\midcom\dbaprivileges

midcom privileges support

Summary

Methods
Properties
Constants
get_privileges()
set_privilege()
unset_privilege()
get_privilege()
unset_all_privileges()
create_new_privilege_object()
No public properties found
No constants found
No protected methods found
No protected properties found
N/A
No private methods found
No private properties found
N/A

Methods

get_privileges()

get_privileges() : array<mixed,\midcom_core_privilege>

Read all privilege records and return them accordingly.

You need privilege access to get this information (midgard:read (tested during construction) and midgard:privileges) otherwise, the call will fail.

Returns

array<mixed,\midcom_core_privilege> —

A list of privilege objects or false on failure.

set_privilege()

set_privilege(mixed  $privilege, mixed  $assignee = null, integer  $value = MIDCOM_PRIVILEGE_ALLOW, string  $classname = '') : boolean

Set a privilege on an object.

This requires both midgard:update and midgard:privileges.

You can either pass a ready made privilege record or a privilege/assignee/value combination suitable for usage with create_new_privilege_object() (see there).

Parameters

mixed $privilege

Either the full privilege object (midcom_core_privilege) to set or the name of the privilege (string). If the name was specified, the other parameters must be specified as well.

mixed $assignee

A valid assignee suitable for midcom_core_privilege::set_privilege(). This defaults to the currently active user if authenticated or to 'EVERYONE' otherwise (invalid if $privilege is a midcom_core_privilege).

integer $value

The privilege value, this defaults to MIDCOM_PRIVILEGE_ALLOW (invalid if $privilege is a midcom_core_privilege).

string $classname

An optional class name to which a SELF privilege gets restricted to. Only valid for SELF privileges (invalid if $privilege is a midcom_core_privilege).

Returns

boolean —

Indicating success.

unset_privilege()

unset_privilege(mixed  $privilege, mixed  $assignee = null, string  $classname = '') : boolean

Unset a privilege on an object (e.g. set it to INHERIT).

Parameters

mixed $privilege

Either the full privilege object (midcom_core_privilege) to set or the name of the privilege (string). If the name was specified, the other parameters must be specified as well.

mixed $assignee

A valid assignee suitable for midcom_core_privilege::set_privilege(). This defaults to the currently active user if authenticated or to 'EVERYONE' otherwise (invalid if $privilege is a midcom_core_privilege).

string $classname

An optional class name to which a SELF privilege gets restricted to. Only valid for SELF privileges (invalid if $privilege is a midcom_core_privilege).

Returns

boolean —

Indicating Success.

get_privilege()

get_privilege(string  $privilege, mixed  $assignee, string  $classname = '') : \midcom_core_privilege

Looks up a privilege by its parameters.

Parameters

string $privilege

The name of the privilege.

mixed $assignee

Either a valid magic assignee (SELF, EVERYONE, USERS, ANONYMOUS), a midcom_core_user or a midcom_core_group object or subtype thereof.

string $classname

An optional class name to which a SELF privilege is restricted to.

Returns

\midcom_core_privilege

The privilege record from the database.

unset_all_privileges()

unset_all_privileges() : boolean

Unsets all privileges

Returns

boolean —

Indicating success.

create_new_privilege_object()

create_new_privilege_object(string  $name, mixed  $assignee = null, integer  $value = MIDCOM_PRIVILEGE_ALLOW, string  $classname = '') : \midcom_core_privilege

Create a new privilege object. The privilege will be initialized with the values given in the arguments, as outlined below.

This call requires the midgard:privileges privilege.

Parameters

string $name

The name of the privilege to add.

mixed $assignee

A valid assignee suitable for midcom_core_privilege::set_privilege(). This defaults to the currently active user if authenticated or to 'EVERYONE' otherwise.

integer $value

The privilege value, this defaults to MIDCOM_PRIVILEGE_ALLOW.

string $classname

An optional class name to which a SELF privilege gets restricted to. Only valid for SELF privileges.

Returns

\midcom_core_privilege

The newly created privilege record or false on failure.