DefaultPermissionManager Class Reference

Detailed Description

DefaultPermissionManager retrieves authorization rules the storage.

It is configured with an entity type that stores permissions and must have the values 'resource', 'context', 'action', 'roles'.

Author
ingo herwig ingo@.nosp@m.wemo.nosp@m.ve.co.nosp@m.m

Definition at line 32 of file DefaultPermissionManager.php.

+ Inheritance diagram for DefaultPermissionManager:

Public Member Functions

 __construct (PersistenceFacade $persistenceFacade, Session $session)
 
 setPermissionType ($permissionType)
 
 getPermissions ($resource, $context, $action)
 
 setPermissions ($resource, $context, $action, $permissions)
 
 createPermission ($resource, $context, $action, $role, $modifier)
 
 removePermission ($resource, $context, $action, $role)
 
- Public Member Functions inherited from AbstractPermissionManager
 __construct (PersistenceFacade $persistenceFacade, Session $session, array $dynamicRoles=[])
 
 setPrincipalFactory (PrincipalFactory $principalFactory)
 
 authorize ($resource, $context, $action, $login=null, $applyDefaultPolicy=true)
 
 addTempPermission ($resource, $context, $action)
 
 removeTempPermission ($handle)
 
 hasTempPermission ($resource, $context, $action)
 
 clearTempPermissions ()
 

Protected Member Functions

 modifyPermission ($resource, $context, $action, $role, $modifier)
 
 getPermissionInstance ($resource, $context, $action)
 
 createPermissionObject ($resource, $context, $action, $roles)
 
- Protected Member Functions inherited from AbstractPermissionManager
 authorizeAction ($requestedResource, $permissionResource, $context, $action, $login)
 
 getDefaultPolicy ($login)
 
 parseResource ($resource)
 
 deserializePermissions ($value)
 
 serializePermissions ($permissions)
 
 matchRoles ($resource, $permissions, $login)
 
 matchRole (User $user, $role, $resource)
 

Additional Inherited Members

- Public Attributes inherited from AbstractPermissionManager
const RESOURCE_TYPE_ENTITY_TYPE = 'entity.type'
 
const RESOURCE_TYPE_ENTITY_TYPE_PROPERTY = 'entity.type.property'
 
const RESOURCE_TYPE_ENTITY_INSTANCE = 'entity.instance'
 
const RESOURCE_TYPE_ENTITY_INSTANCE_PROPERTY = 'entity.instance.property'
 
const RESOURCE_TYPE_OTHER = 'other'
 
- Public Attributes inherited from PermissionManager
const PERMISSION_MODIFIER_ALLOW = '+'
 
const PERMISSION_MODIFIER_DENY = '-'
 
- Protected Attributes inherited from AbstractPermissionManager
 $persistenceFacade = null
 
 $session = null
 
 $dynamicRoles = []
 
 $principalFactory = null
 

Constructor & Destructor Documentation

◆ __construct()

__construct ( PersistenceFacade  $persistenceFacade,
Session  $session 
)

Constructor.

Parameters
$persistenceFacade
$session

Definition at line 44 of file DefaultPermissionManager.php.

Member Function Documentation

◆ setPermissionType()

setPermissionType (   $permissionType)

Set the entity type name of Permission instances.

Parameters
$permissionTypeString

Definition at line 63 of file DefaultPermissionManager.php.

◆ getPermissions()

getPermissions (   $resource,
  $context,
  $action 
)

◆ setPermissions()

setPermissions (   $resource,
  $context,
  $action,
  $permissions 
)

◆ createPermission()

createPermission (   $resource,
  $context,
  $action,
  $role,
  $modifier 
)

◆ removePermission()

removePermission (   $resource,
  $context,
  $action,
  $role 
)

◆ modifyPermission()

modifyPermission (   $resource,
  $context,
  $action,
  $role,
  $modifier 
)
protected

Modify a permission for the given role.

Parameters
$resourceThe resource (e.g. class name of the Controller or object id).
$contextThe context in which the action takes place.
$actionThe action to process.
$roleThe role to authorize.
$modifierOne of the PERMISSION_MODIFIER_ constants, null, if the permission should be removed.
Returns
boolean

Definition at line 136 of file DefaultPermissionManager.php.

◆ getPermissionInstance()

getPermissionInstance (   $resource,
  $context,
  $action 
)
protected

Get the permission object that matches the given parameters.

Parameters
$resourceResource
$contextContext
$actionAction
Returns
Instance of _permissionType or null

Definition at line 168 of file DefaultPermissionManager.php.

◆ createPermissionObject()

createPermissionObject (   $resource,
  $context,
  $action,
  $roles 
)
protected

Create a permission object with the given parameters.

Parameters
$resourceResource
$contextContext
$actionAction
$rolesString representing the permissions as returned from serializePermissions()
Returns
Instance of _permissionType

Definition at line 186 of file DefaultPermissionManager.php.