Acl
class Acl implements AuditableAclInterface, NotifyPropertyChanged
An ACL implementation.
Each object identity has exactly one associated ACL. Each ACL can have four different types of ACEs (class ACEs, object ACEs, class field ACEs, object field ACEs).
You should not iterate over the ACEs yourself, but instead use isGranted(), or isFieldGranted(). These will utilize an implementation of PermissionGrantingStrategy internally.
Methods
| __construct(int $id, ObjectIdentityInterface $objectIdentity, PermissionGrantingStrategyInterface $permissionGrantingStrategy, array $loadedSids, bool $entriesInheriting) | ||
| addPropertyChangedListener(PropertyChangedListener $listener) | ||
| deleteClassAce(int $index) Deletes a class-based ACE. | ||
| deleteClassFieldAce(int $index, string $field) Deletes a class-field-based ACE. | ||
| deleteObjectAce(int $index) Deletes an object-based ACE. | ||
| deleteObjectFieldAce(int $index, string $field) Deletes an object-field-based ACE. | ||
| array | getClassAces() Returns all class-based ACEs associated with this ACL. | |
| array | getClassFieldAces(string $field) Returns all class-field-based ACEs associated with this ACL. | |
| array | getObjectAces() Returns all object-based ACEs associated with this ACL. | |
| array | getObjectFieldAces(string $field) Returns all object-field-based ACEs associated with this ACL. | |
| int | getId() Returns the primary key of this ACL. | |
| ObjectIdentityInterface | getObjectIdentity() Returns the object identity associated with this ACL. | |
| AclInterface|null | getParentAcl() Returns the parent ACL, or null if there is none. | |
| insertClassAce(SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null) Inserts a class-based ACE. | ||
| insertClassFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null) Inserts a class-field-based ACE. | ||
| insertObjectAce(SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null) Inserts an object-based ACE. | ||
| insertObjectFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null) Inserts an object-field-based ACE. | ||
| bool | isEntriesInheriting() Whether this ACL is inheriting ACEs from a parent ACL. | |
| bool | isFieldGranted(string $field, array $masks, array $securityIdentities, bool $administrativeMode = false) Determines whether field access is granted. | |
| bool | isGranted(array $masks, array $securityIdentities, bool $administrativeMode = false) Determines whether access is granted. | |
| bool | isSidLoaded($sids) Whether the ACL has loaded ACEs for all of the passed security identities. | |
| string | serialize() Implementation for the \Serializable interface. | |
| unserialize(string $serialized) Implementation for the \Serializable interface. | ||
| setEntriesInheriting(bool $boolean) Sets whether entries are inherited. | ||
| setParentAcl(AclInterface $acl = null) Sets the parent ACL. | ||
| updateClassAce(int $index, int $mask, string $strategy = null) Updates a class-based ACE. | ||
| updateClassFieldAce(int $index, string $field, int $mask, string $strategy = null) Updates a class-field-based ACE. | ||
| updateObjectAce(int $index, int $mask, string $strategy = null) Updates an object-based ACE. | ||
| updateObjectFieldAce(int $index, string $field, int $mask, string $strategy = null) Updates an object-field-based ACE. | ||
| updateClassAuditing(int $index, bool $auditSuccess, bool $auditFailure) Updates auditing for class-based ACE. | ||
| updateClassFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure) Updates auditing for class-field-based ACE. | ||
| updateObjectAuditing(int $index, bool $auditSuccess, bool $auditFailure) Updates auditing for object-based ACE. | ||
| updateObjectFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure) Updates auditing for object-field-based ACE. |
Details
__construct(int $id, ObjectIdentityInterface $objectIdentity, PermissionGrantingStrategyInterface $permissionGrantingStrategy, array $loadedSids, bool $entriesInheriting)
Parameters
| int | $id | |
| ObjectIdentityInterface | $objectIdentity | |
| PermissionGrantingStrategyInterface | $permissionGrantingStrategy | |
| array | $loadedSids | |
| bool | $entriesInheriting |
addPropertyChangedListener(PropertyChangedListener $listener)
Parameters
| PropertyChangedListener | $listener |
deleteClassAce(int $index)
Deletes a class-based ACE.
Parameters
| int | $index |
deleteClassFieldAce(int $index, string $field)
Deletes a class-field-based ACE.
Parameters
| int | $index | |
| string | $field |
deleteObjectAce(int $index)
Deletes an object-based ACE.
Parameters
| int | $index |
deleteObjectFieldAce(int $index, string $field)
Deletes an object-field-based ACE.
Parameters
| int | $index | |
| string | $field |
array getClassAces()
Returns all class-based ACEs associated with this ACL.
Return Value
| array |
array getClassFieldAces(string $field)
Returns all class-field-based ACEs associated with this ACL.
