ahmido
b1e1e06861
## Summary - add a first-class finding exception domain with request, approval, rejection, renewal, and revocation lifecycle support - add tenant-scoped exception register, finding governance surfaces, and a canonical workspace approval queue in Filament - add audit, badge, evidence, and review-pack integrations plus focused Pest coverage for workflow, authorization, and governance validity ## Validation - vendor/bin/sail bin pint --dirty --format agent - CI=1 vendor/bin/sail artisan test --compact - manual integrated-browser smoke test for the request-exception happy path, tenant register visibility, and canonical queue visibility ## Notes - Filament implementation remains on v5 with Livewire v4-compatible surfaces - canonical queue lives in the admin panel; provider registration stays in bootstrap/providers.php - finding exceptions stay out of global search in this rollout Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #184
72 lines
1.7 KiB
PHP
72 lines
1.7 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Models;
|
|
|
|
use App\Support\Concerns\DerivesWorkspaceIdFromTenant;
|
|
use Illuminate\Database\Eloquent\Factories\HasFactory;
|
|
use Illuminate\Database\Eloquent\Model;
|
|
use Illuminate\Database\Eloquent\Relations\BelongsTo;
|
|
use LogicException;
|
|
|
|
class FindingExceptionDecision extends Model
|
|
{
|
|
use DerivesWorkspaceIdFromTenant;
|
|
use HasFactory;
|
|
|
|
public const string TYPE_REQUESTED = 'requested';
|
|
|
|
public const string TYPE_APPROVED = 'approved';
|
|
|
|
public const string TYPE_REJECTED = 'rejected';
|
|
|
|
public const string TYPE_RENEWAL_REQUESTED = 'renewal_requested';
|
|
|
|
public const string TYPE_RENEWED = 'renewed';
|
|
|
|
public const string TYPE_REVOKED = 'revoked';
|
|
|
|
protected $guarded = [];
|
|
|
|
/**
|
|
* @return array<string, string>
|
|
*/
|
|
protected function casts(): array
|
|
{
|
|
return [
|
|
'effective_from' => 'datetime',
|
|
'expires_at' => 'datetime',
|
|
'metadata' => 'array',
|
|
'decided_at' => 'datetime',
|
|
];
|
|
}
|
|
|
|
protected static function booted(): void
|
|
{
|
|
static::updating(static function (): void {
|
|
throw new LogicException('Finding exception decisions are append-only.');
|
|
});
|
|
|
|
static::deleting(static function (): void {
|
|
throw new LogicException('Finding exception decisions are append-only.');
|
|
});
|
|
}
|
|
|
|
/**
|
|
* @return BelongsTo<FindingException, $this>
|
|
*/
|
|
public function exception(): BelongsTo
|
|
{
|
|
return $this->belongsTo(FindingException::class, 'finding_exception_id');
|
|
}
|
|
|
|
/**
|
|
* @return BelongsTo<User, $this>
|
|
*/
|
|
public function actor(): BelongsTo
|
|
{
|
|
return $this->belongsTo(User::class, 'actor_user_id');
|
|
}
|
|
}
|