Gentics Portal.Node PHP API
 All Classes Namespaces Functions Variables Pages
Static Public Member Functions | Public Attributes | Static Protected Member Functions | List of all members
Rights Class Reference

Static Public Member Functions

static assign ($itemName, $userId, $bizRule=null, $data=null)
static revoke ($itemName, $userId)
static getAssignedRoles ($userId=null, $sort=true)
static getBaseUrl ()
static getAuthItemOptions ()
static getAuthItemTypeName ($type)
static getAuthItemTypeNamePlural ($type)
static getAuthItemRoute ($type)
static getValidChildTypes ($type)
static getAuthItemSelectOptions ($type=null, $exclude=array())
static getParentAuthItemSelectOptions (CAuthItem $parent, $type=null, $exclude=array())
static getDataCsrf ()
static getCsrfParam ()
static powered ()
static module ()
static getAuthorizer ()
static t ($category, $message, $params=array(), $source=null, $language=null)

Public Attributes

const PERM_NONE = 0
const PERM_DIRECT = 1
const PERM_INHERITED = 2

Static Protected Member Functions

static generateAuthItemSelectOptions ($items, $type)

Detailed Description

Rights helper class file.

Provides static functions for interaction with Rights from outside of the module.

Author
Christoffer Niska cnisk.nosp@m.a@li.nosp@m.ve.co.nosp@m.m
Since
0.9.1

Definition at line 11 of file Rights.php.

Member Function Documentation

static Rights::assign (   $itemName,
  $userId,
  $bizRule = null,
  $data = null 
)
static

Assigns an authorization item to a specific user.

Parameters
string$itemNamethe name of the item to assign.
integer$userIdthe user id of the user for which to assign the item.
string$bizRulebusiness rule associated with the item. This is a piece of PHP code that will be executed when checkAccess is called for the item.
mixed$dataadditional data associated with the item.
Returns
CAuthItem the authorization item

Definition at line 29 of file Rights.php.

References getAuthorizer().

{
$authorizer = self::getAuthorizer();
return $authorizer->authManager->assign($itemName, $userId, $bizRule, $data);
}
static Rights::generateAuthItemSelectOptions (   $items,
  $type 
)
staticprotected

Generates the authorization item select options.

Parameters
array$itemsthe authorization items.
mixed$typethe item type (0: operation, 1: task, 2: role).
Returns
array the select options.

Definition at line 188 of file Rights.php.

References getAuthItemTypeNamePlural().

Referenced by getAuthItemSelectOptions(), and getParentAuthItemSelectOptions().

{
$selectOptions = array();
// We have multiple types, nest the items under their types
if( $type!==(int)$type )
{
foreach( $items as $itemName=>$item )
$selectOptions[ self::getAuthItemTypeNamePlural($item->type) ][ $itemName ] = $item->getNameText();
}
// We have only one type
else
{
foreach( $items as $itemName=>$item )
$selectOptions[ $itemName ] = $item->getNameText();
}
return $selectOptions;
}
static Rights::getAssignedRoles (   $userId = null,
  $sort = true 
)
static

Returns the roles assigned to a specific user. If no user id is provided the logged in user will be used.

Parameters
integer$userIdthe user id of the user for which roles to get.
boolean$sortwhether to sort the items by their weights.
Returns
array the roles.

Definition at line 54 of file Rights.php.

References getAuthorizer().

{
$user = Yii::app()->getUser();
if( $userId===null && $user->isGuest===false )
$userId = $user->id;
$authorizer = self::getAuthorizer();
return $authorizer->getAuthItems(CAuthItem::TYPE_ROLE, $userId, null, $sort);
}
static Rights::getAuthItemOptions ( )
static

Returns the list of authorization item types.

Returns
array the list of types.

Definition at line 78 of file Rights.php.

References t().

Referenced by getAuthItemTypeName().

{
return array(
CAuthItem::TYPE_OPERATION=>Rights::t('core', 'Operation'),
CAuthItem::TYPE_TASK=>Rights::t('core', 'Task'),
CAuthItem::TYPE_ROLE=>Rights::t('core', 'Role'),
);
}
static Rights::getAuthItemRoute (   $type)
static

Returns the route to a specific authorization item list view.

