| 1: | <?php |
| 2: | |
| 3: | namespace LaravelUi5\Core\Enums; |
| 4: | |
| 5: | use InvalidArgumentException; |
| 6: | |
| 7: | /** |
| 8: | * Defines the four fundamental categories of Abilities within LaravelUi5. |
| 9: | * Each type expresses a distinct semantic permission scope that governs |
| 10: | * what a user may see, do, or enter across frontend and backend layers. |
| 11: | * |
| 12: | * Integer-backed for compact storage and stable comparison. |
| 13: | * |
| 14: | * --------------------------------------------------------------------- |
| 15: | * Use → Access to frontend views, dialogs, or routes |
| 16: | * Act → Execution of backend operations or actions |
| 17: | * See → Visibility control for UI elements |
| 18: | * Access → Permission to enter system-level artifacts (apps, dashboards, |
| 19: | * reports, cards, tiles, KPIs, dialogs, resources) |
| 20: | * --------------------------------------------------------------------- |
| 21: | * |
| 22: | * @example |
| 23: | * if ($ability->type === AbilityType::Act) { |
| 24: | * // Perform business logic for action-level permission |
| 25: | * } |
| 26: | */ |
| 27: | enum AbilityType: int |
| 28: | { |
| 29: | /** |
| 30: | * Frontend-level access to views, dialogs, or routes declared in manifest.json |
| 31: | */ |
| 32: | case Use = 0; |
| 33: | |
| 34: | /** |
| 35: | * Permission to execute a backend operation or service action. |
| 36: | * |
| 37: | * Implementors that want to secure a frontend operation should |
| 38: | * work via the `AbilityType::See` instead. |
| 39: | */ |
| 40: | case Act = 1; |
| 41: | |
| 42: | /** |
| 43: | * Controls visibility of UI elements such as buttons, dialogs, |
| 44: | * or sections. Typically used in the frontend to bind `visible` |
| 45: | * or `enabled` states to user abilities. |
| 46: | */ |
| 47: | case See = 2; |
| 48: | |
| 49: | /** |
| 50: | * Backend-level access to entry-point artifacts without manifest anchors |
| 51: | */ |
| 52: | case Access = 3; |
| 53: | |
| 54: | /** |
| 55: | * Returns the canonical lowercase label used in manifests and caches. |
| 56: | * |
| 57: | * @return string |
| 58: | */ |
| 59: | public function label(): string |
| 60: | { |
| 61: | return match ($this) { |
| 62: | self::Use => 'use', |
| 63: | self::Act => 'act', |
| 64: | self::See => 'see', |
| 65: | self::Access => 'access', |
| 66: | }; |
| 67: | } |
| 68: | |
| 69: | /** |
| 70: | * Creates an AbilityType from its canonical lowercase label. |
| 71: | * |
| 72: | * @param string $label |
| 73: | * @return self |
| 74: | */ |
| 75: | public static function fromLabel(string $label): self |
| 76: | { |
| 77: | return match ($label) { |
| 78: | 'use' => self::Use, |
| 79: | 'act' => self::Act, |
| 80: | 'see' => self::See, |
| 81: | 'access' => self::Access, |
| 82: | default => throw new InvalidArgumentException("Unknown AbilityType label: $label"), |
| 83: | }; |
| 84: | } |
| 85: | |
| 86: | /** |
| 87: | * Returns true if this AbilityType represents an action-level permission. |
| 88: | * |
| 89: | * @return bool |
| 90: | */ |
| 91: | public function isAct(): bool |
| 92: | { |
| 93: | return $this === self::Act; |
| 94: | } |
| 95: | |
| 96: | /** |
| 97: | * Returns true if this AbilityType represents an access-level permission. |
| 98: | * |
| 99: | * @return bool |
| 100: | */ |
| 101: | public function isAccess(): bool |
| 102: | { |
| 103: | return $this === self::Access; |
| 104: | } |
| 105: | |
| 106: | /** |
| 107: | * Determines whether this AbilityType should be declared |
| 108: | * inside the manifest.json (frontend domain) rather than |
| 109: | * in backend PHP annotations. |
| 110: | */ |
| 111: | public function shouldBeInManifest(): bool |
| 112: | { |
| 113: | return match ($this) { |
| 114: | self::Use, self::See => true, |
| 115: | default => false, |
| 116: | }; |
| 117: | } |
| 118: | } |
| 119: |