Class

eZ\Publish\Core\SignalSlot\RoleService

class RoleService implements RoleService

RoleService class.

Methods

__construct(RoleService $service, SignalDispatcher $signalDispatcher)

Constructor.

RoleDraft createRole(RoleCreateStruct $roleCreateStruct)

Creates a new RoleDraft.

RoleDraft createRoleDraft(Role $role)

Creates a new RoleDraft for existing Role.

RoleDraft loadRoleDraft(mixed $id)

Loads a role for the given id.

RoleDraft loadRoleDraftByRoleId(mixed $roleId)

Loads a RoleDraft by the ID of the role it was created from.

RoleDraft updateRoleDraft(RoleDraft $roleDraft, RoleUpdateStruct $roleUpdateStruct)

Updates the properties of a role draft.

RoleDraft addPolicyByRoleDraft(RoleDraft $roleDraft, PolicyCreateStruct $policyCreateStruct)

Adds a new policy to the role draft.

RoleDraft removePolicyByRoleDraft(RoleDraft $roleDraft, PolicyDraft $policyDraft)

Removes a policy from a role draft.

PolicyDraft updatePolicyByRoleDraft(RoleDraft $roleDraft, PolicyDraft $policy, PolicyUpdateStruct $policyUpdateStruct)

Updates the limitations of a policy.

deleteRoleDraft(RoleDraft $roleDraft)

Deletes the given role draft.

publishRoleDraft(RoleDraft $roleDraft)

Publishes a given Role draft.

Role updateRole(Role $role, RoleUpdateStruct $roleUpdateStruct)

Updates the name of the role.

Role addPolicy(Role $role, PolicyCreateStruct $policyCreateStruct)

Adds a new policy to the role.

deletePolicy(Policy $policy)

Delete a policy.

Policy updatePolicy(Policy $policy, PolicyUpdateStruct $policyUpdateStruct)

Updates the limitations of a policy.

Role loadRole(mixed $id)

Loads a role for the given id.

Role loadRoleByIdentifier(string $identifier)

Loads a role for the given identifier.

Role[] loadRoles()

Loads all roles.

deleteRole(Role $role)

Deletes the given role.

Policy[] loadPoliciesByUserId(mixed $userId)

Loads all policies from roles which are assigned to a user or to user groups to which the user belongs.

assignRoleToUserGroup(Role $role, UserGroup $userGroup, RoleLimitation $roleLimitation = null)

Assigns a role to the given user group.

unassignRoleFromUserGroup(Role $role, UserGroup $userGroup)

removes a role from the given user group.

assignRoleToUser(Role $role, User $user, RoleLimitation $roleLimitation = null)

Assigns a role to the given user.

unassignRoleFromUser(Role $role, User $user)

removes a role from the given user.

removeRoleAssignment(RoleAssignment $roleAssignment)

Removes the given role assignment.

RoleAssignment loadRoleAssignment(mixed $roleAssignmentId)

Loads a role assignment for the given id.

RoleAssignment[] getRoleAssignments(Role $role)

Returns the assigned user and user groups to this role.

UserRoleAssignment[]|UserGroupRoleAssignment[] getRoleAssignmentsForUser(User $user, bool $inherited = false)

UserGroupRoleAssignment[] getRoleAssignmentsForUserGroup(UserGroup $userGroup)

Returns the roles assigned to the given user group.

RoleCreateStruct newRoleCreateStruct(string $name)

Instantiates a role create class.

PolicyCreateStruct newPolicyCreateStruct(string $module, string $function)

Instantiates a policy create class.

PolicyUpdateStruct newPolicyUpdateStruct()

Instantiates a policy update class.

RoleUpdateStruct newRoleUpdateStruct()

Instantiates a policy update class.

Type getLimitationType(string $identifier)

Returns the LimitationType registered with the given identifier.

Type[] getLimitationTypesByModuleFunction(string $module, string $function)

Returns the LimitationType's assigned to a given module/function.

Details

at line 70
public __construct(RoleService $service, SignalDispatcher $signalDispatcher)

Constructor.

Construct service object from aggregated service and signal dispatcher

Parameters

RoleService $service
SignalDispatcher $signalDispatcher

at line 91
public RoleDraft createRole(RoleCreateStruct $roleCreateStruct)

Creates a new RoleDraft.

Parameters

RoleCreateStruct $roleCreateStruct

Return Value

RoleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to create a role
InvalidArgumentException if the name of the role already exists or if limitation of the same type is repeated in the policy create struct or if limitation is not allowed on module/function
LimitationValidationException if a policy limitation in the $roleCreateStruct is not valid

at line 118
public RoleDraft createRoleDraft(Role $role)

Creates a new RoleDraft for existing Role.

Parameters

Role $role

Return Value

RoleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to create a role
InvalidArgumentException if the Role already has a Role Draft that will need to be removed first
LimitationValidationException if a policy limitation in the $roleCreateStruct is not valid

at line 144
public RoleDraft loadRoleDraft(mixed $id)

Loads a role for the given id.

