feat: person identity matching with detection, confirmation and audit trail

Implements enterprise-grade identity resolution (detect → suggest → confirm) for Person ↔ User linking. Matches are detected automatically on person creation and user account creation, then surfaced to organisers for explicit confirmation or dismissal. No silent auto-linking. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 12:50:25 +02:00
parent 239fe57a11
commit 4b182b449a
20 changed files with 1463 additions and 2 deletions
--- a/api/app/Models/PersonIdentityMatch.php
+++ b/api/app/Models/PersonIdentityMatch.php
@@ -0,0 +1,72 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Models;
+
+use App\Enums\IdentityMatchConfidence;
+use App\Enums\IdentityMatchMethod;
+use App\Enums\IdentityMatchStatus;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Concerns\HasUlids;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+
+final class PersonIdentityMatch extends Model
+{
+    use HasFactory;
+    use HasUlids;
+
+    public const UPDATED_AT = null;
+
+    protected $fillable = [
+        'person_id',
+        'matched_user_id',
+        'matched_on',
+        'confidence',
+        'status',
+        'resolved_by_user_id',
+        'resolved_at',
+    ];
+
+    protected function casts(): array
+    {
+        return [
+            'matched_on' => IdentityMatchMethod::class,
+            'confidence' => IdentityMatchConfidence::class,
+            'status' => IdentityMatchStatus::class,
+            'resolved_at' => 'datetime',
+        ];
+    }
+
+    public function person(): BelongsTo
+    {
+        return $this->belongsTo(Person::class);
+    }
+
+    public function matchedUser(): BelongsTo
+    {
+        return $this->belongsTo(User::class, 'matched_user_id');
+    }
+
+    public function resolvedBy(): BelongsTo
+    {
+        return $this->belongsTo(User::class, 'resolved_by_user_id');
+    }
+
+    public function scopePending(Builder $query): Builder
+    {
+        return $query->where('status', IdentityMatchStatus::PENDING);
+    }
+
+    public function scopeConfirmed(Builder $query): Builder
+    {
+        return $query->where('status', IdentityMatchStatus::CONFIRMED);
+    }
+
+    public function scopeDismissed(Builder $query): Builder
+    {
+        return $query->where('status', IdentityMatchStatus::DISMISSED);
+    }
+}