Create AuditPageHelper with requirePurgePost() and findOrRedirect() to eliminate duplicated POST/CSRF guard boilerplate across 4 purge pages and find-or-redirect boilerplate across 4 view pages. Each page retains its stream-specific logic (system-audit event recording, user-lifecycle snapshot/restore). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
31 lines
1.1 KiB
PHP
31 lines
1.1 KiB
PHP
<?php
|
|
|
|
use MintyPHP\Http\SessionStoreInterface;
|
|
use MintyPHP\Module\Audit\AuditAuthorizationPolicy;
|
|
use MintyPHP\Module\Audit\Domain\UserLifecycleAction;
|
|
use MintyPHP\Module\Audit\Service\UserLifecycleAuditService;
|
|
use MintyPHP\Module\Audit\Support\AuditPageHelper;
|
|
use MintyPHP\Service\Access\UiAccessService;
|
|
|
|
$session = app(SessionStoreInterface::class)->all();
|
|
|
|
$auditLog = AuditPageHelper::findOrRedirect(
|
|
AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_VIEW,
|
|
UserLifecycleAuditService::class,
|
|
'audit/user-lifecycle-audit',
|
|
'Lifecycle audit entry not found',
|
|
'user_lifecycle_audit_not_found',
|
|
'View user lifecycle audit entry',
|
|
$id ?? null
|
|
);
|
|
|
|
$auditService = app(UserLifecycleAuditService::class);
|
|
$snapshot = null;
|
|
if ((string) ($auditLog['action'] ?? '') === UserLifecycleAction::Delete->value) {
|
|
$snapshot = $auditService->decryptSnapshot($auditLog);
|
|
}
|
|
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
|
(int) ($session['user']['id'] ?? 0),
|
|
['can_restore' => AuditAuthorizationPolicy::ABILITY_USER_LIFECYCLE_RESTORE]
|
|
);
|