Parameters

mixed $id

Return Value

RoleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to read this role
NotFoundException if a role with the given id was not found

at line 159
public RoleDraft loadRoleDraftByRoleId(mixed $roleId)

Loads a RoleDraft by the ID of the role it was created from.

Parameters

mixed $roleId ID of the role the draft was created from.

Return Value

RoleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to read this role
NotFoundException if a RoleDraft with the given id was not found

at line 177
public RoleDraft updateRoleDraft(RoleDraft $roleDraft, RoleUpdateStruct $roleUpdateStruct)

Updates the properties of a role draft.

Parameters

RoleDraft $roleDraft
RoleUpdateStruct $roleUpdateStruct

Return Value

RoleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to update a role
InvalidArgumentException if the identifier of the role already exists

at line 206
public RoleDraft addPolicyByRoleDraft(RoleDraft $roleDraft, PolicyCreateStruct $policyCreateStruct)

Adds a new policy to the role draft.

Parameters

RoleDraft $roleDraft
PolicyCreateStruct $policyCreateStruct

Return Value

RoleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to add a policy
InvalidArgumentException if limitation of the same type is repeated in policy create struct or if limitation is not allowed on module/function
LimitationValidationException if a limitation in the $policyCreateStruct is not valid

at line 233
public RoleDraft removePolicyByRoleDraft(RoleDraft $roleDraft, PolicyDraft $policyDraft)

Removes a policy from a role draft.

Parameters

RoleDraft $roleDraft
PolicyDraft $policyDraft the policy to remove from the role

Return Value

RoleDraft if the authenticated user is not allowed to remove a policy

Exceptions

UnauthorizedException if the authenticated user is not allowed to remove a policy
InvalidArgumentException if policy does not belong to the given RoleDraft

at line 265
public PolicyDraft updatePolicyByRoleDraft(RoleDraft $roleDraft, PolicyDraft $policy, PolicyUpdateStruct $policyUpdateStruct)

Updates the limitations of a policy.

The module and function cannot be changed and the limitations are replaced by the ones in $roleUpdateStruct.

Parameters

RoleDraft $roleDraft
PolicyDraft $policy
PolicyUpdateStruct $policyUpdateStruct

Return Value

PolicyDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to update a policy
InvalidArgumentException if limitation of the same type is repeated in policy update struct or if limitation is not allowed on module/function
LimitationValidationException if a limitation in the $policyUpdateStruct is not valid

at line 288
public deleteRoleDraft(RoleDraft $roleDraft)

Deletes the given role draft.

Parameters

RoleDraft $roleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to delete this role

at line 311
public publishRoleDraft(RoleDraft $roleDraft)

Publishes a given Role draft.

Parameters

RoleDraft $roleDraft

Exceptions

UnauthorizedException if the authenticated user is not allowed to publish this role

at line 338
public Role updateRole(Role $role, RoleUpdateStruct $roleUpdateStruct)

Updates the name of the role.

Parameters

Role $role
RoleUpdateStruct $roleUpdateStruct

Return Value

Role

Exceptions

UnauthorizedException if the authenticated user is not allowed to update a role
InvalidArgumentException if the name of the role already exists

at line 367
public Role addPolicy(Role $role, PolicyCreateStruct $policyCreateStruct)

Adds a new policy to the role.

Parameters

Role $role
PolicyCreateStruct $policyCreateStruct

Return Value

Role

Exceptions

UnauthorizedException if the authenticated user is not allowed to add a policy
InvalidArgumentException if limitation of the same type is repeated in policy create struct or if limitation is not allowed on module/function
LimitationValidationException if a limitation in the $policyCreateStruct is not valid

at line 391
public deletePolicy(Policy $policy)

Delete a policy.

Parameters

Policy $policy the policy to delete

Exceptions

UnauthorizedException if the authenticated user is not allowed to remove a policy

at line 422
public Policy updatePolicy(Policy $policy, PolicyUpdateStruct $policyUpdateStruct)

Updates the limitations of a policy.

The module and function cannot be changed and the limitations are replaced by the ones in $roleUpdateStruct.

Parameters

Policy $policy
PolicyUpdateStruct $policyUpdateStruct

Return Value

Policy

Exceptions

UnauthorizedException if the authenticated user is not allowed to update a policy
InvalidArgumentException if limitation of the same type is repeated in policy update struct or if limitation is not allowed on module/function
LimitationValidationException if a limitation in the $policyUpdateStruct is not valid

at line 446
public Role loadRole(mixed $id)

Loads a role for the given id.

Parameters

mixed $id

Return Value

Role

Exceptions

UnauthorizedException if the authenticated user is not allowed to read this role
NotFoundException if a role with the given name was not found

at line 461
public Role loadRoleByIdentifier(string $identifier)

Loads a role for the given identifier.

Parameters

string $identifier

Return Value

Role

Exceptions

UnauthorizedException if the authenticated user is not allowed to read this role
NotFoundException if a role with the given name was not found

at line 473
public Role[] loadRoles()

Loads all roles.

