Skip to main content

Overview

The DenyResourceAction class handles the denial of pending resource requests. It updates the request status, logs the decision, and sends an email notification to the requester.
This action does not have any constructor dependencies. It can be instantiated directly without dependency injection.

Method Signature

public function execute(
    PendingResource $pending,
    User $admin
): void

Parameters

pending
PendingResource
required
The pending resource request to deny (Eloquent model instance)
admin
User
required
The admin user denying the request (used for audit logging)

Return Value

This action returns void (no return value).

Side Effects

This action performs the following side effects:
  1. Database Update: Updates the PendingResource record:
    • Sets status to 'denied'
    • Sets decided_at to the current timestamp
  2. Audit Log: Creates a ResourceLog entry with action type Denied
  3. Email Notification: Sends a ResourceDecisionNotification email to the requester with approved: false (if email is available)
Unlike ApproveResourceAction, this action does not interact with the NetBird API or create any resources. The pending request remains in the database with a denied status.

Example Usage

use App\Actions\DenyResourceAction;
use App\Models\{User, PendingResource};

// Instantiate the action (no dependencies required)
$action = new DenyResourceAction();

// Fetch the pending request
$pending = PendingResource::find(1);
$admin = User::find(2);

// Execute the action
$action->execute(
    pending: $pending,
    admin: $admin
);

// The pending request is now marked as denied
echo $pending->fresh()->status; // "denied"
echo $pending->fresh()->decided_at; // Current timestamp

Email Notification

The action automatically sends an email notification to the requester if the pending resource has a requested_email value. The email uses the ResourceDecisionNotification mailable with approved: false.
Email notifications are sent asynchronously if your application is configured to use queues. If the email fails to send, the denial operation still succeeds.

Denied vs Deleted Requests

Denied requests remain in the database with status = 'denied'. They are not deleted. This preserves the request history for audit purposes. Use CancelResourceRequestAction if you want to remove a pending request entirely.

Error Scenarios

This action has minimal error scenarios since it only performs database updates and email sending:
  • Database errors: Will throw an exception if the database update fails
  • Email errors: Will not prevent the denial from succeeding (emails are typically queued)

Source Reference

Implementation: /home/daytona/workspace/source/app/Actions/DenyResourceAction.php:19 Email notification helper: /home/daytona/workspace/source/app/Actions/DenyResourceAction.php:37

Build docs developers (and LLMs) love

Get started for freeTalk to us