends BasePolicy
in package

Activities

Policy