Interface

eZ\Publish\API\Repository\PermissionResolver

interface PermissionResolver

This service provides methods for resolving permissions.

Methods

UserReference getCurrentUserReference()

Get current user reference.

setCurrentUserReference(UserReference $userReference)

Sets the current user to the given $user.

bool|array hasAccess(string $module, string $function, UserReference $userReference = null)

Returns boolean value or an array of limitations describing user's permissions on the given module and function.

bool canUser(string $module, string $function, ValueObject $object, array $targets = array())

Indicates if the current user is allowed to perform an action given by the function on the given objects.

Details

at line 22
public UserReference getCurrentUserReference()

Get current user reference.

Return Value

UserReference

at line 29
public setCurrentUserReference(UserReference $userReference)

Sets the current user to the given $user.

Parameters

UserReference $userReference

at line 44
public bool|array hasAccess(string $module, string $function, UserReference $userReference = null)

Returns boolean value or an array of limitations describing user's permissions on the given module and function.

Note: boolean value describes full access (true) or no access at all (false).

Parameters

string $module The module, aka controller identifier to check permissions on
string $function The function, aka the controller action to check permissions on
UserReference $userReference User for which the information is returned, current user will be used if null

Return Value

bool|array if limitations are on this function an array of limitations is returned

at line 67
public bool canUser(string $module, string $function, ValueObject $object, array $targets = array())

Indicates if the current user is allowed to perform an action given by the function on the given objects.

Example: canUser( 'content', 'edit', $content, $location ); This will check edit permission on content given the specific location, if skipped if will check on all locations.

Example2: canUser( 'section', 'assign', $content, $section ); Check if user has access to assign $content to $section.

Parameters

string $module The module, aka controller identifier to check permissions on
string $function The function, aka the controller action to check permissions on
ValueObject $object The object to check if the user has access to
array $targets An array of location, parent or "assignment" value objects

Return Value

bool

Exceptions

InvalidArgumentException If any of the arguments are invalid
BadStateException If value of the LimitationValue is unsupported