bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d0e17f28241cc18ef030a597c398cdfefb18f571
crewli/api/app/Http/Resources/FormBuilder/FormSubmissionActionFailureResource.php
bert.hausmans d0e17f2824 feat(form-builder): retry/resolve/dismiss API endpoints + dual-route auth (WS-6) 
Two route groups: /api/v1/admin/form-failures (super_admin platform) and
/api/v1/organisations/{organisation}/form-failures (org_admin scoped).
Same controller, policy authorises via FK chain (RFC V3). Cross-tenant
access returns 404 not 403 to prevent enumeration.

Resolve takes optional note; Dismiss requires DismissalReasonType
enum with conditional note (mandatory for 'other'). Both via
FormRequest validation with explicit i18n message keys.

Implementation note: Laravel implicit model binding for nested-namespace
ULID models doesn't pick up reliably across nested route groups. Using
manual resolveFailure() helper that loads withoutGlobalScopes() (so
cross-tenant access still reaches the policy, which translates denied →
404 per V3). Policy explicitly checks soft-delete via deleted_at since
withoutGlobalScopes bypasses SoftDeletes too. Policy registered
explicitly in AppServiceProvider — auto-discovery doesn't reliably
resolve App\Models\FormBuilder\* → App\Policies\FormBuilder\*.

NOT: admin UI (session 3). Not: public form routes (no API contract
notification needed).

Refs: RFC-WS-6.md §3 (Q5), §4 (V2, V3)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-26 15:34:23 +02:00

44 lines
1.5 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Http\Resources\FormBuilder;
use App\Models\FormBuilder\FormSubmissionActionFailure;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
/**
* @mixin FormSubmissionActionFailure
*/
final class FormSubmissionActionFailureResource extends JsonResource
{
/**
* @return array<string, mixed>
*/
public function toArray(Request $request): array
{
return [
'id' => $this->id,
'form_submission_id' => $this->form_submission_id,
'binding_id' => $this->binding_id,
'listener_class' => $this->listener_class,
'failed_at' => $this->failed_at->toIso8601String(),
'exception_class' => $this->exception_class,
'exception_message' => $this->exception_message,
'context' => $this->context,
'retry_count' => $this->retry_count,
'resolved_at' => $this->resolved_at?->toIso8601String(),
'resolved_note' => $this->resolved_note,
'dismissed_at' => $this->dismissed_at?->toIso8601String(),
'dismissed_reason_type' => $this->dismissed_reason_type?->value,
'dismissed_reason_note' => $this->dismissed_reason_note,
'state' => match (true) {
$this->resolved_at !== null => 'resolved',
$this->dismissed_at !== null => 'dismissed',
default => 'open',
},
];
}
}
Reference in New Issue View Git Blame Copy Permalink