Return Value

Role[]

Exceptions

UnauthorizedException if the authenticated user is not allowed to read the roles

at line 485
public deleteRole(Role $role)

Deletes the given role.

Parameters

Role $role

Exceptions

UnauthorizedException if the authenticated user is not allowed to delete this role

at line 508
public Policy[] loadPoliciesByUserId(mixed $userId)

Loads all policies from roles which are assigned to a user or to user groups to which the user belongs.

Parameters

mixed $userId

Return Value

Policy[]

Exceptions

NotFoundException if a user with the given id was not found

at line 523
public assignRoleToUserGroup(Role $role, UserGroup $userGroup, RoleLimitation $roleLimitation = null)

Assigns a role to the given user group.

Parameters

Role $role
UserGroup $userGroup
RoleLimitation $roleLimitation an optional role limitation (which is either a subtree limitation or section limitation)

Exceptions

UnauthorizedException if the authenticated user is not allowed to assign a role
LimitationValidationException if $roleLimitation is not valid

at line 548
public unassignRoleFromUserGroup(Role $role, UserGroup $userGroup)

removes a role from the given user group.

Parameters

Role $role
UserGroup $userGroup

Exceptions

UnauthorizedException if the authenticated user is not allowed to remove a role
InvalidArgumentException If the role is not assigned to the given user group

at line 573
public assignRoleToUser(Role $role, User $user, RoleLimitation $roleLimitation = null)

Assigns a role to the given user.

Parameters

Role $role
User $user
RoleLimitation $roleLimitation an optional role limitation (which is either a subtree limitation or section limitation)

Exceptions

UnauthorizedException if the authenticated user is not allowed to assign a role
LimitationValidationException if $roleLimitation is not valid

at line 598
public unassignRoleFromUser(Role $role, User $user)

removes a role from the given user.

Parameters

Role $role
User $user

Exceptions

UnauthorizedException if the authenticated user is not allowed to remove a role
InvalidArgumentException If the role is not assigned to the user

at line 620
public removeRoleAssignment(RoleAssignment $roleAssignment)

Removes the given role assignment.

Parameters

RoleAssignment $roleAssignment

Exceptions

UnauthorizedException if the authenticated user is not allowed to remove a role assignment

at line 642
public RoleAssignment loadRoleAssignment(mixed $roleAssignmentId)

Loads a role assignment for the given id.

Parameters

mixed $roleAssignmentId

Return Value

RoleAssignment

Exceptions

UnauthorizedException if the authenticated user is not allowed to read this role
NotFoundException If the role assignment was not found

at line 656
public RoleAssignment[] getRoleAssignments(Role $role)

Returns the assigned user and user groups to this role.

Parameters

Role $role

Return Value

RoleAssignment[]

Exceptions

UnauthorizedException if the authenticated user is not allowed to read a role

at line 664
public UserRoleAssignment[]|UserGroupRoleAssignment[] getRoleAssignmentsForUser(User $user, bool $inherited = false)

Parameters

User $user
bool $inherited Also return all inherited Roles from UserGroups User belongs to, and it's parents.

Return Value

UserRoleAssignment[]|UserGroupRoleAssignment[]

See also

\eZ\Publish\API\Repository\RoleService::getRoleAssignmentsForUser()

at line 678
public UserGroupRoleAssignment[] getRoleAssignmentsForUserGroup(UserGroup $userGroup)

Returns the roles assigned to the given user group.

Parameters

UserGroup $userGroup

Return Value

UserGroupRoleAssignment[]

Exceptions

UnauthorizedException if the authenticated user is not allowed to read a user group

at line 690
public RoleCreateStruct newRoleCreateStruct(string $name)

Instantiates a role create class.

Parameters

string $name

Return Value

RoleCreateStruct

at line 703
public PolicyCreateStruct newPolicyCreateStruct(string $module, string $function)

Instantiates a policy create class.

Parameters

string $module
string $function

Return Value

PolicyCreateStruct

at line 713
public PolicyUpdateStruct newPolicyUpdateStruct()

Instantiates a policy update class.

Return Value

PolicyUpdateStruct

at line 723
public RoleUpdateStruct newRoleUpdateStruct()

Instantiates a policy update class.

Return Value

RoleUpdateStruct

at line 737
public Type getLimitationType(string $identifier)

Returns the LimitationType registered with the given identifier.

Parameters

string $identifier

Return Value

Type

Exceptions

NotFoundException if there is no LimitationType with $identifier

at line 757
public Type[] getLimitationTypesByModuleFunction(string $module, string $function)

Returns the LimitationType's assigned to a given module/function.

Typically used for: - Internal validation limitation value use on Policies - Role admin gui for editing policy limitations incl list limitation options via valueSchema()

Parameters

string $module Legacy name of "controller", it's a unique identifier like "content"
string $function Legacy name of a controller "action", it's a unique within the controller like "read"

Return Value

Type[]

Exceptions

BadStateException If module/function to limitation type mapping refers to a non existing identifier.