AbstractPermissionManager.php
67 self::$_logger->debug("Checking authorization for: '$resource?$context?$action' and user '".$user->getLogin()."'");
191 self::$_logger->debug("Result for $resource?$context?$action: ".(!$authorized ? "not " : "")."authorized");
200 * @param $resource The resource to authorize (e.g. class name of the Controller or ObjectId instance).
207 protected function authorizeAction($resource, $context, $action, User $user, $returnNullIfNoPermissionExists=true) {
236 self::$_logger->debug("Result for $resource?$context?$action: ".(is_bool($authorized) ? ((!$authorized ? "not " : "")."authorized") : "not defined"));
308 $result = $permissions['default'] === true ? PermissionManager::PERMISSION_MODIFIER_ALLOW.'* ' :
const RESOURCE_TYPE_ENTITY_TYPE
Definition: AbstractPermissionManager.php:32
hasTempPermission($resource, $context, $action)
Definition: AbstractPermissionManager.php:387
serializePermissions($permissions)
Convert an associative permissions array with keys 'default', 'allow', 'deny' into a string...
Definition: AbstractPermissionManager.php:307
$_persistenceFacade
Definition: AbstractPermissionManager.php:42
getDefaultPolicy(User $user)
Get the default policy that is used if no permission is set up for a requested action.
Definition: AbstractPermissionManager.php:246
removeTempPermission($resource, $context, $action)
Definition: AbstractPermissionManager.php:376
authorize($resource, $context, $action, User $user=null)
Definition: AbstractPermissionManager.php:62
const RESOURCE_TYPE_ENTITY_INSTANCE_PROPERTY
Definition: AbstractPermissionManager.php:35
AbstractPermissionManager is the base class for concrete PermissionManager implementations.
Definition: AbstractPermissionManager.php:30
ObjectId is the unique identifier of an object.
Definition: ObjectId.php:27
deserializePermissions($val)
Parse a permissions string and return an associative array with the keys 'default', 'allow', 'deny', where 'allow', 'deny' are arrays itselves holding roles and 'default' is a boolean value derived from the wildcard policy (+* or -*).
Definition: AbstractPermissionManager.php:259
Session is the interface for session implementations and defines access to session variables...
Definition: Session.php:21
addTempPermission($resource, $context, $action)
Definition: AbstractPermissionManager.php:365
const RESOURCE_TYPE_OTHER
Definition: AbstractPermissionManager.php:36
const PERMISSION_MODIFIER_ALLOW
Definition: PermissionManager.php:24
static parse($oid)
Parse a serialized object id string into an ObjectId instance.
Definition: ObjectId.php:144
authorizeAction($resource, $context, $action, User $user, $returnNullIfNoPermissionExists=true)
Authorize the given resource, context, action triple using the temporary permissions or the current u...
Definition: AbstractPermissionManager.php:207
$_session
Definition: AbstractPermissionManager.php:43
const RESOURCE_TYPE_ENTITY_INSTANCE
Definition: AbstractPermissionManager.php:34
const PERMISSION_MODIFIER_DENY
Definition: PermissionManager.php:25
__construct(PersistenceFacade $persistenceFacade, Session $session)
Constructor.
Definition: AbstractPermissionManager.php:50
static createKey($resource, $context, $action)
Create an action key from the given values.
Definition: ActionKey.php:33
hasRole($roleName)
Check for a certain role in the user roles.
PersistenceFacade defines the interface for PersistenceFacade implementations.
Definition: PersistenceFacade.php:23
matchRoles($permissions, User $user)
Matches the roles of the user and the roles in the given permissions.
Definition: AbstractPermissionManager.php:332
const RESOURCE_TYPE_ENTITY_TYPE_PROPERTY
Definition: AbstractPermissionManager.php:33
clearTempPermissions()
Definition: AbstractPermissionManager.php:395