feat(form-builder): add PublishGuard framework + 9 concrete guards (WS-6)

Per-purpose schema validation composes a PurposeGuardProvider returning a list of guards. Errors collected (not first-fail) so the builder UI surfaces every issue per save. ConditionalRequirement composes higher- order without proliferating one-off classes. RequiresIdentityKeyBinding checks the is_identity_key flag specifically; the binding-existence check is handled additively by the existing assertRequiredBindingsPresent in FormSchemaService. SchemaHasLinkedEvent checks owner_type='event' + owner_id (FormSchema uses polymorphic owner; there is no direct event_id column). i18n messages live in lang/nl/form_builder_publish_guards.php. Refs: RFC-WS-6.md §3 (Q13), §4 (V1, V3) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 22:55:42 +02:00
parent c5b0210ae7
commit 81a8120f98
21 changed files with 1156 additions and 0 deletions
--- a/api/app/FormBuilder/Publishing/PublishGuard.php
+++ b/api/app/FormBuilder/Publishing/PublishGuard.php
@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\FormBuilder\Publishing;
+
+use App\Models\FormBuilder\FormSchema;
+
+/**
+ * RFC-WS-6 §3 (Q13) — pre-publish constraint contract.
+ *
+ * `FormSchemaService::publish()` walks every guard returned by the
+ * purpose's `PurposeGuardProvider`, collecting all violations (not
+ * first-fail) before throwing `PublishGuardViolationException`.
+ *
+ * Guards must NOT issue N+1 queries; the service eager-loads
+ * `fields.bindings` and `sections` before evaluation.
+ */
+interface PublishGuard
+{
+    public function evaluate(FormSchema $schema): PublishGuardResult;
+
+    /**
+     * Stable identifier used in error responses and tests.
+     * Examples: 'requires_identity_key_binding:person:email',
+     *           'append_strategy_requires_collection_target'.
+     */
+    public function code(): string;
+}