docs: add class docblocks, business-rule comments, and transaction wrapper
- Add single-line class docblocks to all 59 repository classes and interfaces describing scope and responsibility - Add multi-line docblocks to key services documenting business rules: AuthService (6-step login cascade), ImportService (3-phase CSV workflow), TenantScopeService (strict/permissive modes), PermissionService (RBAC resolution + two-tier caching), UserAccountService (atomicity + audit) - Add transaction(callable) wrapper to DatabaseSessionRepository to DRY up begin/commit/rollback boilerplate Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -7,6 +7,19 @@ use MintyPHP\Repository\Tenant\TenantRepositoryInterface;
|
||||
use MintyPHP\Repository\Tenant\UserTenantRepositoryInterface;
|
||||
use MintyPHP\Service\Access\PermissionService;
|
||||
|
||||
/**
|
||||
* Enforces tenant-boundary access control across the application.
|
||||
*
|
||||
* Core rules:
|
||||
* - Users with TENANT_SCOPE_GLOBAL permission bypass all tenant checks.
|
||||
* - canAccess() resolves the resource's tenant IDs, intersects with the user's
|
||||
* tenant IDs, and grants access only on overlap.
|
||||
* - In strict mode (default): unscoped resources (no tenant assigned) are denied.
|
||||
* - In permissive mode: unscoped resources are allowed.
|
||||
* - Resources whose tenants all became inactive are always denied (not treated as unscoped).
|
||||
* - mergeTenantIdsPreservingOutOfScope() ensures that a scoped admin cannot
|
||||
* accidentally remove tenant assignments outside their own scope.
|
||||
*/
|
||||
class TenantScopeService
|
||||
{
|
||||
public function __construct(
|
||||
|
||||
Reference in New Issue
Block a user