Class

eZ\Publish\Core\Repository\Permission\PermissionResolver

class PermissionResolver implements PermissionResolver

Core implementation of PermissionResolver interface.

Methods

__construct(RoleDomainMapper $roleDomainMapper, LimitationService $limitationService, Handler $userHandler, UserReference $userReference)

UserReference getCurrentUserReference()

Get current user reference.

setCurrentUserReference(UserReference $userReference)

Sets the current user to the given $user.

bool|array hasAccess(string $module, string $function, UserReference $userReference = null)

Returns boolean value or an array of limitations describing user's permissions on the given module and function.

bool canUser(string $module, string $function, ValueObject $object, array $targets = array())

Indicates if the current user is allowed to perform an action given by the function on the given objects.

mixed sudo(Closure $callback, Repository $outerRepository)

Details

at line 61
public __construct(RoleDomainMapper $roleDomainMapper, LimitationService $limitationService, Handler $userHandler, UserReference $userReference)

Parameters

RoleDomainMapper $roleDomainMapper
LimitationService $limitationService
Handler $userHandler
UserReference $userReference

at line 73
public UserReference getCurrentUserReference()

Get current user reference.

Return Value

UserReference

at line 78
public setCurrentUserReference(UserReference $userReference)

Sets the current user to the given $user.

Parameters

UserReference $userReference

at line 88
public bool|array hasAccess(string $module, string $function, UserReference $userReference = null)

Returns boolean value or an array of limitations describing user's permissions on the given module and function.

Note: boolean value describes full access (true) or no access at all (false).

Parameters

string $module The module, aka controller identifier to check permissions on
string $function The function, aka the controller action to check permissions on
UserReference $userReference User for which the information is returned, current user will be used if null

Return Value

bool|array if limitations are on this function an array of limitations is returned

at line 148
public bool canUser(string $module, string $function, ValueObject $object, array $targets = array())

Indicates if the current user is allowed to perform an action given by the function on the given objects.

Example: canUser( 'content', 'edit', $content, $location ); This will check edit permission on content given the specific location, if skipped if will check on all locations.

Example2: canUser( 'section', 'assign', $content, $section ); Check if user has access to assign $content to $section.

Parameters

string $module The module, aka controller identifier to check permissions on
string $function The function, aka the controller action to check permissions on
ValueObject $object The object to check if the user has access to
array $targets An array of location, parent or "assignment" value objects

Return Value

bool

Exceptions

InvalidArgumentException If any of the arguments are invalid
BadStateException If value of the LimitationValue is unsupported

at line 252
public mixed sudo(Closure $callback, Repository $outerRepository)

Parameters

Closure $callback
Repository $outerRepository

Return Value

mixed

Exceptions

RuntimeException Thrown on recursive sudo() use.
Exception Re throws exceptions thrown inside $callback