Parameters
| string | $field |
Return Value
| array |
array getObjectAces()
Returns all object-based ACEs associated with this ACL.
Return Value
| array |
array getObjectFieldAces(string $field)
Returns all object-field-based ACEs associated with this ACL.
Parameters
| string | $field |
Return Value
| array |
int getId()
Returns the primary key of this ACL.
Return Value
| int |
ObjectIdentityInterface getObjectIdentity()
Returns the object identity associated with this ACL.
Return Value
| ObjectIdentityInterface |
AclInterface|null getParentAcl()
Returns the parent ACL, or null if there is none.
Return Value
| AclInterface|null |
insertClassAce(SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null)
Inserts a class-based ACE.
Parameters
| SecurityIdentityInterface | $sid | |
| int | $mask | |
| int | $index | |
| bool | $granting | |
| string | $strategy |
insertClassFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null)
Inserts a class-field-based ACE.
Parameters
| string | $field | |
| SecurityIdentityInterface | $sid | |
| int | $mask | |
| int | $index | |
| bool | $granting | |
| string | $strategy |
insertObjectAce(SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null)
Inserts an object-based ACE.
Parameters
| SecurityIdentityInterface | $sid | |
| int | $mask | |
| int | $index | |
| bool | $granting | |
| string | $strategy |
insertObjectFieldAce(string $field, SecurityIdentityInterface $sid, int $mask, int $index, bool $granting = true, string $strategy = null)
Inserts an object-field-based ACE.
Parameters
| string | $field | |
| SecurityIdentityInterface | $sid | |
| int | $mask | |
| int | $index | |
| bool | $granting | |
| string | $strategy |
bool isEntriesInheriting()
Whether this ACL is inheriting ACEs from a parent ACL.
Return Value
| bool |
bool isFieldGranted(string $field, array $masks, array $securityIdentities, bool $administrativeMode = false)
Determines whether field access is granted.
Parameters
| string | $field | |
| array | $masks | |
| array | $securityIdentities | |
| bool | $administrativeMode |
Return Value
| bool |
bool isGranted(array $masks, array $securityIdentities, bool $administrativeMode = false)
Determines whether access is granted.
Parameters
| array | $masks | |
| array | $securityIdentities | |
| bool | $administrativeMode |
Return Value
| bool |
Exceptions
| NoAceFoundException | when no ACE was applicable for this request |
bool isSidLoaded($sids)
Whether the ACL has loaded ACEs for all of the passed security identities.
Parameters
| $sids |
Return Value
| bool |
string serialize()
Implementation for the \Serializable interface.
Return Value
| string |
unserialize(string $serialized)
Implementation for the \Serializable interface.
Parameters
| string | $serialized |
setEntriesInheriting(bool $boolean)
Sets whether entries are inherited.
Parameters
| bool | $boolean |
setParentAcl(AclInterface $acl = null)
Sets the parent ACL.
Parameters
| AclInterface | $acl |
updateClassAce(int $index, int $mask, string $strategy = null)
Updates a class-based ACE.
Parameters
| int | $index | |
| int | $mask | |
| string | $strategy | if null the strategy should not be changed |
updateClassFieldAce(int $index, string $field, int $mask, string $strategy = null)
Updates a class-field-based ACE.
Parameters
| int | $index | |
| string | $field | |
| int | $mask | |
| string | $strategy | if null the strategy should not be changed |
updateObjectAce(int $index, int $mask, string $strategy = null)
Updates an object-based ACE.
Parameters
| int | $index | |
| int | $mask | |
| string | $strategy | if null the strategy should not be changed |
updateObjectFieldAce(int $index, string $field, int $mask, string $strategy = null)
Updates an object-field-based ACE.
Parameters
| int | $index | |
| string | $field | |
| int | $mask | |
| string | $strategy | if null the strategy should not be changed |
updateClassAuditing(int $index, bool $auditSuccess, bool $auditFailure)
Updates auditing for class-based ACE.
Parameters
| int | $index | |
| bool | $auditSuccess | |
| bool | $auditFailure |
updateClassFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure)
Updates auditing for class-field-based ACE.
Parameters
| int | $index | |
| string | $field | |
| bool | $auditSuccess | |
| bool | $auditFailure |
updateObjectAuditing(int $index, bool $auditSuccess, bool $auditFailure)
Updates auditing for object-based ACE.
Parameters
| int | $index | |
| bool | $auditSuccess | |
| bool | $auditFailure |
updateObjectFieldAuditing(int $index, string $field, bool $auditSuccess, bool $auditFailure)
Updates auditing for object-field-based ACE.
Parameters
| int | $index | |
| string | $field | |
| bool | $auditSuccess | |
| bool | $auditFailure |
© 2004–2017 Fabien Potencier
Licensed under the MIT License.
http://api.symfony.com/2.7/Symfony/Component/Security/Acl/Domain/Acl.html