`mini\Database\Model` abstract class

Show private and protected members

Documentation

Abstract base class for database entities (Active Record pattern)

Provides save(), delete(), find(), and query() methods for entities. Table name is detected from #[Table] attribute via model(). Primary key is detected from #[PrimaryKey] attribute via model() (defaults to 'id').

Automatically handles:

Dehydration (entity → array) via Dehydrator (includes #[CreatedAt]/#[UpdatedAt] timestamps)
Validation via WriteValidator (if validation attributes are present)
Identity tracking (correctly detects insert vs update even if PK changes)
Authorization via can() system (override provideCanList/Create/Read/Update/Delete)

Safe vs Unsafe methods:

saveUnsafe(), deleteUnsafe() are final — guaranteed persistence layer
save(), delete() use two-layer auth: can() + updatable()/deletable() row scoping
query(), find() are overridable — default pass-through to unsafe methods
updatable(), deletable() — row-level write scoping (default to query())
queryUnsafe(), findUnsafe() are final — raw database access

Override query() to filter rows by user permissions:

public static function query(): Query {
    auth()->requireLogin();
    return static::queryUnsafe()->eq('org_id', auth()->getClaim('org_id'));
}

Override provideCanUpdate/Delete etc. for action authorization:

public function provideCanUpdate(): ?bool {
    return $this->user_id === auth()->getUserId();
}

#[Table('users')]
class User extends Model
{
    #[PrimaryKey]
    public ?int $id = null;

    public string $email = '';
    public string $name = '';
}

Properties (3)

private mixed $_modelOriginalId

Tracks the original primary key value from when entity was loaded.

private bool $_modelDeleted

Whether this entity has been deleted from the database.

private ?array $_modelOriginalData

Snapshot of property values from when the entity was loaded or last saved.

Methods (22)

protected static `provideDatabase()`

Get the database connection

protected `getOriginalPrimaryKey()`

Get the original primary key from when entity was loaded.

public static `provideCanList()`

Can the current user list entities of this class?

public static `provideCanCreate()`

Can the current user create new entities of this class?

public `provideCanRead()`

Can the current user read this entity?

public `provideCanUpdate()`

Can the current user update this entity?

public `provideCanDelete()`

Can the current user delete this entity?

public static final `queryUnsafe()`

Create a query builder without authorization filtering

public static final `findUnsafe()`

Find an entity by primary key without authorization filtering

public final `saveUnsafe()`

Save entity without authorization check — the guaranteed persistence layer

public final `deleteUnsafe()`

Delete entity without authorization check — the guaranteed persistence layer

public static `query()`

Create a query builder with authorization filtering

public static `find()`

Find an entity by primary key with authorization filtering

public static `updatable()`

Row-level scope for updates — which rows can be updated?

public static `deletable()`

Row-level scope for deletes — which rows can be deleted?

public `save()`

Save entity with authorization

public `delete()`

Delete entity with authorization

public `isDirty()`

Check which properties have changed since the entity was loaded (or last saved).

public `isInvalid()`

Check if entity is valid without saving

public `__clone()`

Reset identity on clone — cloned entity is treated as new (unsaved)

private `markLoaded()`

Mark this entity as loaded from the database

private `_snapshotProperties()`

Snapshot all public property values for dirty tracking

Source

src/Database/Model.php:62-530