KMP PHP API Reference

RecommendationPolicy extends BasePolicy
in package

Authorization policy for Recommendation entities in the Awards plugin.

Implements state machine management, workflow authorization, and dynamic approval level validation. Supports dynamic canApproveLevel* methods based on award levels.

Tags
see
BasePolicy

Base authorization functionality

see

/docs/5.2.13-awards-recommendation-policy.md Full documentation

Table of Contents

Methods

__call()  : bool
Handle dynamic approval authority methods (canApproveLevel*).
before()  : bool|null
Check if $user is a super user and can skip auth with an auto True
canAdd()  : bool
Check if user can add new recommendations.
canAddNote()  : bool
Check if user can add notes to recommendations.
canDelete()  : bool
Check if $user can delete RolesPermissions
canEdit()  : bool
Check if $user can edit RolesPermissions
canExport()  : bool
Check if user can export recommendation data.
canGridData()  : bool
Check if $user can view role
canIndex()  : bool
Check if $user can view role
canUpdateStates()  : bool
Check if user can update recommendation states in bulk.
canUseBoard()  : bool
Check if user can access the recommendation board interface.
canView()  : bool
Check if $user can view RolesPermissions
canViewEventRecommendations()  : bool
Check if user can view recommendations for a specific event.
canViewGatheringRecommendations()  : bool
Check if user can view recommendations for a specific gathering.
canViewHidden()  : bool
Check if user can view hidden recommendations.
canViewPrivateNotes()  : bool
Check if user can view private notes on recommendations.
canViewSubmittedByMember()  : bool
Check if user can view recommendations they submitted.
canViewSubmittedForMember()  : bool
Check if user can view recommendations submitted for a specific member.
getDynamicMethods()  : array<string|int, mixed>
Get names of dynamically generated approval methods.
scopeIndex()  : mixed
Apply scope for index action.
_getBranchIdsForPolicy()  : array<string|int, mixed>|null
Check if $user can view hidden
_getPermissions()  : bool
Check if $user can view hidden
_getPolicies()  : bool
Check if $user can view hidden
_hasPolicy()  : bool
Check if $user can view hidden
_hasPolicyForUrl()  : bool
Check if $user can view hidden
_isSuperUser()  : bool
Check if $user is a super user
canManageRecommendationMember()  : bool
Determine whether the user can manage recommendation actions for a member.

Methods

__call()

Handle dynamic approval authority methods (canApproveLevel*).

public __call(string $name, array<string|int, mixed> $arguments) : bool

Resolves level-specific approval methods dynamically based on award levels.

Parameters
$name : string

The method name (e.g., 'canApproveLevelAoA')

$arguments : array<string|int, mixed>

[$user, $entity, ...args]

Tags
throws
BadMethodCallException

When method is not a recognized dynamic method

Return values
bool

True if user has approval authority for the level

before()

Check if $user is a super user and can skip auth with an auto True

public before(KmpIdentityInterface $user, mixed $resource, string $action) : bool|null
Parameters
$user : KmpIdentityInterface

The user.

$resource : mixed

The resource.

$action : string

The action.

Return values
bool|null

canAdd()

Check if user can add new recommendations.

public canAdd(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool

Open authorization - any authenticated user can submit recommendations.

Parameters
$user : KmpIdentityInterface

The authenticated user

$entity : BaseEntity|Table

The recommendation context

$optionalArgs : mixed

Additional authorization context

Return values
bool

Always true for open submission

canViewEventRecommendations()

Check if user can view recommendations for a specific event.

public canViewEventRecommendations(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$args) : bool
Parameters
$user : KmpIdentityInterface

The authenticated user

$entity : BaseEntity

The recommendation entity

$args : mixed

Additional authorization context

Return values
bool

True if authorized

canViewGatheringRecommendations()

Check if user can view recommendations for a specific gathering.

public canViewGatheringRecommendations(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$args) : bool
Parameters
$user : KmpIdentityInterface

The authenticated user

$entity : BaseEntity

The recommendation entity

$args : mixed

Additional authorization context (typically gathering entity)

Return values
bool

True if authorized

canViewPrivateNotes()

Check if user can view private notes on recommendations.

public canViewPrivateNotes(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool
Parameters
$user : KmpIdentityInterface

The authenticated user

$entity : BaseEntity

The recommendation entity

$optionalArgs : mixed

Additional authorization context

Return values
bool

True if authorized

canViewSubmittedByMember()

Check if user can view recommendations they submitted.

public canViewSubmittedByMember(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$args) : bool

Grants direct access if user is the requester, otherwise delegates to permission check.

Parameters
$user : KmpIdentityInterface

The authenticated user

$entity : BaseEntity

The recommendation entity

$args : mixed

Additional authorization context

Return values
bool

True if authorized

canViewSubmittedForMember()

Check if user can view recommendations submitted for a specific member.

public canViewSubmittedForMember(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$args) : bool
Parameters
$user : KmpIdentityInterface

The authenticated user

$entity : BaseEntity

The recommendation entity

$args : mixed

Additional authorization context

Return values
bool

True if authorized

getDynamicMethods()

Get names of dynamically generated approval methods.

public static getDynamicMethods() : array<string|int, mixed>

Returns canApproveLevel* method names based on current award levels.

Return values
array<string|int, mixed>

List of dynamic method names

_getBranchIdsForPolicy()

Check if $user can view hidden

protected _getBranchIdsForPolicy(KmpIdentityInterface $user, string $policyMethod) : array<string|int, mixed>|null
Parameters
$user : KmpIdentityInterface

The user.

$policyMethod : string
Return values
array<string|int, mixed>|null

_hasPolicy()

Check if $user can view hidden

protected _hasPolicy(KmpIdentityInterface $user, string $policyMethod, BaseEntity|Table $entity[, int|null $branchId = null ][, mixed $grantSource = null ]) : bool
Parameters
$user : KmpIdentityInterface

The user.

$policyMethod : string
$entity : BaseEntity|Table
$branchId : int|null = null
$grantSource : mixed = null
Return values
bool

_hasPolicyForUrl()

Check if $user can view hidden

protected _hasPolicyForUrl(KmpIdentityInterface $user, string $policyMethod, array<string|int, mixed> $urlProps[, int|null $branchId = null ][, mixed $grantSource = null ]) : bool
Parameters
$user : KmpIdentityInterface

The user.

$policyMethod : string
$urlProps : array<string|int, mixed>
$branchId : int|null = null
$grantSource : mixed = null
Return values
bool

canManageRecommendationMember()

Determine whether the user can manage recommendation actions for a member.

protected canManageRecommendationMember(KmpIdentityInterface $user, int $memberId) : bool

Allows self or parent-of-minor access.

Parameters
$user : KmpIdentityInterface
$memberId : int
Return values
bool 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results