A container for policies in the permission system. More...
Inheritance diagram for eZRole:
Collaboration diagram for eZRole:
Public Member Functions | |
| accessArray ($ignoreLimitIdentifier=false) | |
| appendPolicy ($module, $function, $limitations=array()) | |
| assignToUser ($userID, $limitIdent= '', $limitValue= '') | |
| copy () | |
| copyPolicies ($roleID) | |
| createTemporaryVersion () | |
| eZRole ($row=array()) | |
| fetchUserByRole () | |
| fetchUserID () | |
| limitIdentifier () | |
| limitValue () | |
| policyList () | |
| removePolicies ($fromDB=true) | |
| removePolicy ($moduleName, $functionName=false) | |
| removeThis () | |
| removeUserAssignment ($userID) | |
| removeUserAssignmentByID ($id) | |
| revertFromTemporaryVersion () | |
| turnOffCaching () | |
| turnOnCaching () | |
| userRoleID () | |
Static Public Member Functions | |
| static | accessArrayByUserID ($idArray, $recursive=false) |
| Return access array by passing in list of groups user belongs to and his user id. | |
| static | cleanupByNode ($node) |
| static | create ($roleName, $version=0) |
| static | createNew () |
| static | definition () |
| Returns the definition for the object, the default implementation is to return an empty array. | |
| static | expireCache () |
| static | fetch ($roleID, $version=0) |
| static | fetchByName ($roleName, $version=0) |
| static | fetchByOffset ($offset, $limit, $asObject=true, $ignoreTemp=false, $ignoreNew=true) |
| static | fetchByUser ($idArray, $recursive=false) |
| Returns the roles matching the given users' eZContentObject ID array. | |
| static | fetchIDListByUser ($idArray) |
| Fetches the list of roles ID matching an array of eZContentObject IDs (either users and/or groups IDs) | |
| static | fetchList ($tempVersions=false) |
| static | fetchRolesByLimitation ($limit_identifier, $limit_value) |
| static | removeRole ($roleID) |
| static | removeTemporary () |
| static | roleCount ($ignoreNew=true) |
| Fetches the count of created roles. | |
Public Attributes | |
| $AccessArray | |
| $CachePolicies = true | |
| $Functions | |
| $ID | |
| $LimitIdentifier | |
| $LimitValue | |
| $Modules | |
| $Name | |
| $Policies | |
| $PolicyArray | |
| $Sets | |
| $UserRoleID | |
Detailed Description
A container for policies in the permission system.
It consists merely of a name() and has a DB id() and a version() number. The actual permissions are stored in policies and policy values which can be fetched with the method policyList().
To fetch permission access array you can use accessArrayByUserID() and accessArray().
There are multiple ways to fetch a role, directly from an id() with fetch(), by a role name() with fetchByName(), by a given user with fetchByUser() or the whole list with fetchList() and fetchByOffset().
Creating roles is done with create(), after which new policies can be added using appendPolicy().
Remove roles with remove() and its policies with removePolicies().
Definition at line 34 of file ezrole.php.
Member Function Documentation
| eZRole::accessArray | ( | $ | ignoreLimitIdentifier = false | ) |
Fetch access array of current role
Definition at line 597 of file ezrole.php.
Referenced by accessArrayByUserID().
| static eZRole::accessArrayByUserID | ( | $ | idArray, |
| $ | recursive = false |
||
| ) | [static] |
Return access array by passing in list of groups user belongs to and his user id.
- Parameters:
-
array $idArray Array of eZContentObject IDs, either groups + user id or user id's only If only user id's, then remember to set $recursive to true bool $recursive See eZRole::fetchByUser()
- Returns:
- array Hash with complete access limitation description
Definition at line 554 of file ezrole.php.
Referenced by eZUser\generateAccessArray().
| eZRole::appendPolicy | ( | $ | module, |
| $ | function, | ||
| $ | limitations = array() |
||
| ) |
Appends a new policy to the current role and returns it.
- Note:
- The policy and it's limitation values will be stored to the database before returning.
- Parameters:
-
$module Which module to give access to or trueto give access to all modules.$function Which function to give access to or trueto give access to all functions.$limitations An associative array with limitations and their values, use an empty array for no limitations.
// Access to content/read $policy1 = $role->appendPolicy( 'content', 'read' ); // Access to content/read in section 1 $policy2 = $role->appendPolicy( 'content', 'read', array( 'Section' => 1 ) ); // Access to content/read for class 2 and 5 $policy3 = $role->appendPolicy( 'content', 'read', array( 'Class' => array( 2, 5 ) ) );
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 198 of file ezrole.php.
| eZRole::assignToUser | ( | $ | userID, |
| $ | limitIdent = '', |
||
| $ | limitValue = '' |
||
| ) |
Assigns the current role to the given user or user group identified by the id.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
- WARNING: Roles and content caches need to be cleared after calling this function.
