RecommendationsTablePolicy
extends BasePolicy
in package
Table-level authorization policy for Recommendations in the Awards plugin.
Implements query scoping based on user approval authority and organizational scope. Supports open recommendation submission and export authorization.
Tags
Table of Contents
Methods
- before() : bool|null
- Check if $user is a super user and can skip auth with an auto True
- canAdd() : bool
- Authorize recommendation creation (open access).
- canDelete() : bool
- Check if $user can delete RolesPermissions
- canEdit() : bool
- Check if $user can edit RolesPermissions
- canExport() : bool
- Authorize recommendation export to CSV.
- canGridData() : bool
- Check if $user can view role
- canIndex() : bool
- Check if $user can view role
- canView() : bool
- Check if $user can view RolesPermissions
- canViewPrivateNotes() : bool
- Check if $user can view hidden
- scopeIndex() : Query
- Apply authorization scoping to recommendation queries.
- _getBranchIdsForPolicy() : array<string|int, mixed>|null
- Check if $user can view hidden
- _getPermissions() : bool
- Check if $user can view hidden
- _getPolicies() : bool
- Check if $user can view hidden
- _hasPolicy() : bool
- Check if $user can view hidden
- _hasPolicyForUrl() : bool
- Check if $user can view hidden
- _isSuperUser() : bool
- Check if $user is a super user
Methods
before()
Check if $user is a super user and can skip auth with an auto True
public
before(KmpIdentityInterface $user, mixed $resource, string $action) : bool|null
Parameters
- $user : KmpIdentityInterface
-
The user.
- $resource : mixed
-
The resource.
- $action : string
-
The action.
Return values
bool|nullcanAdd()
Authorize recommendation creation (open access).
public
canAdd(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool
Parameters
- $user : KmpIdentityInterface
-
The user requesting creation access
- $entity : BaseEntity|Table
-
The target entity or table
- $optionalArgs : mixed
-
Additional authorization arguments
Return values
bool —Always true for open recommendation submission
canDelete()
Check if $user can delete RolesPermissions
public
canDelete(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $entity : BaseEntity
- $optionalArgs : mixed
Return values
boolcanEdit()
Check if $user can edit RolesPermissions
public
canEdit(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $entity : BaseEntity
- $optionalArgs : mixed
Return values
boolcanExport()
Authorize recommendation export to CSV.
public
canExport(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool
Delegates to canIndex - users who can list can export.
Parameters
- $user : KmpIdentityInterface
-
The user requesting export access
- $entity : BaseEntity|Table
-
The target entity or table
- $optionalArgs : mixed
-
Additional authorization arguments
Return values
bool —True if user has index permission
canGridData()
Check if $user can view role
public
canGridData(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $entity : BaseEntity
- $optionalArgs : mixed
Return values
boolcanIndex()
Check if $user can view role
public
canIndex(KmpIdentityInterface $user, BaseEntity $entity, mixed ...$optionalArgs) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $entity : BaseEntity
- $optionalArgs : mixed
Return values
boolcanView()
Check if $user can view RolesPermissions
public
canView(KmpIdentityInterface $user, BaseEntity|Table $entity, mixed ...$optionalArgs) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $entity : BaseEntity|Table
- $optionalArgs : mixed
Return values
boolcanViewPrivateNotes()
Check if $user can view hidden
public
canViewPrivateNotes(KmpIdentityInterface $user, BaseEntity $entity) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $entity : BaseEntity
Return values
boolscopeIndex()
Apply authorization scoping to recommendation queries.
public
scopeIndex(KmpIdentityInterface $user, Query $query) : Query
Filters recommendations by branch access and approval authority levels. Discovers approval levels from canApproveLevel* permission methods.
Parameters
- $user : KmpIdentityInterface
-
The user requesting data access
- $query : Query
-
The base query to scope
Return values
Query —The scoped query with authorization filtering
_getBranchIdsForPolicy()
Check if $user can view hidden
protected
_getBranchIdsForPolicy(KmpIdentityInterface $user, string $policyMethod) : array<string|int, mixed>|null
Parameters
- $user : KmpIdentityInterface
-
The user.
- $policyMethod : string
Return values
array<string|int, mixed>|null_getPermissions()
Check if $user can view hidden
protected
_getPermissions(KmpIdentityInterface $user) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
Return values
bool_getPolicies()
Check if $user can view hidden
protected
_getPolicies(KmpIdentityInterface $user) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
Return values
bool_hasPolicy()
Check if $user can view hidden
protected
_hasPolicy(KmpIdentityInterface $user, string $policyMethod, BaseEntity|Table $entity[, int|null $branchId = null ][, mixed $grantSource = null ]) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $policyMethod : string
- $entity : BaseEntity|Table
- $branchId : int|null = null
- $grantSource : mixed = null
Return values
bool_hasPolicyForUrl()
Check if $user can view hidden
protected
_hasPolicyForUrl(KmpIdentityInterface $user, string $policyMethod, array<string|int, mixed> $urlProps[, int|null $branchId = null ][, mixed $grantSource = null ]) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.
- $policyMethod : string
- $urlProps : array<string|int, mixed>
- $branchId : int|null = null
- $grantSource : mixed = null
Return values
bool_isSuperUser()
Check if $user is a super user
protected
_isSuperUser(KmpIdentityInterface $user) : bool
Parameters
- $user : KmpIdentityInterface
-
The user.