Parameters
integer$typethe item type (0: operation, 1: task, 2: role).
Returns
array the route.

Definition at line 122 of file Rights.php.

References t().

{
switch( (int)$type )
{
case CAuthItem::TYPE_OPERATION: return array('authItem/operations');
case CAuthItem::TYPE_TASK: return array('authItem/tasks');
case CAuthItem::TYPE_ROLE: return array('authItem/roles');
default: throw new CException(Rights::t('core', 'Invalid authorization item type.'));
}
}
static Rights::getAuthItemSelectOptions (   $type = null,
  $exclude = array() 
)
static

Returns the authorization item select options.

Parameters
mixed$typethe item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type.
array$excludethe items to be excluded.
Returns
array the select options.

Definition at line 160 of file Rights.php.

References generateAuthItemSelectOptions(), and getAuthorizer().

Referenced by AssignmentController\actionUser().

{
$authorizer = self::getAuthorizer();
$items = $authorizer->getAuthItems($type, null, null, true, $exclude);
return self::generateAuthItemSelectOptions($items, $type);
}
static Rights::getAuthItemTypeName (   $type)
static

Returns the name of a specific authorization item.

Parameters
integer$typethe item type (0: operation, 1: task, 2: role).
Returns
string the authorization item type name.

Definition at line 92 of file Rights.php.

References getAuthItemOptions(), and t().

Referenced by RAuthItemBehavior\getTypeText().

{
if( isset($options[ $type ])===true )
return $options[ $type ];
else
throw new CException(Rights::t('core', 'Invalid authorization item type.'));
}
static Rights::getAuthItemTypeNamePlural (   $type)
static

Returns the name of a specific authorization item in plural.

Parameters
integer$typethe item type (0: operation, 1: task, 2: role).
Returns
string the authorization item type name.

Definition at line 106 of file Rights.php.

References t().

Referenced by generateAuthItemSelectOptions().

{
switch( (int)$type )
{
case CAuthItem::TYPE_OPERATION: return Rights::t('core', 'Operations');
case CAuthItem::TYPE_TASK: return Rights::t('core', 'Tasks');
case CAuthItem::TYPE_ROLE: return Rights::t('core', 'Roles');
default: throw new CException(Rights::t('core', 'Invalid authorization item type.'));
}
}
static Rights::getAuthorizer ( )
static
static Rights::getBaseUrl ( )
static

Returns the base url to Rights.

Returns
the url to Rights.

Definition at line 68 of file Rights.php.

References module().

{
$module = self::module();
return Yii::app()->createUrl($module->baseUrl);
}
static Rights::getCsrfParam ( )
static

Returns the cross-site request forgery parameter for Ajax-requests. Null is returned if csrf-validation is disabled.

Returns
string the csrf parameter.

Definition at line 224 of file Rights.php.

{
if( Yii::app()->request->enableCsrfValidation===true )
{
$csrfTokenName = Yii::app()->request->csrfTokenName;
$csrfToken = Yii::app()->request->csrfToken;
return "'$csrfTokenName':'$csrfToken'";
}
else
{
return null;
}
}
static Rights::getDataCsrf ( )
static

Returns the cross-site request forgery parameter to be placed in the data of Ajax-requests. An empty string is returned if csrf-validation is disabled.

Returns
string the csrf parameter.

Definition at line 214 of file Rights.php.

Referenced by RAuthItemBehavior\getAssignPermissionLink(), and RAuthItemBehavior\getRevokePermissionLink().

{
return ($csrf = self::getCsrfParam())!==null ? ', '.$csrf : '';
}
static Rights::getParentAuthItemSelectOptions ( CAuthItem  $parent,
  $type = null,
  $exclude = array() 
)
static

Returns the valid authorization item select options for a model.

Parameters
mixed$parentthe item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type.
CAuthItem$typethe item for which to get the select options.
array$excludethe items to be excluded.
Returns
array the select options.

Definition at line 175 of file Rights.php.

