KMP PHP API Reference

Member extends BaseEntity
in package
implements KmpIdentityInterface, IdentityInterface, IdentityInterface uses LazyLoadEntityTrait, MemberAuthorizationsTrait

Member Entity - Core KMP User Identity and Profile Management

Implements authentication, authorization, and profile management for KMP users. Provides warrant eligibility checking, permission management, and status lifecycle.

Status constants: STATUS_ACTIVE, STATUS_DEACTIVATED, STATUS_VERIFIED_MEMBERSHIP, STATUS_UNVERIFIED_MINOR, STATUS_MINOR_MEMBERSHIP_VERIFIED, STATUS_MINOR_PARENT_VERIFIED, STATUS_VERIFIED_MINOR

Table of Contents

Interfaces

KmpIdentityInterface
IdentityInterface
IdentityInterface

Constants

STATUS_ACTIVE  = 'active'
Active adult member with full system access and login capability
STATUS_DEACTIVATED  = 'deactivated'
Deactivated member with no login capability or system access
STATUS_MINOR_MEMBERSHIP_VERIFIED  = '< 18 member verified'
Minor member with verified membership but no login capability
STATUS_MINOR_PARENT_VERIFIED  = '< 18 parent verified'
Minor member with parent verification and login capability
STATUS_UNVERIFIED_MINOR  = 'unverified minor'
Minor member (under 18) without verification, no login capability
STATUS_VERIFIED_MEMBERSHIP  = 'verified'
Member with verified membership status and full login access
STATUS_VERIFIED_MINOR  = 'verified < 18'
Minor member with full verification and login capability

Properties

$branch_id  : int|null
$created  : DateTime|null
$email_address  : string
$first_name  : string
$id  : int
$last_name  : string
$modified  : DateTime|null
$roles  : array<string|int, Role>
$sca_name  : string
$status  : string
$warrantable  : bool
$_accessible  : array<string, bool>
Fields accessible for mass assignment.
$_hidden  : array<string|int, string>
$_last_permissions_update  : DateTime|null
$_permissionIDs  : array<string|int, mixed>|null
$_permissions  : array<string|int, mixed>|null

Methods

ageUpReview()  : void
Review and update member status when minor reaches age 18.
applyScope()  : mixed
Apply authorization scope conditions/restrictions.
authorizeWithArgs()  : void
Authorize the current identity to perform an action.
can()  : bool
Check if member can perform action on resource.
canAccessUrl()  : bool
Check if member can access a specific URL/route.
canManageMember()  : bool
Determine if this member can manage another member as self or parent.
canResult()  : ResultInterface
Get detailed authorization result with reasoning.
checkCan()  : bool
Check authorization, throw ForbiddenException if denied.
getAsMember()  : Member
Return the identity as a Member entity.
getBranchId()  : int|null
Get the branch ID for authorization checks.
getBranchIdsForAction()  : array<string|int, mixed>|null
Get branch IDs where member has permission for a specific action.
getIdentifier()  : string
Authentication\IdentityInterface method
getNonWarrantableReasons()  : array<string|int, string>
Get reasons preventing warrant eligibility.
getOriginalData()  : ArrayAccess|array<string|int, mixed>
Get the decorated identity
getPendingApprovalsCount()  : int
Get the count of pending authorization approvals for this member.
getPermissionIDs()  : array<string|int, int>
Get permission IDs for efficient permission checking.
getPermissions()  : array<string|int, Permission>
Get all permissions assigned to member through their roles.
getPolicies()  : array<string|int, mixed>
Get member's authorization policies with optional branch filtering.
isSuperUser()  : bool
Check if the member has super user privileges.
publicAdditionalInfo()  : array<string, string>
Get public additional info based on app settings.
publicData()  : array<string|int, mixed>
Get privacy-filtered public data. Minors get minimal data.
publicLinks()  : array<string, string>
Generate configured external links from app settings.
setAuthorization()  : self
Setter to be used by the middleware.
warrantableReview()  : void
Update warrant eligibility status.
_getAge()  : int|null
Calculate member's current age in years.
_getBirthdate()  : DateTime|null
Generate birthdate from birth month and year.
_getExpiresOnToString()  : string
Convert membership expiration date to string format.
_getNameForHerald()  : string
Generate formatted name for herald/announcement purposes.
_setPassword()  : string
Secure password setter with automatic hashing.
_setStatus()  : string
Validate and set member status.
getPolicyClassFromTableName()  : string
Get policy class from table name.
resolvePolicyClass()  : string|null
Resolve the policy class name from a resource.

