Files
breadcrumb-the-shire/core/Service/Access/AuthorizationDecision.php

53 lines
1.3 KiB
PHP
Raw Normal View History

<?php
namespace MintyPHP\Service\Access;
2026-03-06 00:44:52 +01:00
// Immutable value object returned by every authorization policy.
// The $attributes bag lets policies carry extra computed data to the caller
// (e.g. the capabilities map built during the user-edit context check).
class AuthorizationDecision
{
public function __construct(
private readonly bool $allowed,
private readonly int $status = 200,
private readonly string $error = '',
private readonly array $attributes = []
) {
}
public static function allow(array $attributes = []): self
{
return new self(true, 200, '', $attributes);
}
public static function deny(int $status = 403, string $error = 'forbidden', array $attributes = []): self
{
return new self(false, $status, $error, $attributes);
}
public function isAllowed(): bool
{
return $this->allowed;
}
public function status(): int
{
return $this->status;
}
public function error(): string
{
return $this->error;
}
public function attributes(): array
{
return $this->attributes;
}
public function attribute(string $key, mixed $default = null): mixed
{
return array_key_exists($key, $this->attributes) ? $this->attributes[$key] : $default;
}
}