Rename the top-level lib/ directory to core/ so the project root immediately communicates which code is core platform and which lives in modules/. PHP namespaces (MintyPHP\*) are unchanged — only the Composer PSR-4 path mapping moves from lib/ to core/. Module-internal lib/ directories (modules/*/lib/) are untouched. Updated across the full stack: - composer.json PSR-4 mapping - bootstrap entry points (web/index.php, bin/*, tests/bootstrap.php) - tooling configs (phpstan.neon, phpunit.xml, php-cs-fixer) - 26 architecture contract tests - enforcement-policy, guard-catalog, quality-gates - all documentation (CLAUDE.md, README, 25 docs/, .agents/skills/) - bin/qa-extended.sh search paths - .claude/settings.local.json permission paths Workflow: .agents/runs/CORE-LIB-RENAME-001/ (Analyst → Planner → Executor → Code Review (4 findings fixed) → Security Review → Acceptance Test → Finalizer) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
53 lines
1.3 KiB
PHP
53 lines
1.3 KiB
PHP
<?php
|
|
|
|
namespace MintyPHP\Service\Access;
|
|
|
|
// Immutable value object returned by every authorization policy.
|
|
// The $attributes bag lets policies carry extra computed data to the caller
|
|
// (e.g. the capabilities map built during the user-edit context check).
|
|
class AuthorizationDecision
|
|
{
|
|
public function __construct(
|
|
private readonly bool $allowed,
|
|
private readonly int $status = 200,
|
|
private readonly string $error = '',
|
|
private readonly array $attributes = []
|
|
) {
|
|
}
|
|
|
|
public static function allow(array $attributes = []): self
|
|
{
|
|
return new self(true, 200, '', $attributes);
|
|
}
|
|
|
|
public static function deny(int $status = 403, string $error = 'forbidden', array $attributes = []): self
|
|
{
|
|
return new self(false, $status, $error, $attributes);
|
|
}
|
|
|
|
public function isAllowed(): bool
|
|
{
|
|
return $this->allowed;
|
|
}
|
|
|
|
public function status(): int
|
|
{
|
|
return $this->status;
|
|
}
|
|
|
|
public function error(): string
|
|
{
|
|
return $this->error;
|
|
}
|
|
|
|
public function attributes(): array
|
|
{
|
|
return $this->attributes;
|
|
}
|
|
|
|
public function attribute(string $key, mixed $default = null): mixed
|
|
{
|
|
return array_key_exists($key, $this->attributes) ? $this->attributes[$key] : $default;
|
|
}
|
|
}
|