| 1: | <?php |
| 2: | |
| 3: | namespace LaravelUi5\Core\Contracts; |
| 4: | |
| 5: | /** |
| 6: | * Defines a contract for authorization logic within the UI5 runtime context. |
| 7: | * |
| 8: | * This interface allows application components (such as Tiles, Cards, Dashboards) |
| 9: | * to delegate permission checks to a centralized service. |
| 10: | * |
| 11: | * The implementation should evaluate whether a given ability is permitted |
| 12: | * in the context of the currently active business partner, user session, |
| 13: | * or any other relevant runtime scope provided via the Ui5RuntimeContext. |
| 14: | * |
| 15: | * Implementations can connect to roles, permissions, policies, or external ACL systems. |
| 16: | * |
| 17: | * Example usage: |
| 18: | * $authService->authorize('tile.view.pending', $context); |
| 19: | */ |
| 20: | interface AuthServiceInterface |
| 21: | { |
| 22: | /** |
| 23: | * Checks whether the given ability is authorized for the current UI5 runtime context. |
| 24: | * |
| 25: | * This method encapsulates all permission logic and may consider roles, |
| 26: | * business partner relationships, tenant, environment, or other runtime factors. |
| 27: | * |
| 28: | * @param string $ability A string representing the named ability to check (e.g. 'tile.view.offers') |
| 29: | * @param Ui5Context $context The contextual information for the current request |
| 30: | * @return bool True if access is granted, false otherwise |
| 31: | */ |
| 32: | public function authorize(string $ability, Ui5Context $context): bool; |
| 33: | } |
| 34: |