eZ Publish  [4.2]
Public Member Functions | Static Public Member Functions | Public Attributes
eZRole Class Reference
Role based permission system

A container for policies in the permission system. More...

+ Inheritance diagram for eZRole:
+ Collaboration diagram for eZRole:

List of all members.

Public Member Functions

 accessArray ($ignoreLimitIdentifier=false)
 appendPolicy ($module, $function, $limitations=array())
 assignToUser ($userID, $limitIdent= '', $limitValue= '')
 copy ()
 copyPolicies ($roleID)
 createTemporaryVersion ()
 eZRole ($row=array())
 fetchUserByRole ()
 fetchUserID ()
 limitIdentifier ()
 limitValue ()
 policyList ()
 removePolicies ($fromDB=true)
 removePolicy ($moduleName, $functionName=false)
 removeThis ()
 removeUserAssignment ($userID)
 removeUserAssignmentByID ($id)
 revertFromTemporaryVersion ()
 turnOffCaching ()
 turnOnCaching ()
 userRoleID ()

Static Public Member Functions

static accessArrayByUserID ($userIDArray)
static cleanupByNode ($node)
static create ($roleName, $version=0)
static createNew ()
static definition ()
static expireCache ()
static fetch ($roleID, $version=0)
static fetchByName ($roleName, $version=0)
static fetchByOffset ($offset, $limit, $asObject=true, $ignoreTemp=false, $ignoreNew=true)
static fetchByUser ($idArray, $recursive=false)
 Returns the roles matching the given users' eZContentObject ID array.
static fetchIDListByUser ($idArray)
 Fetches the list of roles ID matching an array of eZContentObject IDs (either users and/or groups IDs)
static fetchList ($tempVersions=false)
static fetchRolesByLimitation ($limit_identifier, $limit_value)
static removeRole ($roleID)
static removeTemporary ()
static roleCount ()

Public Attributes

 $AccessArray
 $CachePolicies = true
 $Functions
 $ID
 $LimitIdentifier
 $LimitValue
 $Modules
 $Name
 $Policies
 $PolicyArray
 $Sets
 $UserRoleID

Detailed Description

A container for policies in the permission system.

It consists merely of a name() and has a DB id() and a version() number. The actual permissions are stored in policies and policy values which can be fetched with the method policyList().

To fetch permission access array you can use accessArrayByUserID() and accessArray().

There are multiple ways to fetch a role, directly from an id() with fetch(), by a role name() with fetchByName(), by a given user with fetchByUser() or the whole list with fetchList() and fetchByOffset().

Creating roles is done with create(), after which new policies can be added using appendPolicy().

Remove roles with remove() and its policies with removePolicies().

Definition at line 57 of file ezrole.php.

Member Function Documentation

eZRole::accessArray ( ignoreLimitIdentifier = false)

Fetch access array of current role

Definition at line 626 of file ezrole.php.

Referenced by accessArrayByUserID().

static eZRole::accessArrayByUserID ( userIDArray) [static]
Parameters:
userid
Returns:
array containing complete access limitation description Returns newly generated access array which corresponds to the array of user/group ids list.

Definition at line 583 of file ezrole.php.

Referenced by eZUser\generateAccessArray().

eZRole::appendPolicy ( module,
function,
limitations = array() 
)

Appends a new policy to the current role and returns it.

Note:
The policy and it's limitation values will be stored to the database before returning.
Parameters:
$moduleWhich module to give access to or true to give access to all modules.
$functionWhich function to give access to or true to give access to all functions.
$limitationsAn associative array with limitations and their values, use an empty array for no limitations.
     // Access to content/read
     $policy1 = $role->appendPolicy( 'content', 'read' );
     // Access to content/read in section 1
     $policy2 = $role->appendPolicy( 'content', 'read', array( 'Section' => 1 ) );
     // Access to content/read for class 2 and 5
     $policy3 = $role->appendPolicy( 'content', 'read', array( 'Class' => array( 2, 5 ) ) );
Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 221 of file ezrole.php.

eZRole::assignToUser ( userID,
limitIdent = '',
limitValue = '' 
)

Assigns the current role to the given user or user group identified by the id.

Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
WARNING: Roles and content caches need to be cleared after calling this function.

Definition at line 695 of file ezrole.php.

static eZRole::cleanupByNode ( node) [static]

Cleans up policies and role assignments related to node when this node is removed

Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 409 of file ezrole.php.

