Public Member Functions | |
init () | |
getRoles ($includeSuperuser=true, $sort=true) | |
createAuthItem ($name, $type, $description= '', $bizRule=null, $data=null) | |
updateAuthItem ($oldName, $name, $description= '', $bizRule=null, $data=null) | |
getAuthItems ($types=null, $userId=null, CAuthItem $parent=null, $sort=true, $exclude=array()) | |
getAuthItemParents ($item, $type=null, $parentName=null, $direct=false) | |
getAuthItemChildren ($item, $type=null) | |
attachAuthItemBehavior ($items, $userId=null, CAuthItem $parent=null) | |
getSuperusers () | |
attachUserBehavior ($users) | |
isSuperuser ($userId) | |
getPermissions ($itemName=null) | |
hasPermission ($itemName, $parentName=null, $permissions=array()) | |
getAuthManager () |
Public Attributes | |
$superuserName |
Protected Member Functions | |
mergeAuthItems ($array1, $array2) | |
excludeInvalidAuthItems ($items, CAuthItem $parent=null, $exclude=array()) | |
sanitizeExpression ($code) |
Rights authorizer component class file.
Definition at line 9 of file RAuthorizer.php.
RAuthorizer::attachAuthItemBehavior | ( | $items, | |
$userId = null , |
|||
CAuthItem | $parent = null |
||
) |
Attaches the rights authorization item behavior to the given item.
mixed | $items | the item or items to which attach the behavior. |
int | $userId | the ID of the user to which the item is assigned. |
CAuthItem | $parent | the parent of the given item. |
Definition at line 289 of file RAuthorizer.php.
Referenced by getAuthItemChildren(), getAuthItemParents(), getAuthItems(), and getRoles().
RAuthorizer::attachUserBehavior | ( | $users | ) |
Attaches the rights user behavior to the given users.
mixed | $users | the user or users to which attach the behavior. |
Definition at line 347 of file RAuthorizer.php.
References Rights\module().
Referenced by getSuperusers().
RAuthorizer::createAuthItem | ( | $name, | |
$type, | |||
$description = '' , |
|||
$bizRule = null , |
|||
$data = null |
|||
) |
Creates an authorization item.
string | $name | the item name. This must be a unique identifier. |
integer | $type | the item type (0: operation, 1: task, 2: role). |
string | $description | the description for the item. |
string | $bizRule | business rule associated with the item. This is a piece of PHP code that will be executed when checkAccess is called for the item. |
mixed | $data | additional data associated with the item. |
Definition at line 58 of file RAuthorizer.php.
References sanitizeExpression().
|
protected |
Excludes invalid authorization items. When an item is provided its parents and children are excluded aswell.
array | $items | the authorization items to process. |
CAuthItem | $parent | the item to check valid authorization items for. |
array | $exclude | additional items to be excluded. |
Definition at line 161 of file RAuthorizer.php.
References getAuthItemParents().
Referenced by getAuthItems().
RAuthorizer::getAuthItemChildren | ( | $item, | |
$type = null |
|||
) |
Returns the children for the specified authorization item recursively.
mixed | $item | the item for which to get its children. |
integer | $type | the item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type. |
Definition at line 261 of file RAuthorizer.php.
References attachAuthItemBehavior().
RAuthorizer::getAuthItemParents | ( | $item, | |
$type = null , |
|||
$parentName = null , |
|||
$direct = false |
|||
) |
Returns the parents of the specified authorization item.
mixed | $item | the item name for which to get its parents. |
integer | $type | the item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type. |
string | $parentName | the name of the item in which permissions to search. |
boolean | $direct | whether we want the specified items parent or all parents. |
Definition at line 197 of file RAuthorizer.php.
References attachAuthItemBehavior(), and getPermissions().
Referenced by excludeInvalidAuthItems().
RAuthorizer::getAuthItems | ( | $types = null , |
|
$userId = null , |
|||
CAuthItem | $parent = null , |
||
$sort = true , |
|||
$exclude = array() |
|||
) |
Returns the authorization items of the specific type and user.
mixed | $types | the item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type. |
mixed | $userId | the user ID. Defaults to null, meaning returning all items even if they are not assigned to a user. |
CAuthItem | $parent | the item for which to get the select options. |
boolean | $sort | sort items by to weights. |
array | $exclude | the items to be excluded. |
Definition at line 107 of file RAuthorizer.php.
References attachAuthItemBehavior(), excludeInvalidAuthItems(), and mergeAuthItems().
Referenced by getRoles().
RAuthorizer::getAuthManager | ( | ) |
Definition at line 507 of file RAuthorizer.php.
RAuthorizer::getPermissions | ( | $itemName = null | ) |
Returns the permissions for a specific authorization item.
string | $itemName | the name of the item for which to get permissions. Defaults to null, meaning that the full permission tree is returned. |
Definition at line 385 of file RAuthorizer.php.
References getRoles().
Referenced by getAuthItemParents(), and hasPermission().
RAuthorizer::getRoles | ( | $includeSuperuser = true , |
|
$sort = true |
|||
) |
Returns the a list of all roles.
boolean | $includeSuperuser | whether to include the superuser. |
boolean | $sort | whether to sort the items by their weights. |
Definition at line 38 of file RAuthorizer.php.
References attachAuthItemBehavior(), and getAuthItems().
Referenced by getPermissions().
RAuthorizer::getSuperusers | ( | ) |
Returns the users with superuser privileges.
CHttpException |
Definition at line 310 of file RAuthorizer.php.
References attachUserBehavior(), Rights\module(), and Rights\t().
RAuthorizer::hasPermission | ( | $itemName, | |
$parentName = null , |
|||
$permissions = array() |
|||
) |
Returns the permission type for an authorization item.
string | $itemName | the name of the item to check permission for. |
string | $parentName | the name of the item in which permissions to look. |
array | $permissions | the permissions. |
Definition at line 430 of file RAuthorizer.php.
References getPermissions().
RAuthorizer::init | ( | ) |
Initializes the authorizer.
Definition at line 23 of file RAuthorizer.php.
RAuthorizer::isSuperuser | ( | $userId | ) |
Returns whether the user is a superuser.
integer | $userId | the id of the user to do the check for. |
Definition at line 371 of file RAuthorizer.php.
|
protected |
Merges two arrays with authorization items preserving the keys.
array | $array1 | the items to merge to. |
array | $array2 | the items to merge from. |
Definition at line 140 of file RAuthorizer.php.
Referenced by getAuthItems().
|
protected |
Tries to sanitize code to make it safe for execution.
string | $code | the code to be execute. |
Definition at line 462 of file RAuthorizer.php.
Referenced by createAuthItem(), and updateAuthItem().
RAuthorizer::updateAuthItem | ( | $oldName, | |
$name, | |||
$description = '' , |
|||
$bizRule = null , |
|||
$data = null |
|||
) |
Updates an authorization item.
string | $oldName | the item name. This must be a unique identifier. |
integer | $name | the item type (0: operation, 1: task, 2: role). |
string | $description | the description for the item. |
string | $bizRule | business rule associated with the item. This is a piece of PHP code that will be executed when checkAccess is called for the item. |
mixed | $data | additional data associated with the item. |
Definition at line 79 of file RAuthorizer.php.
References sanitizeExpression().