PermissionResolver
This service provides methods for resolving permissions.
Methods¶
canUser() ¶
Indicates if the current user is allowed to perform an action given by the function on the given objects.
|
|
Example: canUser( 'content', 'edit', $content, [$location] ); This will check edit permission on content given the specific location, if skipped if will check on all locations.
Example2: canUser( 'section', 'assign', $content, [$section] ); Check if user has access to assign $content to $section.
Parameters
Name | Type | Default value | Description |
---|---|---|---|
$module | string | - |
The module, aka controller identifier to check permissions on |
$function | string | - |
The function, aka the controller action to check permissions on |
$object | ValueObject | - |
The object to check if the user has access to |
$targets | array<string|int, ValueObject> | [] |
An array of location, parent or "assignment" value objects |
Return values
bool
Tags
getCurrentUserReference() ¶
Get current user reference.
|
|
Return values
hasAccess() ¶
Low level permission function: Returns boolean value, or an array of limitations that user permission depends on.
|
|
Note: boolean value describes full access (true) or no access at all (false), array can be seen as a maybe..
WARNING: This is a low level method, if possible strongly prefer to use canUser() as it is able to handle limitations. This includes Role Assignment limitations, but also future policy limitations added in kernel, or as plain user configuration and/or extending the system.
Parameters
Name | Type | Default value | Description |
---|---|---|---|
$module | string | - |
The module, aka controller identifier to check permissions on |
$function | string | - |
The function, aka the controller action to check permissions on |
$userReference | UserReference|null | null |
User for which the information is returned, current user will be used if null |
Return values
bool|array<string|int, mixed>
if limitations are on this function an array of limitations is returned
Tags
lookupLimitations() ¶
|
|
Parameters
Name | Type | Default value | Description |
---|---|---|---|
$module | string | - |
The module, aka controller identifier to check permissions on |
$function | string | - |
The function, aka the controller action to check permissions on |
$object | ValueObject | - |
The object to check if the user has access to |
$targets | array<string|int, ValueObject> | [] |
An array of location, parent or "assignment" value objects |
$limitationsIdentifiers | array<string|int, string> | [] |
An array of Limitations identifiers to filter from all which will pass |
Return values
Tags
setCurrentUserReference() ¶
Sets the current user to the given $user.
|
|
Parameters
Name | Type | Default value | Description |
---|---|---|---|
$userReference | UserReference | - | - |