40 lines
1.0 KiB
PHP
40 lines
1.0 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Services\Auth;
|
|
|
|
final readonly class ManagedEnvironmentAccessDecision
|
|
{
|
|
public function __construct(
|
|
public int $workspaceId,
|
|
public int $managedEnvironmentId,
|
|
public int $userId,
|
|
public bool $workspaceMember,
|
|
public ?string $workspaceRole,
|
|
public bool $explicitScopeRowsPresent,
|
|
public bool $managedEnvironmentAllowed,
|
|
public ?string $failedBoundary = null,
|
|
public ?string $requiredCapability = null,
|
|
public bool $capabilityAllowed = true,
|
|
public ?int $denialHttpStatus = null,
|
|
) {}
|
|
|
|
public function allowed(): bool
|
|
{
|
|
return $this->workspaceMember
|
|
&& $this->managedEnvironmentAllowed
|
|
&& $this->capabilityAllowed;
|
|
}
|
|
|
|
public function shouldDenyAsNotFound(): bool
|
|
{
|
|
return $this->denialHttpStatus === 404;
|
|
}
|
|
|
|
public function shouldDenyAsForbidden(): bool
|
|
{
|
|
return $this->denialHttpStatus === 403;
|
|
}
|
|
}
|