self::PERMISSION_ACCESS, self::ABILITY_SETTINGS_MANAGE => self::PERMISSION_SETTINGS_MANAGE, self::ABILITY_TEAM_WORKLOAD => self::PERMISSION_TEAM_WORKLOAD, self::ABILITY_RISK_RADAR => self::PERMISSION_RISK_RADAR, default => null, }; if ($permissionKey === null) { return AuthorizationDecision::deny(403, 'forbidden'); } if (!$this->permissionService->userHas($actorUserId, $permissionKey)) { return AuthorizationDecision::deny(403, 'forbidden'); } return AuthorizationDecision::allow(); } }