CWIS Developer Documentation
|
Set of privileges used to access resource information or other parts of the system. More...
Public Member Functions | |
__construct ($Data=NULL) | |
Class constructor, used to create a new set or reload an existing set from previously-constructed data. More... | |
Data ($NewValue=NULL) | |
Get/set privilege set data, in the form of an opaque string. More... | |
MeetsRequirements (CWUser $User, $Resource=self::NO_RESOURCE) | |
Determine if a given user meets the requirements specified by this PrivilegeSet. More... | |
AddPrivilege ($Privileges) | |
Add specified privilege to set. More... | |
RemovePrivilege ($Privilege) | |
Remove specified privilege from set. More... | |
IncludesPrivilege ($Privilege) | |
Check whether this privilege set includes the specified privilege. More... | |
GetPrivilegeInfo () | |
Get privilege information as an array, with numerical indexes except for the logic, which is contained in a element with the index "Logic". More... | |
GetPrivilegeList () | |
Get list of privileges. More... | |
AddCondition ($Field, $Value=NULL, $Operator="==") | |
Add condition to privilege set. More... | |
RemoveCondition ($Field, $Value=NULL, $Operator="==", $IncludeSubsets=FALSE) | |
Remove condition from privilege set. More... | |
AddSet (PrivilegeSet $Set) | |
Add subgroup of privileges/conditions to set. More... | |
AllRequired ($NewValue=NULL) | |
Get/set whether all privileges/conditions in set are required (i.e. More... | |
PrivilegeFlagsChecked () | |
List which privilege flags (e.g. More... | |
FieldsWithUserComparisons ($ComparisonType=NULL) | |
List which fields in this privset are involved in UserIs or UserIsNot comparisons for this privilege set. More... | |
ComparisonCount () | |
Get number of privilege comparisons in set, including those in subgroups. More... | |
GetPossibleNecessaryPrivileges () | |
Get all privileges that could be necessary to fulfill privilege set requirements. More... | |
ChecksField ($FieldId) | |
Determine if a PrivilegeSet checks values from a specified field. More... | |
Static Public Member Functions | |
static | ClearCaches () |
Clear internal caches. More... | |
Public Attributes | |
const | NO_RESOURCE = "XXX NO RESOURCE XXX" |
Set of privileges used to access resource information or other parts of the system.
A privilege set is a combination of privileges (integers), MetadataFields (to check against a specified value), and privilege/MetadataField combinations.
Definition at line 16 of file PrivilegeSet.php.
PrivilegeSet::__construct | ( | $Data = NULL | ) |
Class constructor, used to create a new set or reload an existing set from previously-constructed data.
mixed | $Data | Existing privilege set data, previously retrieved with PrivilegeSet::Data(), array of privilege values, or a single privilege value. (OPTIONAL) |
InvalidArgumentException | If data passed in was invalid. |
Definition at line 27 of file PrivilegeSet.php.
PrivilegeSet::AddCondition | ( | $Field, | |
$Value = NULL , |
|||
$Operator = "==" |
|||
) |
Add condition to privilege set.
If the condition is already present in the set, no action is taken.
mixed | $Field | Metadata field object or ID to test against. |
mixed | $Value | Value to test against. User fields expect a UserId or expect NULL to test against the current user. Option fields expect a ControlledNameId. Date and Timestamp fields expect either a UNIX timestamp or expect NULL to test against the current time. |
string | $Operator | String containing operator to used for condition. (Standard PHP operators are used.) (OPTIONAL, defaults to "==") |
InvalidArgumentException | If invalid field provided. |
Definition at line 254 of file PrivilegeSet.php.
References MetadataSchema\GetCanonicalFieldIdentifier().
PrivilegeSet::AddPrivilege | ( | $Privileges | ) |
Add specified privilege to set.
If specified privilege is already part of the set, no action is taken.
mixed | $Privileges | Privilege ID or object (or array of IDs or objects). |
Definition at line 153 of file PrivilegeSet.php.
References IncludesPrivilege().
PrivilegeSet::AddSet | ( | PrivilegeSet | $Set | ) |
Add subgroup of privileges/conditions to set.
PrivilegeSet | $Set | Subgroup to add. |
Definition at line 331 of file PrivilegeSet.php.
PrivilegeSet::AllRequired | ( | $NewValue = NULL | ) |
Get/set whether all privileges/conditions in set are required (i.e.
"AND" logic), or only one privilege/condition needs to be met ("OR"). By default only one of the specified privilegs/conditions in a set is required.
bool | $NewValue | Specify TRUE if all privileges are required, otherwise FALSE if only one privilege required. (OPTIONAL) |
Definition at line 350 of file PrivilegeSet.php.
PrivilegeSet::ChecksField | ( | $FieldId | ) |
Determine if a PrivilegeSet checks values from a specified field.
int | $FieldId | FieldId to check. |
Definition at line 501 of file PrivilegeSet.php.