References generateAuthItemSelectOptions(), and getAuthorizer().

Referenced by AuthItemController\actionUpdate().

{
$authorizer = self::getAuthorizer();
$items = $authorizer->getAuthItems($type, null, $parent, true, $exclude);
return self::generateAuthItemSelectOptions($items, $type);
}
static Rights::getValidChildTypes (   $type)
static

Returns the valid child item types for a specific type.

Parameters
string$typethe item type (0: operation, 1: task, 2: role).
Returns
array the valid types.

Definition at line 138 of file Rights.php.

References t().

Referenced by AuthItemController\actionUpdate().

{
switch( (int)$type )
{
// Roles can consist of any type of authorization items
case CAuthItem::TYPE_ROLE: return null;
// Tasks can consist of other tasks and operations
case CAuthItem::TYPE_TASK: return array(CAuthItem::TYPE_TASK, CAuthItem::TYPE_OPERATION);
// Operations can consist of other operations
case CAuthItem::TYPE_OPERATION: return array(CAuthItem::TYPE_OPERATION);
// Invalid type
default: throw new CException(Rights::t('core', 'Invalid authorization item type.'));
}
}
static Rights::module ( )
static
static Rights::powered ( )
static
Returns
string a string that can be displayed on your Web page showing Powered-by-Rights information.

Definition at line 242 of file Rights.php.

References module().

{
$module = self::module();
return 'Secured with <a href="http://www.yiiframework.com/extension/rights" rel="external">Rights</a> version '.$module->getVersion().'.';
}
static Rights::revoke (   $itemName,
  $userId 
)
static

Revokes an authorization item from a specific user.

Parameters
string$itemNamethe name of the item to revoke.
integer$userIdthe user id of the user for which to revoke the item.
Returns
boolean whether the item was removed.

Definition at line 41 of file Rights.php.

References getAuthorizer().

{
$authorizer = self::getAuthorizer();
return $authorizer->authManager->revoke($itemName, $userId);
}
static Rights::t (   $category,
  $message,
  $params = array(),
  $source = null,
  $language = null 
)
static

Translates a message to the specified language. Wrapper class for setting the category correctly.

Parameters
string$categorymessage category.
string$messagethe original message.
array$paramsparameters to be applied to the message using strtr.
string$sourcewhich message source application component to use.
string$languagethe target language.
Returns
string the translated message.

Definition at line 302 of file Rights.php.

Referenced by RController\accessDenied(), AuthItemController\actionAssign(), AuthItemController\actionCreate(), AuthItemController\actionDelete(), AuthItemController\actionGenerate(), AuthItemController\actionPermissions(), AuthItemController\actionRemoveChild(), AssignmentController\actionRevoke(), AuthItemController\actionRevoke(), InstallController\actionRun(), AuthItemController\actionSortable(), AuthItemController\actionUpdate(), AssignmentController\actionUser(), AuthChildForm\attributeLabels(), AssignmentForm\attributeLabels(), AuthItemForm\attributeLabels(), AuthItemForm\bizRuleNotEmpty(), RAuthItemBehavior\getAssignPermissionLink(), getAuthItemOptions(), getAuthItemRoute(), getAuthItemTypeName(), getAuthItemTypeNamePlural(), RAuthItemBehavior\getDeleteOperationLink(), RAuthItemBehavior\getDeleteRoleLink(), RAuthItemBehavior\getDeleteTaskLink(), RAuthItemBehavior\getInheritedPermissionText(), RAuthItemBehavior\getRemoveChildLink(), RAuthItemBehavior\getRemoveParentLink(), RAuthItemBehavior\getRevokeAssignmentLink(), RAuthItemBehavior\getRevokePermissionLink(), RAuthorizer\getSuperusers(), AuthItemController\getType(), getValidChildTypes(), RInstaller\init(), AuthItemForm\isSuperuser(), AuthItemController\loadModel(), and AuthItemForm\nameIsAvailable().

{
return Yii::t('RightsModule.'.$category, $message, $params, $source, $language);
}

The documentation for this class was generated from the following file: