Methods summary
public
Nette\Security\Permission
|
#
addRole( string $role, string|array $parents = null )
Adds a Role to the list. The most recently added parent takes precedence over
parents that were previously added.
Adds a Role to the list. The most recently added parent takes precedence over
parents that were previously added.
Parameters
Returns
Throws
|
public
boolean
|
#
hasRole( string $role )
Returns true if the Role exists in the list.
Returns true if the Role exists in the list.
Parameters
Returns
boolean
bool
|
public
array
|
#
getRoles( )
Returns all Roles.
Returns
array
array
|
public
array
|
#
getRoleParents( string $role )
Returns existing Role's parents ordered by ascending priority.
Returns existing Role's parents ordered by ascending priority.
Parameters
Returns
array
array
|
public
boolean
|
#
roleInheritsFrom( string $role, string $inherit, boolean $onlyParents = false )
Returns true if $role inherits from $inherit. If $onlyParents is true, then
$role must inherit directly from $inherit.
Returns true if $role inherits from $inherit. If $onlyParents is true, then
$role must inherit directly from $inherit.
Parameters
- $role
- $inherit
- $onlyParents
Returns
boolean
bool
Throws
|
public
Nette\Security\Permission
|
#
removeRole( string $role )
Removes the Role from the list.
Removes the Role from the list.
Parameters
Returns
Throws
|
public
Nette\Security\Permission
|
#
removeAllRoles( )
Removes all Roles from the list.
Removes all Roles from the list.
Returns
|
public
Nette\Security\Permission
|
#
addResource( string $resource, string $parent = null )
Adds a Resource having an identifier unique to the list.
Adds a Resource having an identifier unique to the list.
Parameters
Returns
Throws
|
public
boolean
|
#
hasResource( string $resource )
Returns true if the Resource exists in the list.
Returns true if the Resource exists in the list.
Parameters
Returns
boolean
bool
|
public
array
|
|
public
boolean
|
#
resourceInheritsFrom( string $resource, string $inherit, boolean $onlyParent = false )
Returns true if $resource inherits from $inherit. If $onlyParents is true,
then $resource must inherit directly from $inherit.
Returns true if $resource inherits from $inherit. If $onlyParents is true,
then $resource must inherit directly from $inherit.
Parameters
- $resource
- $inherit
- $onlyParent
Returns
boolean
bool
Throws
|
public
Nette\Security\Permission
|
#
removeResource( string $resource )
Removes a Resource and all of its children.
Removes a Resource and all of its children.
Parameters
Returns
Throws
|
public
Nette\Security\Permission
|
|
public
Nette\Security\Permission
|
#
allow( string|string[]|null $roles = Nette\Security\IAuthorizator::ALL, string|string[]|null $resources = Nette\Security\IAuthorizator::ALL, string|string[]|null $privileges = Nette\Security\IAuthorizator::ALL, callable $assertion = null )
Allows one or more Roles access to [certain $privileges upon] the specified
Resource(s). If $assertion is provided, then it must return true in order for
rule to apply.
Allows one or more Roles access to [certain $privileges upon] the specified
Resource(s). If $assertion is provided, then it must return true in order for
rule to apply.
Parameters
- $roles
- $resources
- $privileges
- $assertion
- assertion
Returns
|
public
Nette\Security\Permission
|
#
deny( string|string[]|null $roles = Nette\Security\IAuthorizator::ALL, string|string[]|null $resources = Nette\Security\IAuthorizator::ALL, string|string[]|null $privileges = Nette\Security\IAuthorizator::ALL, callable $assertion = null )
Denies one or more Roles access to [certain $privileges upon] the specified
Resource(s). If $assertion is provided, then it must return true in order for
rule to apply.
Denies one or more Roles access to [certain $privileges upon] the specified
Resource(s). If $assertion is provided, then it must return true in order for
rule to apply.
Parameters
- $roles
- $resources
- $privileges
- $assertion
- assertion
Returns
|
public
Nette\Security\Permission
|
|
public
Nette\Security\Permission
|
|
protected
Nette\Security\Permission
|
#
setRule( boolean $toAdd, boolean $type, string|string[]|null $roles, string|string[]|null $resources, string|string[]|null $privileges, callable $assertion = null )
Performs operations on Access Control List rules.
Performs operations on Access Control List rules.
Parameters
- $toAdd
- add?
- $type
- type
- $roles
- $resources
- $privileges
- $assertion
- assertion
Returns
Throws
|
public
boolean
|
#
isAllowed( string|null|Nette\Security\IRole $role = Nette\Security\IAuthorizator::ALL, string|null|Nette\Security\IResource $resource = Nette\Security\IAuthorizator::ALL, string|null $privilege = Nette\Security\IAuthorizator::ALL )
Returns true if and only if the Role has access to [certain $privileges upon]
the Resource.
Returns true if and only if the Role has access to [certain $privileges upon]
the Resource.
This method checks Role inheritance using a depth-first traversal of the Role
list. The highest priority parent (i.e., the parent most recently added) is
checked first, and its respective parents are checked similarly before the
lower-priority parents of the Role are checked.
Parameters
- $role
- $resource
- $privilege
Returns
boolean
bool
Throws
Implementation of
|
public
mixed
|
#
getQueriedRole( )
Returns real currently queried Role. Use by assertion.
Returns real currently queried Role. Use by assertion.
Returns
mixed
mixed
|
public
mixed
|
#
getQueriedResource( )
Returns real currently queried Resource. Use by assertion.
Returns real currently queried Resource. Use by assertion.
Returns
mixed
mixed
|