Index

  1. \com\setasign\Konquadrat
    1. Permission
      1. DefaultPermissions
      2. PermissionControl
      3. PermissionsInterface
      4. ResourceDefinitionManager
      5. UnknownResourceException

com\setasign\Konquadrat\Permission

PermissionControl Class PermissionControl

File: /Konquadrat/src/Permission/PermissionControl.php

Class hierarchy

Implements

  • \Psr\Log\LoggerAwareInterface
  • \com\setasign\SetaFramework\Permissions\HasPermissionsInterface

Summary

Methods

Properties

Properties

$logger

protected ?\Psr\Log\LoggerInterface \com\setasign\SetaFramework\Permissions\PermissionControl::$logger

$queryFilter

private ?callable PermissionControl::$queryFilter

$resourceDefinitionManager

private PermissionControl::$resourceDefinitionManager

Methods

__construct()

public PermissionControl::__construct (
ResourceDefinitionManager $resourceDefinitionManager
)
Parameters
$resourceDefinitionManager : ResourceDefinitionManager
 

__sleep()

public PermissionControl::__sleep (
void
): void

addRole()

public \com\setasign\SetaFramework\Permissions\PermissionControl::addRole (
\com\setasign\SetaFramework\Permissions\Role $role
): void

Adds a role to the $roles array

Parameters
$role : \com\setasign\SetaFramework\Permissions\Role
 

allow()

public \com\setasign\SetaFramework\Permissions\PermissionControl::allow (
\com\setasign\SetaFramework\Permissions\ResourceDefinition $resource,
array|string|callable|null $actionsOrCallback = null
): void

Allow one or more actions of a resource

Parameters
$resource : \com\setasign\SetaFramework\Permissions\ResourceDefinition
 
$actionsOrCallback : array|string|callable|null
 
Exceptions

Throws \InvalidArgumentException

checkOwnPermissions()

protected \com\setasign\SetaFramework\Permissions\PermissionControl::checkOwnPermissions (
string $name,
string $actionName,
?object $object
): int
Parameters
$name : string
  • the ResourceDefinition name
$actionName : string
  • the action name
$object : ?object
  • the allowed/denied object
Return Values
  • 1 : allowed, -1 : denied

checkRolesPermissions()

protected \com\setasign\SetaFramework\Permissions\PermissionControl::checkRolesPermissions (
object|string|\com\setasign\SetaFramework\Permissions\ResourceDefinition $nameOrObject,
string $action
): int
Parameters
$nameOrObject : object|string|\com\setasign\SetaFramework\Permissions\ResourceDefinition
 
$action : string
 

deny()

public \com\setasign\SetaFramework\Permissions\PermissionControl::deny (
\com\setasign\SetaFramework\Permissions\ResourceDefinition $resource,
array|string|callable|null $actionsOrCallback = null
): void

Deny one or more actions of a resource

Parameters
$resource : \com\setasign\SetaFramework\Permissions\ResourceDefinition
 
$actionsOrCallback : array|string|callable|null
 
Exceptions

Throws \InvalidArgumentException

filterQuery()

public PermissionControl::filterQuery (
\com\setasign\SetaFramework\Database\Query\Select $query,
?string $type
): void
Parameters
$query : \com\setasign\SetaFramework\Database\Query\Select
 
$type : ?string
 

getIndividualPermissions()

public \com\setasign\SetaFramework\Permissions\PermissionControl::getIndividualPermissions (
void
): array

Get all individual permissions that are defined in the $actions array

getResourceDefinitionManager()

public PermissionControl::getResourceDefinitionManager (
void
): ResourceDefinitionManager

getRoles()

public \com\setasign\SetaFramework\Permissions\PermissionControl::getRoles (
void
): array

Gets all added roles

isAllowed()

public \com\setasign\SetaFramework\Permissions\PermissionControl::isAllowed (
object|string|\com\setasign\SetaFramework\Permissions\ResourceDefinition $nameOrObject,
string $action
): bool

Checks whether a action of a resource is allowed

Parameters
$nameOrObject : object|string|\com\setasign\SetaFramework\Permissions\ResourceDefinition
 
$action : string
 

requirePermission()

public \com\setasign\SetaFramework\Permissions\PermissionControl::requirePermission (
object|string|\com\setasign\SetaFramework\Permissions\ResourceDefinition $nameOrObject,
string $action
): void

Checks whether a action of a resource is allowed and if not an exception will be thrown

Parameters
$nameOrObject : object|string|\com\setasign\SetaFramework\Permissions\ResourceDefinition
 
$action : string
 
Exceptions

Throws \com\setasign\SetaFramework\Permissions\PermissionException If the permission is rejected!

resolveObject()

protected \com\setasign\SetaFramework\Permissions\PermissionControl::resolveObject (
\com\setasign\SetaFramework\Permissions\ResourceDefinition|object $object
): ?string
Parameters
$object : \com\setasign\SetaFramework\Permissions\ResourceDefinition|object
 

setLogger()

public \com\setasign\SetaFramework\Permissions\PermissionControl::setLogger (
\Psr\Log\LoggerInterface $logger
): void

Sets a logger instance on the object.

Parameters
$logger : \Psr\Log\LoggerInterface
 

setupQueryFilter()

public PermissionControl::setupQueryFilter (
callable $callback
): void
Parameters
$callback : callable

Params: Select $query, string $type


© 2025 Setasign GmbH & Co. KG · Contact / Imprint · Data Privacy Statement (German)