Comments: on this page. Click to read or post your own.

Class Permission

Description
Description | Vars (details) | Methods (details) Constants (details)

Represents a permission assigned to a group.

Located in /sapphire/security/Permission.php (line 7) 

Object
   |
   --ViewableData
      |
      --DataObject
         |
         --Permission
Class Constant Summary
Description | Constants (details) Vars (details) | | Methods (details)
DENY_PERMISSION = -1
GRANT_PERMISSION = 1
INHERIT_PERMISSION = 0
Variable Summary
Description | Vars (details) | Methods (details) Constants (details)
static bool $admin_implies_all
static mixed $db
static bool $declared_permissions
static array $declared_permissions_list
static mixed $defaults
static mixed $has_one
static bool $implied_permissions
static mixed $indexes
static $strict_checking $strict_checking
Method Summary
Description | Constants (details) Vars (details) | Methods (details)
static int|bool check (string $code, [string $arg = "any"], [int|Member $member = null], [bool $strict = true])
static int|bool checkMember (int|Member $member, string|array $code, [string $arg = "any"], [bool $strict = true])
static void declare_permissions (array $permArray)
static Permission deny (int $groupID, string $code, [string $arg = "any"])
static array get_codes ([bool|string $blankItemText = null])
static array get_declared_permissions_list ()
static DataObjectSet get_groups_by_permission ($codes $codes)
static Label get_label_for_permission ($perm $perm)
static DataObjectSet get_members_by_permission ($code $code)
static Permission grant (int $groupID, string $code, [string $arg = "any"])
static array groupList ([int $memberID = null])
static void traverse_declared_permissions (aeeay $declared, $list &$list)
void listcodes ()
void requireDefaultRecords ()
Variables
Description | Vars (details) Constants (details) | Methods (details)
static bool $admin_implies_all = true (line 79)

Set to false to prevent the 'ADMIN' permission from implying all permissions in the system

static mixed $db = array(
"Code" => "Varchar",
"Arg" => "Int",
"Type" => "Int(1)"
) (line 11)
Redefinition of:
DataObject::$db
Database field definitions.
static bool $declared_permissions = null (line 51)

Method to globally disable "strict" checking, which means a permission will be granted if the key does not exist at all.

static array $declared_permissions_list = null (line 58)

Linear list of declared permissions in the system.

  • access: protected
static mixed $defaults = array(
"Type" => 1
) (line 22)
Redefinition of:
DataObject::$defaults
Inserts standard column-values when a DataObject is instanciated. Does not insert default records {@see $default_records}.
static mixed $has_one = array(
"Group" => "Group"
) (line 16)
Redefinition of:
DataObject::$has_one
one-to-one relationship definitions.
static bool $implied_permissions = false (line 71)

If this setting is set, then permissions can imply other permissions

static mixed $indexes = array(
"Code" => true
) (line 19)
Redefinition of:
DataObject::$indexes
If a field is in this array, then create a database index on that field. This is a map from fieldname to index type.
static $strict_checking $strict_checking = true (line 64)
  • var: Boolean Method to globally disable "strict" checking, which means a permission will be granted if the key does not exist at all.

Inherited Variables

Inherited from DataObject

DataObject::$ancestry
 DataObject::$api_access
 DataObject::$belongs_many_many
 DataObject::$brokenOnDelete
 DataObject::$brokenOnWrite
 DataObject::$cache_get_one
 DataObject::$casting
 DataObject::$changed
 DataObject::$componentCache
 DataObject::$components
 DataObject::$default_records
 DataObject::$default_sort
 DataObject::$destroyed
 DataObject::$field_labels
 DataObject::$has_many
 DataObject::$many_many
 DataObject::$many_many_extraFields
 DataObject::$original
 DataObject::$plural_name
 DataObject::$record
 DataObject::$searchable_fields
 DataObject::$singular_name
 DataObject::$summary_fields

Inherited from ViewableData

ViewableData::$castingHelperPair_cache
 ViewableData::$customisedObj
 ViewableData::$failover
 ViewableData::$iteratorPos
 ViewableData::$iteratorTotalItems
 ViewableData::$namedAs
 ViewableData::$parent
 ViewableData::$_natural_cache
 ViewableData::$_object_cache
 ViewableData::$_xml_cache

Inherited from Object

Object::$builtInMethods
 Object::$class
 Object::$classConstructed
 Object::$extensions
 Object::$extension_instances
 Object::$extraMethods
 Object::$extraStatics
 Object::$statics
 Object::$static_cached
Methods
Description | Vars (details) Constants (details) Methods (details)
static method check (line 97)

Check that the current member has the given permission

  • return: The ID of the permission record if the permission exists; FALSE otherwise. If "strict" checking is disabled, TRUE will be returned if the permission does not exist at all.
  • access: public
static int|bool check (string $code, [string $arg = "any"], [int|Member $member = null], [bool $strict = true])
  • string $code: Code of the permission to check
  • string $arg: Optional argument (e.g. a permissions for a specific page)
  • int|Member $member: Optional member instance or ID. If set to NULL, the permssion will be checked for the current user
  • bool $strict: Use "strict" checking (which means a permission will be granted if the key does not exist at all)?
static method checkMember (line 123)

Check that the given member has the given permission

  • return: The ID of the permission record if the permission exists; FALSE otherwise. If "strict" checking is disabled, TRUE will be returned if the permission does not exist at all.
  • access: public
static int|bool checkMember (int|Member $member, string|array $code, [string $arg = "any"], [bool $strict = true])
  • string|array $code: Code of the permission to check
  • string $arg: Optional argument (e.g. a permissions for a specific page)
  • bool $strict: Use "strict" checking (which means a permission will be granted if the key does not exist at all)?
  • int|Member $member: memberID The ID of the member to check. Leave blank for the current member. Alternatively you can use a member object.
static method declare_permissions (line 480)

Declare an array of permissions for the system.

Permissions can be grouped by nesting arrays. Scalar values are always treated as permissions.

static void declare_permissions (array $permArray)
  • array $permArray: A (possibly nested) array of permissions to declare for the system.
static method deny (line 287)

Deny the given permission code/arg to the given group

  • return: Returns the new permission object.
  • access: public
static Permission deny (int $groupID, string $code, [string $arg = "any"])
  • int $groupID: The ID of the group
  • string $code: The permission code
  • string $arg: Optional: The permission argument (e.g. a page ID).
static method get_codes (line 424)

Get a list of all available permission codes

  • return: Returns an array of all available permission codes. The array indicies are the permission codes as used in Permission::check(). The value is a description suitable for using in an interface.
  • access: public
static array get_codes ([bool|string $blankItemText = null])
  • bool|string $blankItemText: Text for permission with the empty code (""). If set to TRUE it will be set to "(select)"; if set to NULL or FALSE the empty permission is not included in the list.
static method get_declared_permissions_list (line 496)

Get a linear list of the permissions in the system.

  • return: Linear list of declared permissions in the system.
  • access: public
static array get_declared_permissions_list ()
static method get_groups_by_permission (line 396)

Return all of the groups that have one of the given permission codes

  • return: The matching group objects
static DataObjectSet get_groups_by_permission ($codes $codes)
  • $codes $codes: array|string Either a single permission code, or an array of permission codes
static method get_label_for_permission (line 517)

Look up the human-readable title for the permission as defined by

  1. Permission::declare_permissions

  • return: for the given permission, or the permission itself if the label doesn't exist
  • access: public
static Label get_label_for_permission ($perm $perm)
  • $perm $perm: Permission code
static method get_members_by_permission (line 354)

Returns all members for a specific permission.

  • return: Returns a set of member that have the specified permission.
  • access: public
static DataObjectSet get_members_by_permission ($code $code)
  • $code $code: String|array Either a single permission code, or a list of permission codes
static method grant (line 253)

Grant the given permission code/arg to the given group

  • return: Returns the new permission object.
  • access: public
static Permission grant (int $groupID, string $code, [string $arg = "any"])
  • int $groupID: The ID of the group
  • string $code: The permission code
  • string $arg: Optional: The permission argument (e.g. a page ID).
static method groupList (line 211)

Get the list of groups that the given member belongs to.

Call without an argument to get the groups that the current member belongs to. In this case, the results will be session-cached.

  • return: Returns a list of group IDs to which the member belongs to or NULL.
  • access: public
static array groupList ([int $memberID = null])
  • int $memberID: The ID of the member. Leave blank for the current member.
static method traverse_declared_permissions (line 531)

Recursively traverse the nested list of declared permissions and create a linear list.

  • access: protected
static void traverse_declared_permissions (aeeay $declared, $list &$list)
  • aeeay $declared: Nested structure of permissions.
  • $list &$list: List of permissions in the structure. The result will be written to this array.
listcodes (line 460)
  • access: public
void listcodes ()
requireDefaultRecords (line 319)

Add default records to database.

This function is called whenever the database is built, after the database tables have all been created.

  • access: public
void requireDefaultRecords ()
Redefinition of:
DataObject::requireDefaultRecords()
Add default records to database. This function is called whenever the database is built, after the database tables have all been created. Overload this to add default records when the database is built, but make sure you call parent::requireDefaultRecords().

Inherited Methods

Inherited From DataObject

DataObject::__construct()
DataObject::baseTable()
DataObject::buildDataObjectSet()
DataObject::buildSQL()
DataObject::can()
DataObject::canCreate()
DataObject::canDelete()
DataObject::canEdit()
DataObject::canView()
DataObject::castedUpdate()
DataObject::context_obj()
DataObject::createComponent()
DataObject::customDatabaseFields()
DataObject::data()
DataObject::databaseFields()
DataObject::databaseIndexes()
DataObject::db()
DataObject::dbObject()
DataObject::debug()
DataObject::defaultSearchFilters()
DataObject::defineMethods()
DataObject::delete()
DataObject::delete_by_id()
DataObject::destroy()
DataObject::disable_subclass_access()
DataObject::duplicate()
DataObject::enable_subclass_access()
DataObject::exists()
DataObject::extendedSQL()
DataObject::fieldExists()
DataObject::fieldLabel()
DataObject::fieldLabels()
DataObject::filledOut()
DataObject::flushCache()
DataObject::forceChange()
DataObject::get()
DataObject::getAllFields()
DataObject::getChangedFields()
DataObject::getClassAncestry()
DataObject::getCMSFields()
DataObject::getComponent()
DataObject::getComponentJoinField()
DataObject::getComponents()
DataObject::getComponentsQuery()
DataObject::getDefaultSearchContext()
DataObject::getField()
DataObject::getFrontEndFields()
DataObject::getManyManyComponents()
DataObject::getManyManyComponentsQuery()
DataObject::getManyManyFilter()
DataObject::getManyManyJoin()
DataObject::getReverseAssociation()
DataObject::getTitle()
DataObject::get_by_id()
DataObject::get_by_url()
DataObject::get_one()
DataObject::hasDatabaseField()
DataObject::hasField()
DataObject::hasOwnTableDatabaseField()
DataObject::has_many()
DataObject::has_one()
DataObject::i18n_plural_name()
DataObject::i18n_singular_name()
DataObject::inheritedDatabaseFields()
DataObject::instance_get()
DataObject::instance_get_one()
DataObject::isEmpty()
DataObject::isInDB()
DataObject::listOfFields()
DataObject::many_many()
DataObject::merge()
DataObject::newClassInstance()
DataObject::onAfterWrite()
DataObject::onBeforeDelete()
DataObject::onBeforeWrite()
DataObject::plural_name()
DataObject::populateDefaults()
DataObject::relObject()
DataObject::requireDefaultRecords()
DataObject::requireTable()
DataObject::scaffoldFormFields()
DataObject::scaffoldSearchFields()
DataObject::searchableFields()
DataObject::setCastedField()
DataObject::setClassName()
DataObject::setComponent()
DataObject::setField()
DataObject::set_context_obj()
DataObject::singular_name()
DataObject::summaryFields()
DataObject::toMap()
DataObject::update()
DataObject::validate()
DataObject::write()
DataObject::writeComponents()
DataObject::writeWithoutVersion()

Inherited From ViewableData

ViewableData::ATT_val()
ViewableData::BaseHref()
ViewableData::buildCastingHelperCache()
ViewableData::cachedCall()
ViewableData::castingHelper()
ViewableData::castingHelperPair()
ViewableData::castingObjectCreator()
ViewableData::castingObjectCreatorPair()
ViewableData::CSSClasses()
ViewableData::CurrentMember()
ViewableData::CurrentPage()
ViewableData::customise()
ViewableData::Debug()
ViewableData::defineMethods()
ViewableData::escapeTypeForField()
ViewableData::Even()
ViewableData::EvenOdd()
ViewableData::First()
ViewableData::FirstLast()
ViewableData::getField()
ViewableData::getIterator()
ViewableData::getXMLValues()
ViewableData::hasField()
ViewableData::HasPerm()
ViewableData::hasValue()
ViewableData::i18nLocale()
ViewableData::IsAjax()
ViewableData::iteratorProperties()
ViewableData::JS_val()
ViewableData::Last()
ViewableData::Me()
ViewableData::Middle()
ViewableData::MiddleString()
ViewableData::obj()
ViewableData::Odd()
ViewableData::Pos()
ViewableData::RAW_val()
ViewableData::renderWith()
ViewableData::SecurityID()
ViewableData::setCustomisedObj()
ViewableData::setField()
ViewableData::SQL_val()
ViewableData::ThemeDir()
ViewableData::Top()
ViewableData::TotalItems()
ViewableData::val()
ViewableData::XML_val()
ViewableData::__get()
ViewableData::__isset()
ViewableData::__set()

Inherited From Object

Object::__construct()
Object::addMethodsFrom()
Object::addStaticVars()
Object::addWrapperMethod()
Object::add_extension()
Object::allMethodNames()
Object::buildMethodList()
Object::cacheToFile()
Object::cacheToFileWithArgs()
Object::create()
Object::createMethod()
Object::defineMethods()
Object::exists()
Object::extend()
Object::extInstance()
Object::getCustomClass()
Object::hasExtension()
Object::hasMethod()
Object::invokeWithExtensions()
Object::is_a()
Object::loadCache()
Object::parentClass()
Object::sanitiseCachename()
Object::saveCache()
Object::set_stat()
Object::set_uninherited()
Object::stat()
Object::strong_create()
Object::uninherited()
Object::useCustomClass()
Object::__call()
Object::__toString()
Class Constants
Description | Constants (details) Vars (details) | Methods (details)
DENY_PERMISSION = -1 (line 36)

This is the value to use for the "Type" field if a permission should be denied.

GRANT_PERMISSION = 1 (line 30)

This is the value to use for the "Type" field if a permission should be granted.

INHERIT_PERMISSION = 0 (line 42)

This is the value to use for the "Type" field if a permission should be inherited.

blog comments powered by Disqus

Documentation generated on Sun, 19 Oct 2008 06:44:20 +1300 by phpDocumentor 1.3.2