Add account registration with signup policy acceptance

Implements #16: invite-only student self-registration through a front-end page, accepting signup-scoped policies at account creation. Policy domain: - us_policies.acceptance_scope (signup/booking/both); Policy::appliesTo(); PolicyRepository::findForScope(); scope threaded through PolicyService, the REST create, the admin controller, and the Policies form. - PolicyAcceptance::REG_ACCOUNT (registration_id = the new user's ID). Auth: - Invite value object + InviteRepository; us_invites table. - RegistrationController + Invites admin page (manage_students): invite an email, share the registration link, revoke. - RegistrationPage ([us_student_register] shortcode): validates the invite token, collects name/password, renders signup-scoped published policies with required acceptance, creates the us_student user, records account-type acceptances, marks the invite accepted, and logs the user in. - RoleManager: manage_students cap added to STUDIO_ADMIN_CAPS. Invite-only is implemented; the us_registration_mode self_approval path is a documented future seam. Docs: docs/features/account-registration.md; policies.md updated. Tests: tests/Unit/Auth/ (Invite, InviteRepository) plus Policy scope updates. composer test (104), cs, and PHPStan level 6 all pass. Refs #16 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-05 16:39:39 -03:00
parent 5eb096c5cf
commit 9c900d6553
25 changed files with 957 additions and 21 deletions
@@ -0,0 +1,64 @@
+<?php
+declare(strict_types=1);
+
+namespace Unsupervised\Schedular\Auth;
+
+class Invite {
+
+	public const STATUS_PENDING  = 'pending';
+	public const STATUS_ACCEPTED = 'accepted';
+	public const STATUS_REVOKED  = 'revoked';
+
+	/**
+	 * All valid invite statuses.
+	 *
+	 * @var list<string>
+	 */
+	public const VALID_STATUSES = [ self::STATUS_PENDING, self::STATUS_ACCEPTED, self::STATUS_REVOKED ];
+
+	public function __construct(
+		public readonly string $email,
+		public readonly string $token,
+		public readonly string $role = RoleManager::STUDENT,
+		public readonly string $status = self::STATUS_PENDING,
+		public readonly ?int $invitedBy = null,
+		public readonly ?int $acceptedUserId = null,
+		public readonly ?string $acceptedAt = null,
+		public readonly ?int $id = null,
+	) {}
+
+	public static function fromRow( object $row ): self {
+		return new self(
+			email:          $row->email,
+			token:          $row->token,
+			role:           $row->role,
+			status:         $row->status,
+			invitedBy:      null !== $row->invited_by ? (int) $row->invited_by : null,
+			acceptedUserId: null !== $row->accepted_user_id ? (int) $row->accepted_user_id : null,
+			acceptedAt:     $row->accepted_at,
+			id:             (int) $row->id,
+		);
+	}
+
+	public function isPending(): bool {
+		return self::STATUS_PENDING === $this->status;
+	}
+
+	/**
+	 * Returns a plain array representation of the invite.
+	 *
+	 * @return array<string, mixed>
+	 */
+	public function toArray(): array {
+		return [
+			'id'               => $this->id,
+			'email'            => $this->email,
+			'token'            => $this->token,
+			'role'             => $this->role,
+			'status'           => $this->status,
+			'invited_by'       => $this->invitedBy,
+			'accepted_user_id' => $this->acceptedUserId,
+			'accepted_at'      => $this->acceptedAt,
+		];
+	}
+}