Package DE_EPAGES::Permission::API::AttributePermission
This package provides helper functions for attribute permissions.
The following rules apply for attribute permissions:
-
<u>Rule 1</u>: Access to attributes is denied per default.
Each action on an attribute (read/write) is denied per default for each user or group (here, a trustee). In order to allow access to an attribute, permissions have to be set explicitely for the trustee-attribute pair using InsertAttributePermission. -
<u>Rule 2</u>: Deny over read.
In order to obtain read permissions on an attribute, the attribute must be set to be readable or writable at any level; otherwise, the acccess is denied. -
<u>Rule 3</u>: Write over read.
In order to get write permissions on an attribute, the attribute must be writable by the trustee itself or the attribute's permission has to be set to writable in at least one group the trustee is member of.
@EXPORT_OK |
Functions
GetReadableAttributes
Returns an array of the class' attributes that are viewable by the given user or group (i.e. trustee).
Syntax |
$ahReadableAttributes = GetReadableAttributes($Class, $UserOrGroup); |
Input |
|
Return |
|
GetWritableAttributes
Returns an array of the class' attributes that are modifiable by the given user or group (i.e. trustee). All attributes of inherited classes as well as related trustees are considered.
Syntax |
$ahWritableAttributes = GetWritableAttributes($Class, $UserOrGroup); |
Input |
|
Return |
|
IsAttributeReadable
Returns true, if the given attribute is readable by the given trustee. If no user or group is defined, the group Everyone is assumed.
Syntax |
$IsReadable = IsAttributeReadable($Attribute, $UserOrGroup); |
Input |
|
Return |
|
IsAttributeWritable
Returns true, if the given attribute can be altered by the given trustee. If no user or group is defined, the group Everyone is assumed.
Syntax |
$IsReadable = IsAttributeWritable( $Attribute, $UserOrGroup); |
Input |
|
Return |
|