Constants

STATUS_ACTIVE

Active adult member with full system access and login capability

public mixed STATUS_ACTIVE = 'active'

STATUS_DEACTIVATED

Deactivated member with no login capability or system access

public mixed STATUS_DEACTIVATED = 'deactivated'

STATUS_MINOR_MEMBERSHIP_VERIFIED

Minor member with verified membership but no login capability

public mixed STATUS_MINOR_MEMBERSHIP_VERIFIED = '< 18 member verified'

STATUS_MINOR_PARENT_VERIFIED

Minor member with parent verification and login capability

public mixed STATUS_MINOR_PARENT_VERIFIED = '< 18 parent verified'

STATUS_UNVERIFIED_MINOR

Minor member (under 18) without verification, no login capability

public mixed STATUS_UNVERIFIED_MINOR = 'unverified minor'

STATUS_VERIFIED_MEMBERSHIP

Member with verified membership status and full login access

public mixed STATUS_VERIFIED_MEMBERSHIP = 'verified'

STATUS_VERIFIED_MINOR

Minor member with full verification and login capability

public mixed STATUS_VERIFIED_MINOR = 'verified < 18'

Properties

$branch_id

public int|null $branch_id

Associated branch

$created

public DateTime|null $created

Creation timestamp

$email_address

public string $email_address

Primary email

$first_name

public string $first_name

Legal first name

$last_name

public string $last_name

Legal last name

$modified

public DateTime|null $modified

Last modification timestamp

$roles

public array<string|int, Role> $roles

Assigned roles

$sca_name

public string $sca_name

SCA name

$status

public string $status

Member status (see STATUS_* constants)

$warrantable

public bool $warrantable

Calculated warrant eligibility

$_accessible

Fields accessible for mass assignment.

protected array<string, bool> $_accessible = ['modified' => true, 'password' => true, 'sca_name' => true, 'first_name' => true, 'middle_name' => true, 'last_name' => true, 'street_address' => true, 'city' => true, 'state' => true, 'zip' => true, 'phone_number' => true, 'email_address' => true, 'membership_number' => true, 'membership_expires_on' => true, 'branch_id' => true, 'parent_name' => true, 'background_check_expires_on' => true, 'password_token' => true, 'password_token_expires_on' => true, 'last_login' => true, 'last_failed_login' => true, 'failed_login_attempts' => true, 'birth_month' => true, 'birth_year' => true, 'deleted_date' => true, 'status' => true, 'additional_info' => true, 'mobile_card_token' => true, 'title' => true, 'pronouns' => true, 'pronunciation' => true, 'timezone' => true, 'profile_photo_document_id' => false]

$_hidden

protected array<string|int, string> $_hidden = ['password', 'password_token', 'password_token_expires_on']

Fields hidden from serialization

$_last_permissions_update

protected DateTime|null $_last_permissions_update = null

Last permissions update

$_permissionIDs

protected array<string|int, mixed>|null $_permissionIDs = null

Cached permission IDs

$_permissions

protected array<string|int, mixed>|null $_permissions = null

Cached permissions

Methods

ageUpReview()

Review and update member status when minor reaches age 18.

public ageUpReview() : void

Transitions: Unverified Minor → Active, Verified Minor → Verified Membership

applyScope()

Apply authorization scope conditions/restrictions.

public applyScope(string $action, mixed $resource, mixed ...$optionalArgs) : mixed
Parameters
$action : string

The action/operation being performed.

$resource : mixed

The resource being operated on.

$optionalArgs : mixed

Multiple additional arguments which are passed to the scope

Return values
mixed

The modified resource.

authorizeWithArgs()

Authorize the current identity to perform an action.

public authorizeWithArgs(mixed $resource[, string|null $action = null ], mixed ...$args) : void
Parameters
$resource : mixed

The resource being operated on.

$action : string|null = null

The action/operation being performed.

$args : mixed

can()

Check if member can perform action on resource.

public can(string $action, mixed $resource, mixed ...$optionalArgs) : bool
Parameters
$action : string

The action (e.g., 'view', 'edit')

$resource : mixed

Entity or table name

$optionalArgs : mixed

Additional args for policies

Return values
bool

True if authorized

canAccessUrl()

Check if member can access a specific URL/route.

public canAccessUrl(array<string|int, mixed> $url) : bool
Parameters
$url : array<string|int, mixed>

Route array with controller, action, and optional parameters

Return values
bool

True if member can access the URL

canManageMember()

Determine if this member can manage another member as self or parent.

public canManageMember(Member $member) : bool

Parents can manage their linked children only while the child is under 18.

Parameters
$member : Member

Target member

Return values
bool

canResult()

Get detailed authorization result with reasoning.

public canResult(string $action, mixed $resource, mixed ...$optionalArgs) : ResultInterface
Parameters
$action : string

The action being performed

$resource : mixed

The resource being operated on

$optionalArgs : mixed

Additional policy arguments

Return values
ResultInterface

Detailed authorization result

checkCan()

Check authorization, throw ForbiddenException if denied.

public checkCan(string $action, mixed $resource, mixed ...$optionalArgs) : bool
Parameters
$action : string

The action

$resource : mixed

The resource

$optionalArgs : mixed

Additional args

Tags
throws
ForbiddenException
Return values
bool

Always true (throws on failure)

getAsMember()

Return the identity as a Member entity.

public getAsMember() : Member
Return values
Member

This instance

getBranchId()

Get the branch ID for authorization checks.

public getBranchId() : int|null

Child classes should override for complex branch relationships.