Referenced by eZContentObjectTreeNode\removeThis().

eZRole::copy ( )

Copies this role, stores it and returns it.

Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 141 of file ezrole.php.

eZRole::copyPolicies ( roleID)

Copies all policies for this role and assigns them to the role identified by ID $roleID.

Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 251 of file ezrole.php.

Referenced by copy(), and createTemporaryVersion().

static eZRole::create ( roleName,
version = 0 
) [static]

Creates a new role with the name $roleName and version $version and returns it.

Note:
The role is not stored.

Definition at line 193 of file ezrole.php.

Referenced by eZSiteInstaller\addPoliciesForRole(), appendPolicy(), and eZSiteInstaller\updateRoles().

static eZRole::createNew ( ) [static]

Creates a new role with the name 'New role', stores it and returns it.

Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 180 of file ezrole.php.

Referenced by copy(), and createTemporaryVersion().

eZRole::createTemporaryVersion ( )
Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 159 of file ezrole.php.

static eZRole::definition ( ) [static]
Returns:
the definition for the object, the default implementation is to return an empty array. It's upto each inheriting class to return a proper definition array.

The definition array is an associative array consists of these keys:

  • fields - an associative array of fields which defines which database field (the key) is to fetched and how they map to object member variables (the value).
  • keys - an array of fields which is used for uniquely identifying the object in the table.
  • function_attributes - an associative array of attributes which maps to member functions, used for fetching data with functions.
  • set_functions - an associative array of attributes which maps to member functions, used for setting data with functions.
  • increment_key - the field which is incremented on table inserts.
  • class_name - the classname which is used for instantiating new objecs when fetching from the database.
  • sort - an associative array which defines the default sorting of lists, the key is the table field while the value is the sorting method which is either asc or desc.
  • name - the name of the database table

Example: 

static function definition()
{
    return array( "fields" => array( "id" => "ID",
                                     "version" => "Version",
                                     "name" => "Name" ),
                  "keys" => array( "id", "version" ),
                  "function_attributes" => array( "current" => "currentVersion",
                                                  "class_name" => "className" ),
                  "increment_key" => "id",
                  "class_name" => "eZContentClass",
                  "sort" => array( "id" => "asc" ),
                  "name" => "ezcontentclass" );
}

Reimplemented from eZPersistentObject.

Definition at line 76 of file ezrole.php.

Referenced by fetch(), fetchByName(), fetchByOffset(), fetchList(), and eZPolicy\role().

static eZRole::expireCache ( ) [static]

Expires all roles, policies and limitations cache.

Definition at line 559 of file ezrole.php.

Referenced by cleanupByNode(), and eZContentObjectTreeNode\move().

eZRole::eZRole ( row = array())

Constructor

Definition at line 62 of file ezrole.php.

Referenced by create(), createNew(), and fetchByUser().

static eZRole::fetch ( roleID,
version = 0 
) [static]

Fetches the role identified by the role ID $roleID and returns it.

Parameters:
$versionWhich version to fetch, 0 is the published one. Temporary versions get the id of the role.

Definition at line 855 of file ezrole.php.

Referenced by assignToUser(), cleanupByNode(), fetchRolesByLimitation(), fetchUserByRole(), removeRole(), and revertFromTemporaryVersion().

static eZRole::fetchByName ( roleName,
version = 0 
) [static]

Fetches the role identified by the role name $roleName and returns it.

Parameters:
$versionWhich version to fetch, 0 is the published one and 1 is the temporary.

Definition at line 870 of file ezrole.php.

Referenced by eZSiteInstaller\addPoliciesForRole(), eZSiteInstaller\assignUserToRole(), eZSiteInstaller\createSiteAccess(), eZSiteInstaller\removePoliciesForRole(), and eZSiteInstaller\updateRoles().

static eZRole::fetchByOffset ( offset,
limit,
asObject = true,
ignoreTemp = false,
ignoreNew = true 
) [static]

Definition at line 893 of file ezrole.php.

static eZRole::fetchByUser ( idArray,
recursive = false 
) [static]

Returns the roles matching the given users' eZContentObject ID array.

Parameters:
array$idArrayArray of eZContentObject IDs, either groups or users
bool$recursiveIf true, roles will be looked up for each given object's main node path_array
Returns:
array(eZRole)

Definition at line 491 of file ezrole.php.

