bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(form-builder): consolidate subject-type allow-list into purpose registry

Browse Source 
Q6 of ARCH-CONSOLIDATION-ADDENDUM-2026-04-24: the allowed
`form_submissions.subject_type` values are now derived from
`PurposeRegistry::allSubjectTypes()` instead of the parallel
`config/form_subjects.php` file.

- CreateFormSubmissionRequest validates `subject_type` against the
  registry via constructor-injected PurposeRegistry.
- FormSubmissionController and FormValueService resolve the subject
  FQCN through `Relation::getMorphedModel()` — the morph-map is the
  single source of truth for alias → model mapping.
- `config/form_subjects.php` is deleted. `MorphMapAlignmentTest` keeps
  the registry and morph-map aligned going forward.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
bert.hausmans
2026-04-24 14:35:48 +02:00
parent b9343f6eec
commit ab67ed46ca
4 changed files with 13 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
api/config/form_subjects.php
View File

@@ -1,52 +0,0 @@
<?php
declare(strict_types=1);
/*
|--------------------------------------------------------------------------
| Subject Type Registry
|--------------------------------------------------------------------------
|
| Authoritative list of subject_type values permitted on form_submissions.
| Must match morph-map keys registered in AppServiceProvider.
|
| 'permission_check' format: '<PolicyClass>@<method>' invoked to authorise
| access to a submission for this subject. Omit when policy doesn't exist yet.
|
*/
return [
'person' => [
'model' => \App\Models\Person::class,
'display_attribute' => 'name',
'permission_check' => \App\Policies\PersonPolicy::class.'@view',
],
'user' => [
'model' => \App\Models\User::class,
'display_attribute' => 'name',
// TODO: add permission_check when UserPolicy is built (S2)
],
'company' => [
'model' => \App\Models\Company::class,
'display_attribute' => 'name',
'permission_check' => \App\Policies\CompanyPolicy::class.'@view',
],
'organisation' => [
'model' => \App\Models\Organisation::class,
'display_attribute' => 'name',
'permission_check' => \App\Policies\OrganisationPolicy::class.'@view',
],
'event' => [
'model' => \App\Models\Event::class,
'display_attribute' => 'name',
'permission_check' => \App\Policies\EventPolicy::class.'@view',
],
// 'artist' entry added when artist module lands
];