Return values
int|null

The branch ID, or null if no association

getBranchIdsForAction()

Get branch IDs where member has permission for a specific action.

public getBranchIdsForAction(string $action, mixed $resource) : array<string|int, mixed>|null

Returns null for global access, empty array for no access, or specific branch IDs for scoped access.

Parameters
$action : string

The policy action (e.g., 'edit', 'view')

$resource : mixed

Entity instance, table name, or entity class

Return values
array<string|int, mixed>|null

Branch IDs, null for global, empty for no access

getIdentifier()

Authentication\IdentityInterface method

public getIdentifier() : string
Return values
string

getNonWarrantableReasons()

Get reasons preventing warrant eligibility.

public getNonWarrantableReasons() : array<string|int, string>

Checks: age >= 18, verified membership, not expired, legal name, address, phone.

Return values
array<string|int, string>

Disqualifying reasons (empty = eligible)

getOriginalData()

Get the decorated identity

public getOriginalData() : ArrayAccess|array<string|int, mixed>

If the decorated identity implements getOriginalData() that method should be invoked to expose the original data.

Return values
ArrayAccess|array<string|int, mixed>

getPendingApprovalsCount()

Get the count of pending authorization approvals for this member.

public getPendingApprovalsCount() : int

Counts approvals where this member is the approver and has not yet responded (responded_on is null). Used for navigation badges and approval workflow management.

Return values
int

Number of pending authorization approvals

getPermissionIDs()

Get permission IDs for efficient permission checking.

public getPermissionIDs() : array<string|int, int>
Return values
array<string|int, int>

Array of permission ID integers

getPermissions()

Get all permissions assigned to member through their roles.

public getPermissions() : array<string|int, Permission>
Return values
array<string|int, Permission>

Permission entities

getPolicies()

Get member's authorization policies with optional branch filtering.

public getPolicies([array<string|int, mixed>|null $branchIds = null ]) : array<string|int, mixed>
Parameters
$branchIds : array<string|int, mixed>|null = null

Optional branch IDs to filter policies

Return values
array<string|int, mixed>

Policy configurations

isSuperUser()

Check if the member has super user privileges.

public isSuperUser() : bool
Return values
bool

True if member has super user privileges

publicAdditionalInfo()

Get public additional info based on app settings.

public publicAdditionalInfo() : array<string, string>
Return values
array<string, string>

Public additional info fields

publicData()

Get privacy-filtered public data. Minors get minimal data.

public publicData() : array<string|int, mixed>
Return values
array<string|int, mixed>

Filtered member data safe for public consumption

publicLinks()

Generate configured external links from app settings.

public publicLinks() : array<string, string>
Return values
array<string, string>

Link names to URLs

setAuthorization()

Setter to be used by the middleware.

public setAuthorization(AuthorizationServiceInterface $service) : self
Parameters
$service : AuthorizationServiceInterface
Return values
self

warrantableReview()

Update warrant eligibility status.

public warrantableReview() : void
Return values
void

Updates warrantable and non_warrantable_reasons properties

_getAge()

Calculate member's current age in years.

protected _getAge() : int|null
Return values
int|null

Current age or null if birth data incomplete

_getBirthdate()

Generate birthdate from birth month and year.

protected _getBirthdate() : DateTime|null
Return values
DateTime|null

Birth date or null if incomplete

_getExpiresOnToString()

Convert membership expiration date to string format.

protected _getExpiresOnToString() : string
Return values
string

Formatted date string or empty string if null

_getNameForHerald()

Generate formatted name for herald/announcement purposes.

protected _getNameForHerald() : string

Format: [Title] SCA_Name [(pronunciation)] [- pronouns]

Return values
string

Formatted herald name

_setPassword()

Secure password setter with automatic hashing.

protected _setPassword(string $value) : string
Parameters
$value : string

Plain text password to hash

Return values
string

Hashed password (or existing if value is empty)

_setStatus()

Validate and set member status.

protected _setStatus(string $value) : string
Parameters
$value : string

The status value to validate

Tags
throws
InvalidArgumentException

When invalid status is provided

Return values
string

The validated status value

getPolicyClassFromTableName()

Get policy class from table name.

protected getPolicyClassFromTableName(string $tableName) : string
Parameters
$tableName : string

The table name (e.g., 'Members')

Return values
string

Policy class name

resolvePolicyClass()

Resolve the policy class name from a resource.

protected resolvePolicyClass(mixed $resource) : string|null
Parameters
$resource : mixed

Entity instance, table instance, or class name

Return values
string|null

Policy class name, or null if not resolvable


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results