Referenced by accessArrayByUserID(), and eZUser\roles().

static eZRole::fetchIDListByUser ( idArray) [static]

Fetches the list of roles ID matching an array of eZContentObject IDs (either users and/or groups IDs)

Parameters:
array(eZContentObjectID)$idArray
Returns:
array(eZRoleID)

Definition at line 670 of file ezrole.php.

Referenced by eZUser\roleIDList().

static eZRole::fetchList ( tempVersions = false) [static]

Definition at line 877 of file ezrole.php.

Referenced by removeTemporary().

static eZRole::fetchRolesByLimitation ( limit_identifier,
limit_value 
) [static]

Definition at line 824 of file ezrole.php.

Referenced by eZSection\canBeRemoved().

eZRole::fetchUserByRole ( )
Returns:
the users and user groups assigned to the current role.

Definition at line 795 of file ezrole.php.

eZRole::fetchUserID ( )

Fetch user id array which have been assigned to this role.

Definition at line 751 of file ezrole.php.

eZRole::limitIdentifier ( )

Returns the limit identifier if it is set.

Note:
This will only be available when fetching roles for a specific user
See also:
limitValue

Definition at line 111 of file ezrole.php.

eZRole::limitValue ( )

Returns the limit value if it is set.

Note:
This will only be available when fetching roles for a specific user
See also:
limitIdentifier

Definition at line 121 of file ezrole.php.

eZRole::policyList ( )

Definition at line 639 of file ezrole.php.

Referenced by removePolicy().

eZRole::removePolicies ( fromDB = true)

Removes the policy object list from this role.

Parameters:
$fromDBIf true then the policies are removed from database.
Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 353 of file ezrole.php.

Referenced by revertFromTemporaryVersion().

eZRole::removePolicy ( moduleName,
functionName = false 
)

Removes the policy object(s) by specified $moduleName and/or $functionName. Removes all policies for module $moduleName if $functionName is false.

Parameters:
$moduleNameModule name
$functionNamefunction name. Default is false.
Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 376 of file ezrole.php.

static eZRole::removeRole ( roleID) [static]
See also:
removeThis

Definition at line 319 of file ezrole.php.

static eZRole::removeTemporary ( ) [static]

Removes all temporary roles and roles without policies from the database.

Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 302 of file ezrole.php.

eZRole::removeThis ( )

Removes the role, it's policies and any assignments to users/groups.

Parameters:
$roleIDIf this is false then the function is not static and the ID is fetched from $this.
Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 334 of file ezrole.php.

eZRole::removeUserAssignment ( userID)

Removes the role assignment

Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
WARNING: Roles and content caches need to be cleared after calling this function.

Definition at line 766 of file ezrole.php.

eZRole::removeUserAssignmentByID ( id)

Remove ezuser_role by id

Parameters:
ezuser_roleid
Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
WARNING: Roles and content caches need to be cleared after calling this function.

Definition at line 783 of file ezrole.php.

eZRole::revertFromTemporaryVersion ( )
Note:
Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.

Definition at line 266 of file ezrole.php.

static eZRole::roleCount ( ) [static]
Returns:
the number of roles in the database.

Definition at line 918 of file ezrole.php.

eZRole::turnOffCaching ( )

Sets caching of policies to off for this role.

Definition at line 929 of file ezrole.php.

eZRole::turnOnCaching ( )

Sets caching of policies to on for this role.

Definition at line 937 of file ezrole.php.

eZRole::userRoleID ( )

Returns the user role ID if it is set.

Note:
This will only be available when fetching roles for a specific user
See also:
userRoleID

Definition at line 131 of file ezrole.php.

Member Data Documentation

eZRole::$AccessArray

Definition at line 954 of file ezrole.php.

eZRole::$CachePolicies = true

Definition at line 955 of file ezrole.php.

eZRole::$Functions

Definition at line 947 of file ezrole.php.

eZRole::$ID

Definition at line 944 of file ezrole.php.

eZRole::$LimitIdentifier

Definition at line 949 of file ezrole.php.

eZRole::$LimitValue

Definition at line 948 of file ezrole.php.

eZRole::$Modules

Definition at line 946 of file ezrole.php.

eZRole::$Name

Definition at line 945 of file ezrole.php.

eZRole::$Policies

Definition at line 953 of file ezrole.php.

eZRole::$PolicyArray

Definition at line 951 of file ezrole.php.

eZRole::$Sets

Definition at line 952 of file ezrole.php.

eZRole::$UserRoleID

Definition at line 950 of file ezrole.php.

The documentation for this class was generated from the following file: