add attribute targets

[withinboredom]

Summary by CodeRabbit

• Refactor
  • Expanded the applicability of several attributes, allowing them to be used on all possible targets and, where relevant, to be repeatable.
  • No changes to existing logic or functionality; updates affect only how and where attributes can be applied.

[coderabbitai]

Walkthrough

The attribute declarations for several PHP classes were updated to expand their applicability. Specifically, the Attribute::TARGET_ALL flag was added to each attribute, allowing them to be used on any target type. In some cases, this was combined with Attribute::IS_REPEATABLE. No other class logic or structure was changed.

Changes

Cohort / File(s)	Change Summary
Repeatable + All Targets Attributes src/State/Attributes/AllowAnyOperation.php, src/State/Attributes/AllowCreateForRole.php, src/State/Attributes/AllowCreateForUser.php, src/State/Attributes/AllowCreateFrom.php, src/State/Attributes/DenyAnyOperation.php	Updated attribute declarations to include both Attribute::IS_REPEATABLE and Attribute::TARGET_ALL, making them usable on all targets and repeatable.
All Targets Attributes src/State/Attributes/AllowCreateAll.php, src/State/Attributes/AllowCreateForAuth.php	Updated attribute declarations to explicitly use Attribute::TARGET_ALL, allowing usage on all target types.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

A hop, a skip, across the code,
Attributes now can freely goad.
On classes, methods, fields, and more,
Their reach expanded, scope galore!
With flags combined, the work is neat—
A rabbit’s job is now complete! 🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/targets

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

src/State/Attributes/AllowCreateAll.php (1)

29-33: Align attribute flags with the rest of the AccessControl suite

Most sibling attributes (AllowAnyOperation, DenyAnyOperation, AllowCreateFor*, etc.) are declared as repeatable. Unless there is a specific reason for AllowCreateAll to be single-use only, marking it repeatable keeps the API surface symmetric and avoids a compile-time error if someone accidentally stacks the attribute.

-#[Attribute(Attribute::TARGET_ALL)]
+#[Attribute(Attribute::IS_REPEATABLE | Attribute::TARGET_ALL)]

If single-use is intentional, consider adding an explanatory doc-block to make that constraint explicit.

src/State/Attributes/AllowCreateForUser.php (1)

30-32: Align with sibling attributes by declaring the class readonly

Other access-control attributes in this namespace (AllowCreateForRole, AllowCreateAll, …) are marked readonly, guaranteeing their public data remains immutable once instantiated.
For consistency and defensive coding, consider the same here:

-class AllowCreateForUser implements AccessControl
+readonly class AllowCreateForUser implements AccessControl

src/State/Attributes/AllowAnyOperation.php (1)

10-17: Consider declaring the class readonly for immutability parity
Several sibling attributes (AllowCreateForRole, AllowCreateForAuth, AllowCreateFrom) are declared readonly, signalling that their constructor-promoted properties should never mutate. AllowAnyOperation follows the same “bag of params” pattern, so marking it readonly improves consistency and prevents accidental state changes.

- class AllowAnyOperation implements AccessControl
+ readonly class AllowAnyOperation implements AccessControl

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7e82629 and adad096.

📒 Files selected for processing (7)

• src/State/Attributes/AllowAnyOperation.php (1 hunks)
• src/State/Attributes/AllowCreateAll.php (1 hunks)
• src/State/Attributes/AllowCreateForAuth.php (1 hunks)
• src/State/Attributes/AllowCreateForRole.php (1 hunks)
• src/State/Attributes/AllowCreateForUser.php (1 hunks)
• src/State/Attributes/AllowCreateFrom.php (1 hunks)
• src/State/Attributes/DenyAnyOperation.php (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (6)

src/State/Attributes/AllowCreateFrom.php (6)

src/State/Attributes/AllowAnyOperation.php (1)

• Attribute (9-18)

src/State/Attributes/AllowCreateForAuth.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateAll.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForUser.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForRole.php (1)

• Attribute (29-33)

src/State/Attributes/DenyAnyOperation.php (1)

• Attribute (31-40)

src/State/Attributes/AllowCreateForRole.php (4)

src/State/Attributes/AllowCreateForAuth.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateAll.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForUser.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateFrom.php (1)

• Attribute (11-28)

src/State/Attributes/DenyAnyOperation.php (6)

src/State/Attributes/AllowAnyOperation.php (1)

• Attribute (9-18)

src/State/Attributes/AllowCreateForAuth.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateAll.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForUser.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForRole.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateFrom.php (1)

• Attribute (11-28)

src/State/Attributes/AllowCreateForUser.php (4)

src/State/Attributes/AllowCreateForAuth.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateAll.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForRole.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateFrom.php (1)

• Attribute (11-28)

src/State/Attributes/AllowCreateAll.php (6)

src/State/Attributes/AllowAnyOperation.php (1)

• Attribute (9-18)

src/State/Attributes/AllowCreateForAuth.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForUser.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForRole.php (1)

• Attribute (29-33)

src/State/Attributes/DenyAnyOperation.php (1)

• Attribute (31-40)

src/State/Attributes/AllowCreateFrom.php (1)

• Attribute (11-28)

src/State/Attributes/AllowAnyOperation.php (6)

src/State/Attributes/AllowCreateForAuth.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateAll.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForUser.php (1)

• Attribute (29-33)

src/State/Attributes/AllowCreateForRole.php (1)

• Attribute (29-33)

src/State/Attributes/DenyAnyOperation.php (1)

• Attribute (31-40)

src/State/Attributes/AllowCreateFrom.php (1)

• Attribute (11-28)

🔇 Additional comments (6)

src/State/Attributes/AllowCreateForAuth.php (1)

29-29: LGTM! Attribute target expansion correctly implemented.

The addition of Attribute::TARGET_ALL properly expands the scope of this attribute to allow usage on any target type (classes, methods, properties, parameters, etc.). This change aligns with the PR objective and follows PHP attribute conventions.

src/State/Attributes/DenyAnyOperation.php (1)

31-31: LGTM! Consistent attribute target expansion.

The addition of Attribute::TARGET_ALL expands the attribute's applicability to all target types while maintaining its repeatable nature. This change is consistent with similar modifications made to other access control attributes in the same directory (AllowAnyOperation, AllowCreateForRole, AllowCreateForUser, etc.).

src/State/Attributes/AllowCreateForRole.php (1)

29-29: LGTM! Consistent attribute target expansion.

The addition of Attribute::TARGET_ALL to the attribute declaration aligns with the systematic changes made across other access control attributes in this directory, providing greater flexibility for attribute placement while maintaining the repeatable nature.

src/State/Attributes/AllowCreateForUser.php (1)

29-29: Target broadened to Attribute::TARGET_ALL – please confirm scope is intentional

Expanding the target to all language elements increases flexibility but also raises the chance the attribute is placed on irrelevant constructs (e.g. parameters, properties) where the runtime logic may ignore or mis-interpret it.
Double-check that your attribute-processing codepaths gracefully handle every possible target or, if not, limit the mask to only the supported ones (e.g. CLASS | METHOD).

src/State/Attributes/AllowAnyOperation.php (1)

9-9: Consistent use of TARGET_ALL – looks good
Adding Attribute::TARGET_ALL aligns this attribute with the others in the folder and broadens applicability without affecting behaviour.

src/State/Attributes/AllowCreateFrom.php (1)

11-11: AllowCreateFrom attribute target expansion is safe.

I’ve verified that AllowCreateFrom is only instantiated explicitly (via createAttribute) and isn’t auto-discovered on methods, properties, etc. No reflection code would suddenly pick it up on other targets, so adding TARGET_ALL is backward-compatible and aligns with the other attributes in this PR.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 46.77%. Comparing base (7e82629) to head (adad096).
⚠️ Report is 1 commits behind head on v2.

Additional details and impacted files

@@             Coverage Diff              @@
##                 v2     #156      +/-   ##
============================================
- Coverage     46.83%   46.77%   -0.06%     
  Complexity     1313     1313              
============================================
  Files           103      103              
  Lines          3677     3677              
============================================
- Hits           1722     1720       -2     
- Misses         1955     1957       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Performance Metrics

test	time (s)	memory usage
perf	16.12	170
Fan out/in	60.05	8