Definition at line 669 of file ezrole.php.
| static eZRole::cleanupByNode | ( | $ | node | ) | [static] |
Cleans up policies and role assignments related to node when this node is removed
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 385 of file ezrole.php.
Referenced by eZContentObjectTreeNode\removeThis().
| eZRole::copy | ( | ) |
Copies this role, stores it and returns it.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 118 of file ezrole.php.
| eZRole::copyPolicies | ( | $ | roleID | ) |
Copies all policies for this role and assigns them to the role identified by ID $roleID.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 228 of file ezrole.php.
Referenced by copy(), and createTemporaryVersion().
| static eZRole::create | ( | $ | roleName, |
| $ | version = 0 |
||
| ) | [static] |
Creates a new role with the name $roleName and version $version and returns it.
- Note:
- The role is not stored.
Definition at line 170 of file ezrole.php.
Referenced by eZSiteInstaller\addPoliciesForRole(), appendPolicy(), eZStepCreateSites\initializePackage(), and eZSiteInstaller\updateRoles().
| static eZRole::createNew | ( | ) | [static] |
Creates a new role with the name 'New role', stores it and returns it.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 157 of file ezrole.php.
Referenced by copy(), and createTemporaryVersion().
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 136 of file ezrole.php.
| static eZRole::definition | ( | ) | [static] |
Returns the definition for the object, the default implementation is to return an empty array.
It's upto each inheriting class to return a proper definition array.
The definition array is an associative array consists of these keys:
- fields: an associative array of fields which defines which database field (the key) is to fetched and how they map to object member variables (the value).
- keys: an array of fields which is used for uniquely identifying the object in the table.
- function_attributes: an associative array of attributes which maps to member functions, used for fetching data with functions.
- set_functions: an associative array of attributes which maps to member functions, used for setting data with functions.
- increment_key: the field which is incremented on table inserts.
- class_name: the classname which is used for instantiating new objecs when fetching from the database.
- sort: an associative array which defines the default sorting of lists, the key is the table field while the value is the sorting method which is either 'asc' or 'desc'.
- name: the name of the database table
Example: public static function definition() { return array( "fields" => array( "id" => "ID", "version" => "Version", "name" => "Name" ), "keys" => array( "id", "version" ), "function_attributes" => array( "current" => "currentVersion", "class_name" => "className" ), "increment_key" => "id", "class_name" => "eZContentClass", "sort" => array( "id" => "asc" ), "name" => "ezcontentclass" ); }
- Returns:
- array
Reimplemented from eZPersistentObject.
Definition at line 53 of file ezrole.php.
Referenced by fetch(), fetchByName(), fetchByOffset(), fetchList(), eZPolicy\role(), and roleCount().
| static eZRole::expireCache | ( | ) | [static] |
Expires all roles, policies and limitations cache.
Definition at line 535 of file ezrole.php.
Referenced by cleanupByNode(), and eZContentObjectTreeNode\move().
| eZRole::eZRole | ( | $ | row = array() | ) |
Constructor
Definition at line 39 of file ezrole.php.
Referenced by create(), createNew(), and fetchByUser().
| static eZRole::fetch | ( | $ | roleID, |
| $ | version = 0 |
||
| ) | [static] |
Fetches the role identified by the role ID $roleID and returns it.
- Parameters:
-
$version Which version to fetch, 0 is the published one. Temporary versions get the id of the role.
Definition at line 829 of file ezrole.php.
Referenced by assignToUser(), cleanupByNode(), eZRoleFunctionCollection\fetchRole(), fetchRolesByLimitation(), fetchUserByRole(), removeRole(), and revertFromTemporaryVersion().
| static eZRole::fetchByName | ( | $ | roleName, |
| $ | version = 0 |
||
| ) | [static] |
Fetches the role identified by the role name $roleName and returns it.
- Parameters:
-
$version Which version to fetch, 0 is the published one and 1 is the temporary.
Definition at line 844 of file ezrole.php.
Referenced by eZSiteInstaller\addPoliciesForRole(), eZSiteInstaller\assignUserToRole(), eZSiteInstaller\createSiteAccess(), eZStepCreateSites\initializePackage(), eZSiteInstaller\removePoliciesForRole(), and eZSiteInstaller\updateRoles().
| static eZRole::fetchByOffset | ( | $ | offset, |
| $ | limit, | ||
| $ | asObject = true, |
||
| $ | ignoreTemp = false, |
||
| $ | ignoreNew = true |
||
| ) | [static] |
Definition at line 867 of file ezrole.php.
| static eZRole::fetchByUser | ( | $ | idArray, |
| $ | recursive = false |
||
| ) | [static] |
Returns the roles matching the given users' eZContentObject ID array.
- Parameters:
-
array $idArray Array of eZContentObject IDs, either groups + user id or user id's only If only user id's, then remember to set $recursive to true bool $recursive If true, roles will be looked up for all nodes of the id's and it's parents
- Returns:
- array(eZRole)
Definition at line 467 of file ezrole.php.
