PolicyRuleInterface
A single authorization policy rule, as consumed by the PolicyGate. Backing storage is the host's concern (the Milpa monorepo implements it with a Doctrine entity); the gate only reads these four accessors.
PolicyRuleInterface::getId()
abstract public function getId(): ?intPersistent identifier of the rule, or null when it has not been persisted (e.g. an in-memory rule).
PolicyRuleInterface::getEffect()
abstract public function getEffect(): stringEither "allow" or "deny".
PolicyRuleInterface::getRequiresScopes()
abstract public function getRequiresScopes(): ?arrayScopes the caller must hold to satisfy this rule.
Returns
Any-of set of required scopes, or null when the rule imposes no scope requirement.
PolicyRuleInterface::getDescription()
abstract public function getDescription(): ?stringHuman-readable explanation surfaced back to the caller when this rule denies the call.