bert.hausmans
e3c9211e3f
Adds PurposeGuardProvider as a parallel interface to PurposeDefinition (value object stays untouched). Seven concrete providers, one per v1.0 purpose, each declaring its publish-guard list. Registry resolves and caches providers via guards_class config key. Universal guards (MaxOneIdentityKeyPerTargetEntity, AppendStrategyRequiresCollectionTarget, NoAmbiguousTrustLevels, IdentityKeyBindingsOnlyInFirstSection) wire into every purpose. The section guard is a cheap no-op when section_level_submit=false. ArtistAdvanceGuards omits RequiresIdentityKeyBinding because the artist subject is resolved via portal token, not form data. Same reasoning for supplier_intake (production_request) and the auth-based purposes. Includes a cross-cutting BindingTypeRegistryConsistencyTest that verifies tasks 5/7/8 do not contradict each other (registry ↔ guards ↔ purpose required_bindings). Refs: RFC-WS-6.md §3 (Q9, Q13) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
123 lines
3.9 KiB
PHP
123 lines
3.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\FormBuilder\Purposes;
|
|
|
|
use App\Enums\FormBuilder\FormSubmissionMode;
|
|
use App\FormBuilder\Purposes\Exceptions\PurposeNotFoundException;
|
|
use Illuminate\Contracts\Config\Repository as ConfigRepository;
|
|
|
|
final class PurposeRegistry
|
|
{
|
|
/** @var array<string, PurposeDefinition>|null */
|
|
private ?array $cache = null;
|
|
|
|
/** @var array<string, class-string<PurposeGuardProvider>>|null */
|
|
private ?array $guardClassCache = null;
|
|
|
|
/** @var array<string, PurposeGuardProvider> */
|
|
private array $guardProviderCache = [];
|
|
|
|
public function __construct(private readonly ConfigRepository $config) {}
|
|
|
|
/** @return array<string, PurposeDefinition> keyed by slug */
|
|
public function all(): array
|
|
{
|
|
if ($this->cache !== null) {
|
|
return $this->cache;
|
|
}
|
|
|
|
/** @var array<string, array<string, mixed>> $raw */
|
|
$raw = (array) $this->config->get('form_builder.purposes', []);
|
|
|
|
$definitions = [];
|
|
$guardClasses = [];
|
|
foreach ($raw as $slug => $attrs) {
|
|
$mode = $attrs['default_submission_mode'] ?? null;
|
|
if (! $mode instanceof FormSubmissionMode) {
|
|
throw new \InvalidArgumentException(
|
|
"Purpose '{$slug}' has invalid default_submission_mode; expected FormSubmissionMode enum case."
|
|
);
|
|
}
|
|
|
|
$guardsClass = $attrs['guards_class'] ?? null;
|
|
if (! is_string($guardsClass) || ! is_subclass_of($guardsClass, PurposeGuardProvider::class)) {
|
|
throw new \InvalidArgumentException(
|
|
"Purpose '{$slug}' has invalid guards_class; expected class-string implementing PurposeGuardProvider."
|
|
);
|
|
}
|
|
|
|
$definitions[(string) $slug] = new PurposeDefinition(
|
|
slug: (string) $slug,
|
|
label: (string) ($attrs['label'] ?? ''),
|
|
subjectType: (string) ($attrs['subject_type'] ?? ''),
|
|
defaultSubmissionMode: $mode,
|
|
allowsPublicAccess: (bool) ($attrs['allows_public_access'] ?? false),
|
|
requiredBindings: array_values((array) ($attrs['required_bindings'] ?? [])),
|
|
);
|
|
$guardClasses[(string) $slug] = $guardsClass;
|
|
}
|
|
|
|
$this->guardClassCache = $guardClasses;
|
|
|
|
return $this->cache = $definitions;
|
|
}
|
|
|
|
public function guardProviderFor(string $slug): PurposeGuardProvider
|
|
{
|
|
if (! $this->has($slug)) {
|
|
throw Exceptions\PurposeNotFoundException::forSlug($slug);
|
|
}
|
|
|
|
if (isset($this->guardProviderCache[$slug])) {
|
|
return $this->guardProviderCache[$slug];
|
|
}
|
|
|
|
/** @var array<string, class-string<PurposeGuardProvider>> $classes */
|
|
$classes = $this->guardClassCache ?? [];
|
|
$class = $classes[$slug];
|
|
|
|
/** @var PurposeGuardProvider $instance */
|
|
$instance = resolve($class);
|
|
|
|
return $this->guardProviderCache[$slug] = $instance;
|
|
}
|
|
|
|
public function get(string $slug): PurposeDefinition
|
|
{
|
|
$all = $this->all();
|
|
if (! isset($all[$slug])) {
|
|
throw PurposeNotFoundException::forSlug($slug);
|
|
}
|
|
|
|
return $all[$slug];
|
|
}
|
|
|
|
public function has(string $slug): bool
|
|
{
|
|
return isset($this->all()[$slug]);
|
|
}
|
|
|
|
/** @return list<string> unique sorted list of subject_type aliases */
|
|
public function allSubjectTypes(): array
|
|
{
|
|
$types = array_values(array_unique(array_map(
|
|
static fn (PurposeDefinition $p): string => $p->subjectType,
|
|
$this->all(),
|
|
)));
|
|
sort($types);
|
|
|
|
return $types;
|
|
}
|
|
|
|
/** @return list<string> slugs with allows_public_access === true */
|
|
public function publicAccessibleSlugs(): array
|
|
{
|
|
return array_values(array_keys(array_filter(
|
|
$this->all(),
|
|
static fn (PurposeDefinition $p): bool => $p->allowsPublicAccess,
|
|
)));
|
|
}
|
|
}
|