feat: person identity matching with detection, confirmation and audit trail

Implements enterprise-grade identity resolution (detect → suggest → confirm) for Person ↔ User linking. Matches are detected automatically on person creation and user account creation, then surfaced to organisers for explicit confirmation or dismissal. No silent auto-linking. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 12:50:25 +02:00
parent 239fe57a11
commit 4b182b449a
20 changed files with 1463 additions and 2 deletions
--- a/api/app/Http/Controllers/Api/V1/PersonController.php
+++ b/api/app/Http/Controllers/Api/V1/PersonController.php
@@ -11,17 +11,22 @@ use App\Http\Resources\Api\V1\PersonCollection;
 use App\Http\Resources\Api\V1\PersonResource;
 use App\Models\Event;
 use App\Models\Person;
+use App\Services\PersonIdentityService;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Gate;

 final class PersonController extends Controller
 {
+    public function __construct(
+        private readonly PersonIdentityService $identityService,
+    ) {}
+
    public function index(Request $request, Event $event): PersonCollection
    {
        Gate::authorize('viewAny', [Person::class, $event]);

-        $query = $event->persons()->with('crowdType');
+        $query = $event->persons()->with(['crowdType', 'pendingIdentityMatch.matchedUser']);

        if ($request->filled('crowd_type_id')) {
            $query->where('crowd_type_id', $request->input('crowd_type_id'));
@@ -72,6 +77,8 @@ final class PersonController extends Controller

        $person = $event->persons()->create($request->validated());

+        $this->identityService->detectMatchForPerson($person);
+
        return $this->created(new PersonResource($person->fresh()->load('crowdType')));
    }