Referenced by accessArrayByUserID(), eZUserFunctionCollection\fetchMemberOf(), eZUserFunctionCollection\fetchUserRole(), and eZUser\roles().
| static eZRole::fetchIDListByUser | ( | $ | idArray | ) | [static] |
Fetches the list of roles ID matching an array of eZContentObject IDs (either users and/or groups IDs)
- Parameters:
-
array(eZContentObjectID) $idArray
- Returns:
- array(eZRoleID)
Definition at line 644 of file ezrole.php.
Referenced by eZUser\generateUserCacheForFile(), and eZUser\roleIDList().
| static eZRole::fetchList | ( | $ | tempVersions = false | ) | [static] |
Definition at line 851 of file ezrole.php.
Referenced by removeTemporary().
| static eZRole::fetchRolesByLimitation | ( | $ | limit_identifier, |
| $ | limit_value | ||
| ) | [static] |
Definition at line 798 of file ezrole.php.
Referenced by eZSection\canBeRemoved(), and eZSectionFunctionCollection\fetchUserRoles().
- Returns:
- the users and user groups assigned to the current role.
Definition at line 769 of file ezrole.php.
Fetch user id array which have been assigned to this role.
Definition at line 725 of file ezrole.php.
Returns the limit identifier if it is set.
- Note:
- This will only be available when fetching roles for a specific user
- See also:
- limitValue
Definition at line 88 of file ezrole.php.
Returns the limit value if it is set.
- Note:
- This will only be available when fetching roles for a specific user
- See also:
- limitIdentifier
Definition at line 98 of file ezrole.php.
Definition at line 610 of file ezrole.php.
Referenced by removePolicy().
| eZRole::removePolicies | ( | $ | fromDB = true | ) |
Removes the policy object list from this role.
- Parameters:
-
$fromDB If truethen the policies are removed from database.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 329 of file ezrole.php.
Referenced by revertFromTemporaryVersion().
| eZRole::removePolicy | ( | $ | moduleName, |
| $ | functionName = false |
||
| ) |
Removes the policy object(s) by specified $moduleName and/or $functionName. Removes all policies for module $moduleName if $functionName is false.
- Parameters:
-
$moduleName Module name $functionName function name. Default is false.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 352 of file ezrole.php.
| static eZRole::removeRole | ( | $ | roleID | ) | [static] |
- See also:
- removeThis
Definition at line 295 of file ezrole.php.
| static eZRole::removeTemporary | ( | ) | [static] |
Removes all temporary roles and roles without policies from the database.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 278 of file ezrole.php.
Removes the role, it's policies and any assignments to users/groups.
- Parameters:
-
$roleID If this is falsethen the function is not static and the ID is fetched from$this.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 310 of file ezrole.php.
| eZRole::removeUserAssignment | ( | $ | userID | ) |
Removes the role assignment
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
- WARNING: Roles and content caches need to be cleared after calling this function.
Definition at line 740 of file ezrole.php.
| eZRole::removeUserAssignmentByID | ( | $ | id | ) |
Remove ezuser_role by id
- Parameters:
-
ezuser_role id
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
- WARNING: Roles and content caches need to be cleared after calling this function.
Definition at line 757 of file ezrole.php.
- Note:
- Transaction unsafe. If you call several transaction unsafe methods you must enclose the calls within a db transaction; thus within db->begin and db->commit.
Definition at line 243 of file ezrole.php.
| static eZRole::roleCount | ( | $ | ignoreNew = true | ) | [static] |
Fetches the count of created roles.
- Parameters:
-
boolean $ignoreNew Wether to ignore draft roles
- Returns:
- int
Definition at line 896 of file ezrole.php.
Sets caching of policies to off for this role.
Definition at line 909 of file ezrole.php.
Sets caching of policies to on for this role.
Definition at line 917 of file ezrole.php.
Returns the user role ID if it is set.
- Note:
- This will only be available when fetching roles for a specific user
- See also:
- userRoleID
Definition at line 108 of file ezrole.php.
Member Data Documentation
| eZRole::$AccessArray |
Definition at line 934 of file ezrole.php.
| eZRole::$CachePolicies = true |
Definition at line 935 of file ezrole.php.
| eZRole::$Functions |
Definition at line 927 of file ezrole.php.
| eZRole::$ID |
Definition at line 924 of file ezrole.php.
| eZRole::$LimitIdentifier |
Definition at line 929 of file ezrole.php.
| eZRole::$LimitValue |
Definition at line 928 of file ezrole.php.
| eZRole::$Modules |
Definition at line 926 of file ezrole.php.
| eZRole::$Name |
Definition at line 925 of file ezrole.php.
| eZRole::$Policies |
Definition at line 933 of file ezrole.php.
| eZRole::$PolicyArray |
Definition at line 931 of file ezrole.php.
| eZRole::$Sets |
Definition at line 932 of file ezrole.php.
| eZRole::$UserRoleID |
Definition at line 930 of file ezrole.php.
The documentation for this class was generated from the following file:
