Package DE_EPAGES::Permission::API::Permission
This package provides helper functions for actions, roles and permissions.
@EXPORT_OK |
Functions
- ActionByName
- Anonymous
- AnonymousCanDoIt
- DirectActionByName
- DirectRoleByName
- Everyone
- EveryoneCanDoIt
- ExistsActionByName
- ExistsDirectActionByName
- HaveSameSite
- IsActionAllowed
- LogAction
- Registered
- RegisteredCanDoIt
- RoleByName
- SwitchInherit
PERMISSION_ALLOW (int)
Constant value used in access control lists
(DE_EPAGES::Permission::API::Table::Permission)
to indicates that permission is allowed. (value=1)
PERMISSION_DENY (int)
Constant value used in access control lists
(DE_EPAGES::Permission::API::Table::Permission)
to indicates that permission is denied. (value=2)
ActionByName
Returns the action object by alias. The action may be inherited from a super class. If $IsMobile is true, returns the action 'MobileSF-'.$Alias if it exists for the same class where $Alias exists.
Syntax |
$Action = ActionByName( $Class, $Alias ); $Action = ActionByName( $Class, $Alias, $IsMobile ); |
Example |
$Action = ActionByName( LoadClassByAlias('Shop'), 'Delete' ); |
Input |
|
Return |
|
Anonymous
System user which contains permissions, which every anonymous user can do or better dont can do.
Syntax |
$AnonymousUser = Anonymous(); |
Return |
|
AnonymousCanDoIt
Checks if registered users are allowed to perform an action on an object.
Syntax |
$Allow = AnonymousCanDoIt( $Object, $ActionName ); |
Input |
|
Return |
|
DirectActionByName
Returns the action object by alias. The action must be defined directly in the class $Class and cannot be inherited from a super class.
Syntax |
$Action = DirectActionByName( $Class, $Alias ); |
Example |
$Action = DirectActionByName( LoadClassByAlias('Object'), 'Delete' ); |
Input |
|
Return |
|
DirectRoleByName
Returns the role object by alias. The role must be defined directly in the class $Class and cannot be inherited from a super class.
Syntax |
$Role = DirectRoleByName( $Class, $Alias ); |
Example |
$Role = DirectRoleByName( LoadClassByAlias('Shop'), 'Merchant' ); |
Input |
|
Return |
|
Everyone
System user which contains permissions, which everybody can do.
Syntax |
$EveryoneUser = Everyone(); |
Return |
|
EveryoneCanDoIt
Checks if all users are allowed to perform an action on an object.
Syntax |
$Allow = EveryoneCanDoIt( $Object, $ActionName ); |
Input |
|
Return |
|
ExistsActionByName
Returns true if action exists. The action may be inherited from a super class.
Syntax |
$Exists = ExistsActionByName( $Class, $Alias ); |
Example |
$Exists = ExistsActionByName( LoadClassByAlias('Shop'), 'Delete' ); |
Input |
|
Return |
|
ExistsDirectActionByName
Returns true if the action is defined directly in the class $Class and not inherited from a super class.
Syntax |
$Exists = ExistsDirectActionByName( $Class, $Alias ); |
Example |
if( ExistsDirectActionByName( LoadClassByAlias('Object'), 'Delete' ) ) { ... } |
Input |
|
Return |
|
HaveSameSite
Returns whether a list of objects have the same site.
Syntax |
$Role = HaveSameSite( $Site, $User ); |
Example |
$Role = HaveSameSite( $Shop, $LoginUser ); |
Input |
|
Return |
|
IsActionAllowed
Checks if the specified user is allowed to perform an action on an object.
- Rule 1: Deny over Allow
if permission is denied at any level, it is always denied, even if it's explicitely allowed on another level - Rule 2: Deny by default
permission is always denied unless explicitely granted
Syntax |
$Allow = IsActionAllowed( $Object, $UserOrGroup, $ActionOrRole ); |
Example |
if( IsActionAllowed( $Object, $UserOrGroup, $ActionOrRole ) ) { .. } |
Input |
|
Return |
|
LogAction
Writes a debug message to log category AUDITING.$Category.$ClassAlias.$ActionAlias
Syntax |
LogAction($Category, $Object, $User, $Action, @Params) |
Input |
|
Registered
System user which contains permissions, which every registered user can do.
Syntax |
$RegisteredUser = Registered(); |
Return |
|
RegisteredCanDoIt
Checks if registered users are allowed to perform an action on an object.
Syntax |
$Allow = RegisteredCanDoIt( $Object, $ActionName ); |
Input |
|
Return |
|
RoleByName
Returns the role object by alias. The role may be inherited from a super class.
Syntax |
$Role = RoleByName( $Class, $Alias ); |
Example |
$Role = RoleByName( LoadClassByAlias('Shop'), 'Merchant' ); |
Input |
|
Return |
|
SwitchInherit
Switches the inherit flag of the object and copies/removes the permissions of parent object.
Syntax |
SwitchInherit( $Object ); |
Input |
|