References ChecksField().
Referenced by ChecksField().
|
static |
Clear internal caches.
This is primarily intended for situations where memory may have run low.
Definition at line 528 of file PrivilegeSet.php.
PrivilegeSet::ComparisonCount | ( | ) |
Get number of privilege comparisons in set, including those in subgroups.
Definition at line 428 of file PrivilegeSet.php.
PrivilegeSet::Data | ( | $NewValue = NULL | ) |
Get/set privilege set data, in the form of an opaque string.
This method can be used to retrieve an opaque string containing privilege set data, which can then be saved (e.g. to a database) and later used to reload a privilege set. (Use instead of serialize() to avoid future issues with internal class changes.)
string | $NewValue | New privilege set data. (OPTIONAL) |
InvalidArgumentException | If data passed in was invalid. |
Definition at line 62 of file PrivilegeSet.php.
PrivilegeSet::FieldsWithUserComparisons | ( | $ComparisonType = NULL | ) |
List which fields in this privset are involved in UserIs or UserIsNot comparisons for this privilege set.
string | $ComparisonType | Comparison Type ("==" or "!="). (OPTIONAL, defaults to both comparisons) |
Definition at line 391 of file PrivilegeSet.php.
References MetadataSchema\FieldExistsInAnySchema(), GetPrivilegeInfo(), and MetadataSchema\MDFTYPE_USER.
PrivilegeSet::GetPossibleNecessaryPrivileges | ( | ) |
Get all privileges that could be necessary to fulfill privilege set requirements.
Not all of the privileges may be necessary, but a user must have at least one of the listed privileges to qualify. If there is no set of privileges where at least one is definitely required, an empty array is returned.
Definition at line 446 of file PrivilegeSet.php.
PrivilegeSet::GetPrivilegeInfo | ( | ) |
Get privilege information as an array, with numerical indexes except for the logic, which is contained in a element with the index "Logic".
Values are either an associative array with three elements, "FieldId", "Operator", and "Value", or a PrivilegeSet object (for subsets).
Definition at line 210 of file PrivilegeSet.php.
Referenced by PrivilegeEditingUI\DisplaySet(), FieldsWithUserComparisons(), and PrivilegeFlagsChecked().
PrivilegeSet::GetPrivilegeList | ( | ) |
Get list of privileges.
(Intended primarily for supporting legacy privilege operations – list contains privilege IDs only, and does not include conditions.)
Definition at line 226 of file PrivilegeSet.php.
PrivilegeSet::IncludesPrivilege | ( | $Privilege | ) |
Check whether this privilege set includes the specified privilege.
mixed | $Privilege | Privilege ID or object to check. |
Definition at line 195 of file PrivilegeSet.php.
Referenced by AddPrivilege(), and RemovePrivilege().
PrivilegeSet::MeetsRequirements | ( | CWUser | $User, |
$Resource = self::NO_RESOURCE |
|||
) |
Determine if a given user meets the requirements specified by this PrivilegeSet.
Typically used to determine if a user should be allowed access to a particular piece of data.
object | $User | CWUser object to use in comparisons. |
object | $Resource | Resource object to used for comparison, for sets that include user conditions. (OPTIONAL) |
Definition at line 96 of file PrivilegeSet.php.
References CWUser\HasPriv().
Referenced by PrivilegeSetCompatibilityShim\IsGreaterThan().
PrivilegeSet::PrivilegeFlagsChecked | ( | ) |
List which privilege flags (e.g.
PRIV_MYRESOURCEADMIN) are examined by this privset.
Definition at line 364 of file PrivilegeSet.php.
References GetPrivilegeInfo().
PrivilegeSet::RemoveCondition | ( | $Field, | |
$Value = NULL , |
|||
$Operator = "==" , |
|||
$IncludeSubsets = FALSE |
|||
) |
Remove condition from privilege set.
If condition was not present in privilege set, no action is taken.
mixed | $Field | Metadata field object or ID to test against. |
mixed | $Value | Value to test against. (Specify NULL for User fields to test against current user.) |
string | $Operator | String containing operator to used for condition. (Standard PHP operators are used.) (OPTIONAL, defaults to "==") |
bool | $IncludeSubsets | TRUE to remove the condition from any subsets in which it appears as well (OPTIONAL, default FALSE). |
Definition at line 288 of file PrivilegeSet.php.
PrivilegeSet::RemovePrivilege | ( | $Privilege | ) |
Remove specified privilege from set.
If specified privilege is not currently in the set, no action is taken.
mixed | $Privilege | Privilege ID or object to remove from set. |
Definition at line 179 of file PrivilegeSet.php.
References IncludesPrivilege().
const PrivilegeSet::NO_RESOURCE = "XXX NO RESOURCE XXX" |
Definition at line 543 of file PrivilegeSet.php.