CWIS Developer Documentation
|
Set of privileges used to access resource information or other parts of the system. More...
Public Member Functions | |
__construct ($Data=NULL) | |
Class constructor, used to create a new set or reload an existing set from previously-constructed data. More... | |
Data ($NewValue=NULL) | |
Get/set privilege set data, in the form of an opaque string. More... | |
MeetsRequirements (CWUser $User, $Resource=self::NO_RESOURCE) | |
Determine if a given user meets the requirements specified by this PrivilegeSet. More... | |
AddPrivilege ($Privileges) | |
Add specified privilege to set. More... | |
RemovePrivilege ($Privilege) | |
Remove specified privilege from set. More... | |
IncludesPrivilege ($Privilege) | |
Check whether this privilege set includes the specified privilege. More... | |
GetPrivilegeInfo () | |
Get privilege information as an array, with numerical indexes except for the logic, which is contained in a element with the index "Logic". More... | |
GetPrivilegeList () | |
Get list of privileges. More... | |
AddCondition ($Field, $Value=NULL, $Operator="==") | |
Add condition to privilege set. More... | |
RemoveCondition ($Field, $Value=NULL, $Operator="==") | |
Remove condition from privilege set. More... | |
AddSet (PrivilegeSet $Set) | |
Add subgroup of privileges/conditions to set. More... | |
AllRequired ($NewValue=NULL) | |
Get/set whether all privileges/conditions in set are required (i.e. More... | |
PrivilegeFlagsChecked () | |
List which privilege flags (e.g. More... | |
FieldsWithUserComparisons ($ComparisonType) | |
List which fields in this privset are involved in UserIs or UserIsNot comparisons for this privilege set. More... | |
Public Attributes | |
const | HAVE_RESOURCE = -1 |
const | NO_RESOURCE = "XXX NO RESOURCE XXX" |
Set of privileges used to access resource information or other parts of the system.
A privilege set is a combination of privileges (integers), MetadataFields (to check against a specified value), and privilege/MetadataField combinations.
Definition at line 16 of file PrivilegeSet.php.
PrivilegeSet::__construct | ( | $Data = NULL | ) |
Class constructor, used to create a new set or reload an existing set from previously-constructed data.
string | $Data | Existing privilege set data, previously retrieved with PrivilegeSet::Data(). (OPTIONAL) |
Definition at line 30 of file PrivilegeSet.php.
PrivilegeSet::AddCondition | ( | $Field, | |
$Value = NULL , |
|||
$Operator = "==" |
|||
) |
Add condition to privilege set.
If the condition is already present in the set, no action is taken. The $Field argument may also be PrivilegeSet::HAVE_RESOURCE to test against whether a resource is available for the privilege set check.
mixed | $Field | Metadata field object or ID to test against. |
mixed | $Value | Value to test against. (Specify NULL for User fields to test against current user and for Date/Timestamp fields to test against the current date and time.) |
string | $Operator | String containing operator to used for condition. (Standard PHP operators are used.) (OPTIONAL, defaults to "==") |
Definition at line 249 of file PrivilegeSet.php.
PrivilegeSet::AddPrivilege | ( | $Privileges | ) |
Add specified privilege to set.
If specified privilege is already part of the set, no action is taken.
mixed | $Privileges | Privilege ID or object (or array of IDs or objects). |
Definition at line 149 of file PrivilegeSet.php.
References IncludesPrivilege().
PrivilegeSet::AddSet | ( | PrivilegeSet | $Set | ) |
Add subgroup of privileges/conditions to set.
PrivilegeSet | $Set | Subgroup to add. |
Definition at line 307 of file PrivilegeSet.php.
PrivilegeSet::AllRequired | ( | $NewValue = NULL | ) |
Get/set whether all privileges/conditions in set are required (i.e.
"AND" logic), or only one privilege/condition needs to be met ("OR"). By default only one of the specified privilegs/conditions in a set is required.
bool | $NewValue | Specify TRUE if all privileges are required, otherwise FALSE if only one privilege required. (OPTIONAL) |
Definition at line 326 of file PrivilegeSet.php.
PrivilegeSet::Data | ( | $NewValue = NULL | ) |
Get/set privilege set data, in the form of an opaque string.
This method can be used to retrieve an opaque string containing privilege set data, which can then be saved (e.g. to a database) and later used to reload a privilege set. (Use instead of serialize() to avoid future issues with internal class changes.)
string | $NewValue | New privilege set data. (OPTIONAL) |
Definition at line 58 of file PrivilegeSet.php.
PrivilegeSet::FieldsWithUserComparisons | ( | $ComparisonType | ) |
List which fields in this privset are involved in UserIs or UserIsNot comparisons for this privilege set.
string | $ComparisonType | Comparison Type (one of "==" or "!=") |
Definition at line 366 of file PrivilegeSet.php.
References GetPrivilegeInfo(), and MetadataSchema\MDFTYPE_USER.
PrivilegeSet::GetPrivilegeInfo | ( | ) |
Get privilege information as an array, with numerical indexes except for the logic, which is contained in a element with the index "Logic".
Values are either an associative array with three elements, "FieldId", "Operator", and "Value", or a PrivilegeSet object (for subsets).
Definition at line 206 of file PrivilegeSet.php.
Referenced by FieldsWithUserComparisons(), and PrivilegeFlagsChecked().
PrivilegeSet::GetPrivilegeList | ( | ) |
Get list of privileges.
(Intended primarily for supporting legacy privilege operations – list contains privilege IDs only, and does not include conditions.)
Definition at line 222 of file PrivilegeSet.php.
PrivilegeSet::IncludesPrivilege | ( | $Privilege | ) |
Check whether this privilege set includes the specified privilege.
mixed | $Privilege | Privilege ID or object to check. |
Definition at line 191 of file PrivilegeSet.php.
Referenced by AddPrivilege(), and RemovePrivilege().
PrivilegeSet::MeetsRequirements | ( | CWUser | $User, |
$Resource = self::NO_RESOURCE |
|||
) |
Determine if a given user meets the requirements specified by this PrivilegeSet.
Typically used to determine if a user should be allowed access to a particular piece of data.
object | $User | CWUser object to use in comparisons. |
object | $Resource | Resource object to used for comparison, for sets that include user conditions. (OPTIONAL) |
Definition at line 92 of file PrivilegeSet.php.
References CWUser\HasPriv().
Referenced by PrivilegeSetCompatibilityShim\IsGreaterThan().
PrivilegeSet::PrivilegeFlagsChecked | ( | ) |
List which privilege flags (e.g.
PRIV_MYRESOURCEADMIN) are examined by this privset.
Definition at line 340 of file PrivilegeSet.php.
References GetPrivilegeInfo().
PrivilegeSet::RemoveCondition | ( | $Field, | |
$Value = NULL , |
|||
$Operator = "==" |
|||
) |
Remove condition from privilege set.
If condition was not present in privilege set, no action is taken.
mixed | $Field | Metadata field object or ID to test against. |
mixed | $Value | Value to test against. (Specify NULL for User fields to test against current user.) |
string | $Operator | String containing operator to used for condition. (Standard PHP operators are used.) (OPTIONAL, defaults to "==") |
Definition at line 281 of file PrivilegeSet.php.
PrivilegeSet::RemovePrivilege | ( | $Privilege | ) |
Remove specified privilege from set.
If specified privilege is not currently in the set, no action is taken.
mixed | $Privilege | Privilege ID or object to remove from set. |
Definition at line 175 of file PrivilegeSet.php.
References IncludesPrivilege().
const PrivilegeSet::HAVE_RESOURCE = -1 |
Definition at line 21 of file PrivilegeSet.php.
const PrivilegeSet::NO_RESOURCE = "XXX NO RESOURCE XXX" |
Definition at line 403 of file PrivilegeSet.php.